Phishing/Vishing/Smishing

April 1, 2025 — West Houston

Impress IT Solutions, a leading cybersecurity and IT support provider in West Houston, is alerting local businesses to a dangerous new trend in cybercrime: a global phishing-as-a-service (PhaaS) platform known as Lucid. This highly advanced platform has already targeted 169 organizations across 88 countries, and now, the threat is inching closer to home.

Lucid operates by sending smishing (SMS phishing) messages through Apple iMessage and Android RCS (Rich Communication Services)—modern messaging systems that often bypass traditional SMS filters. Unlike typical phishing operations that rely on mass text messaging, Lucid uses trusted communication channels, making detection more difficult and increasing the likelihood that victims will fall for the scam.

“The Lucid platform represents a major shift in the phishing landscape,” said the cybersecurity team at Impress IT Solutions. “It’s stealthy, scalable, and engineered to outsmart traditional defenses. Local businesses—especially those handling sensitive financial or customer data—need to be proactive.”

Smishing Through Trusted Channels

What makes Lucid particularly alarming is its abuse of messaging systems that people trust. By using temporary Apple IDs with impersonated names and carrier-specific flaws in RCS protocols, attackers make their messages look legitimate. They prompt victims to click links or reply with simple commands like “Y,” initiating a two-way interaction designed to steal sensitive data.

The end goal? Harvesting credit card numberspersonally identifiable information (PII), and other valuable data—often by impersonating services like courier companies, tax refund agencies, and toll authorities.

A Global Network with a Local Threat

The Lucid PhaaS platform is believed to be operated by a Chinese-speaking group called XinXin, who are also behind other phishing tools like Lighthouse and Darcula—the latter capable of cloning nearly any brand’s website to perfection. The Lucid campaign uses backend iPhone device farms and Windows-based emulators to send out hundreds of thousands of scam messages, fueled by phone numbers leaked from breaches and cybercrime forums.

Real-time phishing dashboards allow attackers to monitor victim activitytrack interactions, and verify stolen data, all within a slick panel built on open-source frameworks.

West Houston: Why Local Businesses Should Care

While this may sound like a global issue, Impress IT Solutions wants to stress that West Houston companies are not immune. With phishing campaigns targeting the U.S. at scale, and with automation and data leaks making it easier than ever for attackers to cast a wide net, every business in West Houston could be a potential target.

“We’ve already helped companies in the area identify and mitigate smishing attempts that used similar tactics,” said Impress IT Solutions. “The sophistication of these campaigns means small to mid-sized businesses need enterprise-grade protections—and that’s where we come in.”

Impress IT Solutions’ Advice for Defense

To stay ahead of evolving threats like Lucid, Impress IT Solutions recommends that West Houston businesses:

  • Implement advanced email and message filtering tools
  • Use multi-factor authentication (MFA) across all accounts
  • Train employees to recognize phishing attempts, even on mobile
  • Partner with a trusted cybersecurity provider for real-time monitoring and rapid response

If your company has noticed suspicious messages or is unsure about its current protections, Impress IT Solutions is ready to help. With a proactive approach and deep local expertise, we’re committed to keeping West Houston safe from the latest cyber threats.

 

Email Security

Protect Your Business from Cyber Threats with AI-Driven Security and Real-Time Alerts