Photo by Moritz Kindler on Unsplash
If you’ve ever gotten a sketchy text saying you owe a toll or missed a delivery, you’re not alone. And chances are, you were a target of one of the most relentless scam operations in recent years.
These aren’t just annoying texts. They’re scammers posing as legit services—postal companies, government alerts, even tech giants—sending messages with fake links. Click on one, and you land on a phishing page that looks eerily real. Type in your credit card info, and boom—your data is gone.
—
A Scam with a Face—and a Cat Photo
Photo by Jonathan Borba on Unsplash
Security researchers and journalists recently unmasked one of the main forces behind this wave: a 24-year-old Chinese developer named Yucheng C., who went by the online handle “Darcula.” He built a tool called Magic Cat that hundreds of scammers used to run their shady campaigns.
Magic Cat was no hobby project. Over just seven months in 2024, Darcula’s software helped steal at least 884,000 credit card numbers. That’s not a typo. Some victims lost thousands of dollars, all from falling for a single fake text.
Ironically, one of the most prolific scammers on the internet had a profile picture of a fluffy white cat lounging on a couch.
—
When Magic Cat Disappeared, Magic Mouse Took Over
After being unmasked, Darcula disappeared. His Magic Cat operation stopped getting updates, leaving his customers scrambling.
But the vacuum didn’t last long.
A new scam emerged: Magic Mouse. And it’s even faster, bigger, and more aggressive. According to Harrison Sand, an offensive security consultant at the Oslo-based cybersecurity firm Mnemonic, Magic Mouse is now responsible for stealing at least 650,000 credit card numbers every single month.
That’s nearly 8 million stolen cards a year if the pace keeps up.
—
Same Tricks, New Hands
While Magic Mouse is a new operation—with different developers and no clear link to Darcula—it’s built on stolen blueprints. Specifically, it’s using the same phishing kits Magic Cat made popular.
These kits aren’t basic. They include hundreds of fake websites that mimic the look and feel of real sites from delivery companies, government pages, and major tech services. The goal? Trick users into handing over sensitive information without a second thought.
—
The Hardware Behind the Hustle
Photo by Brandon. on Unsplash
Mnemonic researchers found photos and videos inside a Telegram channel tied to Darcula’s old operation. They show:
- Racks of phones sending scam messages at scale
- Payment terminals ready to use stolen card details
- Mobile wallets on phones overflowing with victims’ credit cards
Scammers use these loaded phones to make mobile payments, launder money, and move funds through different bank accounts—without ever having to step into a store.
—
Why Is This Still Happening?
Despite the scale of the fraud, law enforcement isn’t moving fast. According to Sand, most cases never go beyond local fraud reports. The broader picture—the massive, organized infrastructure behind these scams—is often ignored.
That leaves major tech companies and banks scrambling on the defense, often after people have lost real money.
And for everyday folks like us? The best defense is pretty low-tech.
If a text looks fishy—about a package you never ordered or a toll you didn’t remember—don’t click. Just delete it.
—
The Bottom Line
Magic Mouse might be new, but the scam is old: bait, click, steal. What’s changed is the scale, the sophistication, and the speed.
For now, it’s up to us to stay skeptical—and a bit more careful—when that next unexpected text lands in our inbox.
Because behind every friendly delivery alert might just be another scammer, one click away from emptying your wallet.
Keywords: phishing scam, Magic Cat, Magic Mouse, credit card fraud, cybercrime
