"Magic Mouse" Scam Steals 650,000 Credit Cards Every Month

After the high-profile takedown of the global “Magic Cat” scam that targeted mobile users worldwide, a new and even more dangerous player has emerged on the cybercrime scene: “Magic Mouse”. This advanced phishing network is now believed to be responsible for the theft of more than 650,000 credit cards every single month, making it one of the most active and damaging financial fraud operations in the world today.

From "Magic Cat" to "Magic Mouse": A New Generation of Fraud

Earlier this year, cybersecurity researchers in Norway—working with international security firms—exposed the mastermind behind “Magic Cat,” a sophisticated SMS phishing scheme. The suspect, 24-year-old Chinese national Yuqing S., developed specialized phishing tools that were sold to clients running large-scale scam campaigns.

Following his disappearance and the collapse of the Magic Cat operation, opportunistic cybercriminals stepped in to exploit the tools and infrastructure left behind. By rebranding the old technology and refining its capabilities, they launched their own operation under the name “Magic Mouse,” according to a TechCrunch report reviewed by Al Arabiya Business.

How the "Magic Mouse" Scam Works

Speaking at the Def Con security conference, Harrison Sand from cybersecurity company Mnemonic revealed that Magic Mouse attackers send out carefully crafted text messages that appear to come from trusted sources such as courier services or government agencies. These messages include malicious links leading to phishing websites designed to mimic well-known platforms.

Once a victim enters their personal and payment details, the stolen information is immediately harvested. The credit card data is then used to make fraudulent purchases or transfer funds to digital wallets controlled by the scammers.

Leaked images from channels operated by Magic Mouse controllers show dozens of smartphones linked to automated messaging systems, as well as specialized payment terminals loaded with stolen card details—ready for immediate use.

Scale of the Threat

Estimates suggest that the Magic Mouse operation is currently responsible for the theft of around 650,000 credit cards each month. This staggering volume highlights the industrial scale of the network and its growing impact on individuals and financial institutions worldwide.

What makes the threat even more concerning is its rapid evolution. By leveraging proven phishing methods, reusing high-quality cloned websites, and automating outreach through massive SMS campaigns, Magic Mouse has become one of the most efficient cybercrime operations in recent years.

Why the Scam Persists

Despite its size, enforcement efforts remain fragmented. Law enforcement agencies are still primarily responding to individual reports rather than mounting coordinated global takedowns. Meanwhile, financial institutions and tech companies have been criticized for failing to implement stronger safeguards that could block the use of stolen cards before transactions are processed.

Cybersecurity experts emphasize that without a multi-layered approach—including real-time fraud detection, better public awareness, and faster cross-border cooperation—the Magic Mouse network will likely continue to grow in sophistication and reach.

Protecting Yourself from SMS Phishing

For consumers, the most effective defense remains vigilance. Always verify the sender of any unsolicited text message, especially those containing links. Avoid entering sensitive information through links sent via SMS, and whenever possible, access official websites by typing their address directly into your browser.

Given the scale and speed of scams like Magic Mouse, individual awareness combined with institutional action is crucial t