And the hosts?
Those SMS spams aren't linking to untouchable foreign servers. They're not transient accounts that are gone before you find them. It's a solid infrastructure built up using Namecheap, Cloudflare, Amazon, Salesforce, Google, Genesis 2, and probably more that I don't see in my daily spams for credit card phishing. The hosts all know what they have and chose to continue.
[For Reg mods that need proof when Cloudflare is mentioned, open a private browsing window, turn on request logging, set the browser to identify as a mobile device, and open "mNl0u.com/86qhp5Ys". Use test credit card numbers to advance through the scammer's network. That's one of the larger scam infras. ]
Biting the hand that feeds IT
