Dont be too quick to believe a message that claims you have an unpaid toll
of ConsumerAffairsTolls roads and bridges have phased out human toll collectors in recent years in favor of automation. In addition to E-ZPass, toll stations also photograph a non-subscribers license plate and send them a bill.
That cost-saving feature, however, has opened the floodgates for scammers.
According to a report by KrebsOnSecurity, Americans are being bombarded with fraudulent text messages claiming to be from toll road operators like E-ZPass. These messages warn recipients of potential fines for unpaid toll fees, a tactic designed to extract sensitive financial information.
The surge in these SMS phishing, or "smishing," attacks coincides with the introduction of new features in a commercial phishing kit sold in China, which facilitates the creation of convincing scams mimicking toll operators in various U.S. states.
Warning from Massachusetts
Recently, the Massachusetts Department of Transportation issued a warning about a new smishing scam targeting users of its EZDriveMA electronic tolling program. Victims of this scam are prompted to provide payment card details and a one-time password sent via SMS or a mobile authentication app.
Similar phishing attacks have been reported in other states, including Florida, where scammers spoofed Sunpass, the state's prepaid toll program. Texas residents have also received messages about unpaid tolls from the North Texas Toll Authority.
Reports of these scams have emerged from California, Colorado, Connecticut, Minnesota, and Washington, highlighting the widespread nature of the threat.
DIY phishing kits
Krebs On Security noted that these phishing attacks are linked to the release of new phishing kit capabilities that closely mimic toll operator websites on mobile devices. Notably, these phishing pages only load when accessed from a mobile device, increasing their effectiveness.
Ford Merrill, a security researcher at SecAlliance, a CSIS Security Group company, said there has been a significant increase in SMS phishing attacks spoofing toll operators after the New Year. This rise is attributed to a Chinese cybercriminal group known for selling advanced SMS phishing kits, which now include pages designed to impersonate toll operators across the U.S.
Merrill explained that multiple China-based cybercriminals are selling distinct SMS-based phishing kits to hundreds or thousands of customers. The goal is to gather enough information to add victims' payment cards to mobile wallets for use in physical stores, online or to launder money through shell companies.
Traditionally, these phishing tools have impersonated shipping companies, customs authorities, and governments with various scams. The shift to toll scams represents a new twist on an existing strategy.
The selection criteria for targets remain unclear, with MassDOT noting that targeted phone numbers appear random and not linked to toll road usage. Some recipients, like a reader on Mastodon, reported receiving these messages despite not owning a vehicle.
Authorities advise ignoring or deleting such messages and reporting them to the FBI's Internet Crime Complaint Center (IC3) with details of the originating phone number and website.
Photo Credit: Consumer Affairs News Department Images
Posted: 2025-01-29 15:26:50
