Article Details
Scrape Timestamp (UTC): 2024-04-12 18:56:31.457
Original Article Text
Click to Toggle View
FBI warns of massive wave of road toll SMS phishing attacks. On Friday, the Federal Bureau of Investigation warned of a massive ongoing wave of SMS phishing attacks targeting Americans with lures regarding unpaid road toll fees. These attacks started last month, and the federal law enforcement agency says thousands of people have already reported that the scammers have targeted them. "Since early-March 2024, the FBI Internet Crime Complaint Center (IC3) has received over 2,000 complaints reporting smishing texts representing road toll collection service from at least three states," the FBI explained in a public service announcement published today. While the mobile phishing campaign has yet to reach some U.S. regions, this can be explained by the fact that complaint information collected so far by IC3 indicates the scam may be moving from state to state. The FBI says the malicious text messages claim the recipient owes money for unpaid tolls and contain almost identical language. For instance, all reports mention the attackers using "outstanding toll amount" to trick the targets into clicking an embedded hyperlink. "However, the link provided within the text is created to impersonate the state's toll service name, and phone numbers appear to change between states," the FBI explains. Pennsylvania Turnpike, one of the road toll services whose customers were targeted in these attacks, cautioned those receiving the phishing messages not to tap the links. "Some customers have received phishing-attempt text messages claiming to be from the PA Turnpike's toll services. If you receive such a text, providing you with a link to pay an outstanding toll, do not click on the link, and delete the text," the service said on Monday. "BE AWARE: We have received multiple concerns regarding the attached scam text message in our area. This link will send you to a fake Turnpike website and collect your information!" the Pennsylvania State Police also warned. While the FBI did not mention E-ZPass in today's PSA (a toll collection system used across Eastern, Midwestern, and Southern United States), BleepingComputer is aware that the threat actors have also been targeting E-ZPass customers since March. The FBI asked those who receive one of these SMS phishing messages to:
Daily Brief Summary
The FBI issued a warning about an extensive SMS phishing operation targeting U.S. citizens with fake unpaid road toll notifications.
This phishing wave began last month, and has already impacted thousands, based on over 2,000 complaints lodged with the FBI's Internet Crime Complaint Center (IC3).
Scammers are sending texts claiming recipients owe money for road tolls, using consistent language like "outstanding toll amount" across different states.
The fraudulent messages include a hyperlink that mimics state toll services, but the URLs and phone numbers are altered to deceive victims into providing personal information.
Pennsylvania Turnpike warned its customers against clicking on links in similar phishing texts, underscoring the growing concern among state agencies.
The FBI has noted the geographic spread of this scam, moving from state to state, with some areas yet to report incidents.
Federal authorities are urging those who receive these phishing texts to immediately report them and avoid clicking on any included links.