A surge in smishing attacks targeting E-ZPass users with fake toll bills.\n- Texts are crafted using phishing kits, and attackers are registering thousands of domains to mimic state toll agencies.\n- The goal is to steal credit card information and potentially commit identity theft.\n- This attack has been reported on a global scale.\n- Why this matters: This scam can lead to financial loss and identity theft for unsuspecting individuals. The widespread nature of the attack increases the likelihood of people falling victim.
The scam involves text messages claiming the recipient owes money for unpaid tolls. The texts often have similar language and outstanding amounts, but the links are designed to impersonate state toll service names. Attackers register numerous domains to mimic agencies and lure clicks. Many of these domains use Chinese top-level domains (.TOP, .CYOU, .XIN). The scale of the attack is described as astronomical, with billions of spam texts sent in February 2025 alone. The primary goal isn't the small toll fee, but rather to obtain credit card numbers and even steal identities.
Q: What is smishing? - A: Smishing is a type of phishing attack that uses text messages to trick victims into providing personal information or clicking on malicious links.\nQ: How can I tell if an E-ZPass text is fake? - A: Look for unusual sender numbers, urgent language, suspicious links, and requests for personal info. E-ZPass will never ask for payment or personal information via text.
Be skeptical of unexpected texts about toll violations.\n- Never click on links in unsolicited texts.\n- Verify toll notices through official channels.\n- Report suspicious texts to the FBI’s IC3 or the FTC.\n- If you clicked a link, check accounts, change key passwords, dispute charges with the bank and inform toll agency.
Do you think this trend will last? Let us know! Share this article with others who need to stay ahead of this trend!
A recent ransomware attack on Instructure's Canvas platform, used by numerous universities, has raised concerns about the security of person...
A fake Windows 11 update website is distributing malware disguised as a legitimate update, targeting users seeking early access to new featu...
A recent cyberattack on CareCloud, a health tech provider, has raised concerns about patient data security. This incident, along with other ...
Two prominent cryptocurrency platforms, CoinMarketCap and Cointelegraph, have recently fallen victim to similar supply chain attacks, result...
⚠ Disclaimer: Yanuki provides article summaries and links for reference only. Yanuki does not endorse, verify, or guarantee the accuracy of third-party sources. Please review original sources and verify information independently. Managed by the Yanuki Data Engine. Full Disclaimer