The Federal Bureau of Investigation has issued a critical warning about a pervasive scam sweeping across the country. Americans are being targeted by a sophisticated series of SMS phishing—or “smishing”—attacks that bait them with fictitious unpaid road toll charges.
A surge of fraudulent activity
The smishing scheme has been active since last month, duping thousands of people, as reported by victims to federal authorities. The FBI’s Internet Crime Complaint Center has documented a significant influx of over 2,000 complaints detailing deceptive texts that impersonate road toll services from various states.
MORE: IS THE FTC CALLING YOU? PROBABLY NOT. HERE’S HOW TO AVOID A NEW PHONE SCAM TARGETING YOU
Mechanism of the road toll scam
Investigations reveal that these messages are uniform in their deception, falsely asserting that the recipient is delinquent on road toll payments. These communications aim to manipulate individuals into clicking on links that are ingeniously designed to mimic legitimate state toll service websites, complete with fluctuating phone numbers to elude detection.
MORE: THE DARK WORLD OF FACEBOOK ADS WHERE SCAMMERS ARE TRYING TO STEAL YOUR MONEY
Regional responses to the threat
The Pennsylvania Turnpike has been at the forefront of the afflicted services, proactively advising its customers to avoid interacting with these fraudulent messages. Similarly, the Pennsylvania State Police have expressed their concern, highlighting that the scam texts redirect to counterfeit websites designed to steal personal data.
Expanding the watch
Regional services are not the only ones affected. Residents across various parts of the U.S. have been under threat since the onset of these attacks, which seem to target toll service customers. While this detail is not directly mentioned in the FBI’s public service announcement, secondary sources tracking the issue have confirmed it.
MORE: THE ‘UNSUBSCRIBE’ EMAIL SCAM IS TARGETING AMERICANS
Guidance if you receive a toll scam text message
The FBI has recommended several preventive measures in light of the ongoing phishing attacks.
1) Report the phishing attempt at www.ic3.gov with the scammer’s contact details and the website URL from the message.
2) Verify your toll account through the official service website.
3) Reach out to the official customer service for the toll service.
4) Erase the fraudulent text message from your device.
5) Use good antivirus protection on all devices to reduce risks. The best way to protect yourself from clicking malicious links that install malware that may get access to your private information is to have antivirus protection installed on all your devices. This can also alert you of any phishing emails or ransomware scams.
My top pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.
If you click one of these toll scam links
For individuals who have engaged in these phishing attempts, it is crucial to take immediate action to secure personal and financial information. The FBI stresses the importance of monitoring for unfamiliar charges and disputing them promptly to mitigate any potential financial harm.
Kurt’s key takeaways
As the threat landscape evolves, staying informed about these scams is paramount. By following the FBI’s advisories and maintaining a high level of skepticism toward unsolicited texts claiming to be from toll services, you can safeguard against these invasive phishing tactics. It’s really important that we all work together to spot and call out scams. By doing this, we’re joining forces to protect people from cybercriminals who try to trick them.
What role should mobile carriers and tech companies play in combating smishing scams, and how can they improve their current measures? Let us know in the comments below.
FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE
1 comment
I got a Sun Pass text alert just this morning. I don’t even have a Sun Pass account. I blocked the number, reported the text as junk and deleted the text from my phone.