In April 2024, the FBI warned about a new type of smishing scam.
Smishing is the term we use for phishing attacks sent via text message. This particular smishing scam tries to trick users into clicking a link by telling them they owe a “small amount” in toll fees.
The scammers send a text claiming that the recipient owes money for unpaid tolls.
“PA Turnpike Toll Services: We’ve noticed an outstanding toll amount of $12.51 on your record. To avoid a late fee of $50.00 visit [URL to fake site] to settle your balance.”
It looks as if the targets are chosen randomly, but if you’ve been on a recent summer trip or will be visiting your relatives during the holiday season the chances are higher that you will believe this type of text. Nobody is going to fool you into paying (extra) for your daily commute, right?
Because of the relatively low amount, people may decide to settle the payment before the amount rises.
One of the URLs we tracked for this campaign was myturnpiketollservices[.]com which was active from early April until late May. Some others have only been active for a few days.
On the fake website, which is a really convincing copy of the original, visitors are asked to fill out their details like phone numbers, email addresses, full name, address, and their credit card details. Scammers will happily abuse any information that you enter for other malicious activities like identity theft and financial fraud.
These attacks are not just increasing in numbers in the US, smishing scammers are also targeting people in Australia, Canada, and Japan now.
How to avoid falling for a smishing scam
- Check the phone number that the text message comes from. Some of the scams above were easy to dismiss because they came from telephone numbers outside the US.
- Look for the actual site that handles the alleged toll fees and compare the domain name. Sometimes there is only a small difference, so inspect it carefully.
- If you decided to pay, an alarm should go off if you don’t receive confirmation. Official toll agencies will send confirmation after collecting payments. If you don’t receive confirmation, it’s time to investigate and maybe freeze your credit card.
- Never interact with the scammer in any way. Every reaction provides them with information, even if it’s only that the phone number is in use.
- If you think the toll fee is feasible because you have indeed travelled in that area, check on the official toll service’s website or call their customer service number.
- The FBI asks that if you receive a suspicious message, contact the FBI Internet Crime Complaint Center at ic3.gov. Be sure to include the phone number from where the text originated, and the website listed within the text.
Involved domains
myturnpiketollservices[.]com
nytollservices.com
tollsinfosny[.]com
tollsinfonyc[.]com
bayareafastraktollservices[.]com
intollroadacc219[.]com
toll-sunpass[.]com
tollnyezpassweb[.]com
indiana260roadtollac[.]com
inweb-tollroadtrust[.]com
in-tollroadgouv1[.]com
newyorktollroadtrust1[.]com
nyserviceezpass[.]com
intrust-tollroadweb[.]com
sunspass[.]com
sunspasstollsservices[.]com
sunpasstollservices[.]com
tollsbymailsny[.]com
Several of these were hosted at the IP:
45.8.92[.]38
We don’t just report on phone security—we provide it
Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.