A widespread and ongoing SMS phishing (smishing) campaign targeting toll road users across the United States has been identified, posing a significant threat to motorists’ financial security. Since mid-October 2024, cybercriminals have been impersonating legitimate toll road payment services such as E-ZPass to steal credit card information from unsuspecting victims. When victims click the “Proceed Now” button, they are redirected to another fake webpage that solicits comprehensive personal information including name, address, phone number, and credit card details. Domain names are carefully crafted to impersonate legitimate toll services, such as “e-zpass.com-etcjr.xin” and “txtag.vipsf.top,” enhancing the credibility of the scam. The ongoing registration of new domains as recently as March 2025 indicates that this campaign remains active, highlighting the need for continued vigilance among toll road users nationwide. First, users encounter a fake CAPTCHA challenge, after which they are redirected to a counterfeit webpage displaying the legitimate toll service’s logo. “Please settle your toll immediately after reading this message to avoid penalties for delaying the payment. Their research indicates with moderate confidence that multiple financially motivated threat actors are utilizing a common smishing kit developed by an individual known as “Wang Duo Yu” to execute these attacks. After entering initial information, victims are presented with a fraudulent bill displaying their name and an outstanding balance of approximately $4, along with warnings about a $35 late payment fee. The smishing messages inform recipients of an outstanding toll balance, typically under $5, and warn of potential late fees of approximately $35 if payment is not made promptly. Upon clicking the link in the SMS message, victims are directed through a sophisticated phishing flow designed to harvest personal and financial information. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. To create a sense of urgency, the text threatens “penalties or legal action” if the recipient fails to pay by a specified date, prompting immediate action from concerned motorists. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.
This Cyber News was published on cybersecuritynews.com. Publication date: Mon, 14 Apr 2025 19:50:15 +0000