Please keep an eye out for any text messages, alerting you to “unpaid tolls”. While there are legitimate ways to inform you of overdue toll fees, texting is typically not one of them. If you receive the SMS message below, you’re probably looking at an Unpaid Toll Collection Scam.
The FBI started seeing this scam circulate in March 2024, and it is still making the rounds. This smishing scam is simple: it tries to dupe people into visiting a bogus website and paying for a toll that doesn’t exist.
Have you gotten a copy of the unpaid toll collection scam yet? Here’s my advice:
- Don’t open any link in the message
- Consider reporting it to the FBI
- Delete the text and/or mark it as spam
And if you have any doubt about legitimately owing on a toll, find a legitimate phone number or website for the toll authority and contact them. Don’t rely on anything you receive via text.
Extra Commentary
This scam changes every week or so. The website URL and name of the Toll Company keeps shifting. This is probably because when the FBI gets reports on this scam, they work quickly to shut down the criminal website. But it is a game of whack-a-mole. Cybercriminals will just create a new website for the next money-grab. Still, this is why reporting the scam to the FBI is helpful!
People ask me often: How do these scammers get our contact info? For this scam, my best guess is a recent data breach exposed a large number of cellphone numbers, and a criminal outfit bought them up to use in scams like this. Data breaches happen everyday in the USA. Consider:
- Patriot Mobile was recently breached
- AT&T suffered a large breach in 2019 but only recently owned up to it
- T-Mobile has numerous data breaches in its recent past
- US Cellular was breached a year or so ago
But a useful phone list could come from any of the big companies in our country that collect our personal data. It’s unlikely that we’ll learn who’s to blame and even unlikelier that there will be consequences for them.
Leave a Reply