![[The AI Show Episode 142]: ChatGPT’s New Image Generator, Studio Ghibli Craze and Backlash, Gemini 2.5, OpenAI Academy, 4o Updates, Vibe Marketing & xAI Acquires X](https://www.marketingaiinstitute.com/hubfs/ep%20142%20cover.png)
![From drop-out to software architect with Jason Lengstorf [Podcast #167]](https://cdn.hashnode.com/res/hashnode/image/upload/v1743796461357/f3d19cd7-e6f5-4d7c-8bfc-eb974bc8da68.png?#)
.jpg?#)
.png?#)
(1).jpg?width=1920&height=1920&fit=bounds&quality=80&format=jpg&auto=webp#)
_NicoElNino_Alamy.png?#)
_Igor_Mojzes_Alamy.jpg?#)
.webp?#)
.webp?#)
![Blackmagic Design Unveils DaVinci Resolve 20 With Over 100 New Features and AI Tools [Video]](https://www.iclarified.com/images/news/96951/96951/96951-640.jpg)
![Apple Considers Delaying Smart Home Hub Until 2026 [Gurman]](https://www.iclarified.com/images/news/96946/96946/96946-640.jpg)
Toll fee scams are back and heading your way
Heavy incoming traffic: A new wave of toll fee scams are sweeping America.
Back in August 2024, we warned about a relatively new type of SMS phishing (or smishing) scam that was doing the rounds.
Now a new wave of toll fee scams are working their way round the US. These attempts come as an unexpected text message linking to a website pretending to belong to one of the US toll authorities, like E-ZPass, The Toll Roads, SunPass, or TxTag.
The texts usually create a sense of urgency—a common tactic of scammers, by telling you there is only a limited time left to act or there will be dire consequences.
The phishing sites are typically out to steal personal information and/or payment details. Reportedly, some users get up to 7 such messages in a day.
Many state departments are issuing warnings. For example, the Wisconsin Department of Transportation (WisDOT) Division of Motor Vehicles (DMV) recently warned consumers of reported phishing attempts via text, and the Arizona Department of Transportation even published a reminder that the state highway system doesn’t have toll roads, because of these scams.
A typical text message might look like this:
“Your toll payment for E-ZPass Lane must be settled by {a date in the very near future}. To avoid fines and the suspension of your driving privileges, kindly pay by the due date.
Pay here: {malicious link}
(Please reply with “Y”, then exit the text message. Open it again, click the link, or copy it into your browser and open it.)”
The malicious links are often fabricated to look legitimate by including an existing domain name before the actual domain name. E.g. e-zpass.com- roadioe[.]cc.
How to avoid falling for toll fee scams
- Check the phone number that the text message comes from. Some of the scams we saw were easy to dismiss because they came from telephone numbers outside the US.
- Look for the actual site that handles the alleged toll fees and compare the domain name. Sometimes there is only a small difference, so inspect it carefully.
- If you decided to pay, make sure you receive confirmation of payment. Official toll agencies will send confirmation after collecting payments. If you don’t receive that, call the toll service to check.
- Never interact with the scammer in any way. Every reaction provides them with information, even if it’s only that the phone number is in use.
- If you think the toll fee is feasible because you have indeed travelled in that area, check on the official toll service’s website or call their customer service number.
- The FBI asks that if you receive a suspicious message, contact the FBI Internet Crime Complaint Center at ic3.gov. Be sure to include the phone number from where the text originated, and the website listed within the text.
Indicators of Compromise (IoCs)
Domains involved in toll fee scams:
com-roadioe[.]cc
uoshxkdhkz[.]top
com-zgoupbb[.]top
forfeitzm[.]top
sunpass-verification[.]top
com-tollbilljhy[.]top
com-etc-bbzj[.]vip
com-tollbilltid[.]vip
com-tollbilltwd[.]vip
paytollrbzx[.]vip
com-ticketvb[.]xin
com-emzwepr[.]xin
com-ustolls[.]xin
com-tollbilaz[.]xin
etc-tollad[.]xin
roadetctre[.]xin
Did you know that Malwarebytes for mobile scans your texts for scams and blocks known malicious sites?
We don’t just report on phone security—we provide it
Cybersecurity risks should never spread beyond a headline. Keep threats off your mobile devices by downloading Malwarebytes for iOS, and Malwarebytes for Android today.
