Fake E-ZPass Toll Websites and Smishing Attacks: An FBI Warning

by Len Kaplan, CEO of CDML Computer Services, Ltd.

As digital communication evolves, so do cybersecurity threats. One prevalent threat is smishing, related to phishing but conducted via SMS. CDML Computer Services is committed to keeping our clients informed and secure, especially following recent FBI warnings about fake E-ZPass websites and other smishing attacks.

Fake E-ZPass Websites: Scammers create sophisticated fake websites mimicking E-ZPass billing services to steal personal information. These sites have been flagged by the FBI for attempting to collect sensitive data such as credit card numbers and social security details. Victims are often directed to these websites through phishing emails and smishing texts, which falsely claim that they owe toll fees or qualify for refunds.

For more details on the FBI’s warning and ongoing investigations into these phishing scams, you can visit reputable sources such as the official PA Turnpike website and allinfosecnews.com.

If you never heard of smishing, you’re not alone. The term smishing is a portmanteau of ‘SMS’ and ‘phishing’ and only became mainstream within the last five years. It refers to the practice of sending fraudulent text messages that appear to be from a trusted source in order to trick the recipient into divulging sensitive information or clicking on a malicious link.

These fraudulent text messages appear to be from trusted entities, but they often contain malicious links or request personal information, potentially leading to identity theft or financial loss. The urgency and apparent legitimacy of these messages can prompt quick, uninformed actions from the recipients.

How to Protect Yourself from Fake E-ZPass Websites:

1. Verify URLs: Ensure you are visiting the official E-ZPass site by checking the URL closely.
2. Recognize Fraudulent Communications: Official E-ZPass communications will not solicit immediate payments through links in unsolicited messages.
3. Direct Contact: Use official customer service channels for inquiries, bypassing potential scams found in unsolicited emails or texts.

Identifying and Responding to Smishing:

Smishing messages might look like a notification from your bank asking you to verify a transaction or a message from a courier company requesting action to release a package. These messages can induce panic and rush the recipient into clicking harmful links.

Examples of Smishing Attacks:

• Bank Fraud Alerts: Texts alleging suspicious account activity asking you to confirm personal details.
• Delivery Scams: Messages claiming there’s a package for you, with a link to schedule delivery—leading to a phishing site.
• Tax Refund Scams: SMS claiming tax rebates are available and prompting users to provide banking information to receive funds.

How to Combat Smishing:

1. Think Before You Click: Take a moment to consider the authenticity of the message. Contact the supposed sender through official channels.
2. Use Anti-Smishing Tools: Install SMS filtering apps that identify and block suspected smishing attempts.
3. Educate Yourself and Others: Be aware of the latest smishing tactics and inform friends and family on how to recognize these frauds.

Staying informed and vigilant are your best defenses against digital fraud like smishing and fake E-ZPass websites. By adopting careful online practices and consulting experts when in doubt, you can protect both personal and business data from these modern threats. For a deeper dive into cybersecurity and how CDML Computer Services can assist your business, visit our website at www.cdml.com, call us at 718-393-5343, or email [email protected].

Stay secure and stay connected!