Unpaid Toll Texts Are Part of a Con
According to the article, a current scam targeting Americans nationwide involves a text demanding payment for unpaid tolls, federal and state officials warn.
https://www.cbsnews.com/news/unpaid-toll-text-scam/
Note: In addition to the article, please see the accompanying videos included at the above-referenced internet address.
"Whether you've driven through a toll recently or not, you might've gotten a text saying you owe money for unpaid tolls. It's probably a scam," the Federal Trade Commission stated recently in a consumer alert. "Scammers are pretending to be tolling agencies from coast to coast and sending texts demanding money," the FTC cautioned.
Details of the Scam
The deceit involves texts demanding immediate payments for unpaid tolls, some showing a dollar amount for what is supposedly owed, coupled with a link that takes unsuspecting victims to a page to enter their bank or credit card information, the federal agency relayed.
"Not only is the scammer trying to steal your money, but if you click the link, they could get your personal info (like your driver's license number) and even steal your identity," the FTC said.
New York Governor Hochul’s Warning
The warning echoes one issued a day earlier by New York Governor Kathy Hochul, who said the state had heard from residents reporting receiving SMS text messages attempting to collect tolls. The fake texts often come from an international number and direct the recipient to reply with a "Y" to get a link to an unofficial website.
E-ZPass and Tolls by Mail never send texts or emails asking for personal information such as a credit card, birthday, Social Security number or other personally identifiable information, the governor's release stated.
In addition to New York, states including Massachusetts and Pennsylvania have issued similar alerts in recent days.
The FBI’s Internet Crime Complaint Center (IC3)
The scams regarding debt for road toll services are nothing new. The FBI's Internet Crime Complaint Center (IC3) last April said it had received more than 2,000 complaints from at least three states regarding road toll collection "smishing," a combination of "SMS" or "short message service" and "phishing," a term for fraudulent emails that trick people into handing over personal data. "IC3 complaint information indicates the scam may be moving from state to state," the FBI said in a public service announcement.
The fake texts claim the recipient owes money for unpaid tolls and contain almost identical language, and the link within the text impersonates "the state's toll service name, and phone numbers appear to change between states," the FBI stated.
Georgia’s Warning
In Georgia, the State Road and Tollway Authority's Peach Pass website included a banner at the top alerting customers to a "growing wave of SMS texting attacks on toll road users."
"Fraud activity continues throughout the nation with scam artists sending fake messages claiming you have an invoice, violation, or a bill from using Minnesota EZPass or another EZPass facility," the state's Department of Transportation said in an alert urging residents to "not reply and delete" such messages.
Texas’ Alert
"We are aware of the smishing/phishing scams regarding outstanding toll charges," the Central Texas Regional Mobility Authority stated in issuing an alert in mid-January. It urged people against clicking on links or responding to "any suspicious messages" that aren't from one of what the agency said are three legitimate numbers: 38047, 27974 or 512-575-3160.
Tips for avoiding smishing scams:
(1) Don't reply to text messages from unknown numbers.
(2) Don't click on links in texts from unknown senders to try to access a website through the text.
(3) Delete and report the message using your phone's "report junk" option.
(4) Block the sender's email address or phone number.
(5) If you are unsure of the legitimacy of a text message, don't engage with the sender.
Clicking a link may let a scammer:
(1) Install ransomware or other programs to spy on your online activity or hold your device hostage by encrypting data and demanding payment to unscramble it.
(2) Gain access to personal information including passwords, credit card numbers, banking PINs, etc., to take out loans or credit cards or perform other fraudulent financial transactions using your identity.
Discussion Questions
1. What is the Federal Trade Commission (FTC)?
The FTC is an agency of the U.S. government whose principal mission is the enforcement of civil (non-criminal) antitrust law and the promotion of consumer protection.
In terms of consumer protection, combating fraud is a major focus of the FTC. The FTC’s role in combating fraud includes enforcing federal consumer protection laws to prevent fraud, deception, and unfair business practices. The FTC’s Bureau of Consumer Protection collects reports from consumers, conducts investigation, sues companies and individuals that break the law, develops rules to maintain a fair marketplace, and educates consumers and businesses.
For an excellent video offering an “inside look” at fraud and the FTC’s efforts to quell fraud, please see the following section of the FTC’s website:
https://www.ftc.gov/media/fraud-inside-look
For more information regarding the FTC’s role and mission, please see the FTC website:
2. Discuss the role of the FBI's Internet Crime Complaint Center (IC3).
The Internet Crime Complaint Center (IC3), founded in 2000, is a division of the Federal Bureau of Investigation (FBI) that addresses suspected Internet-facilitated criminal activity. The IC3 gives victims a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations on the Internet. The IC3 develops leads and notifies law enforcement agencies at the federal, state, local, and international level. Information sent to the IC3 is analyzed and disseminated for investigative and intelligence purposes to law enforcement and for public awareness.
For more information regarding IC3, please see its website:
3. What is “smishing,” and why is it illegal?
Smishing, derived from “SMS” (“Short Message Service”) and “phishing,” is a type of cybercrime that uses deceptive text messages to manipulate victims into divulging sensitive personal information such as bank account details, credit card numbers, and login credentials.
Just as with phishing emails, the goal of smishing is to trick individuals into revealing private information that can be used for identity theft, financial theft, or other fraudulent activities.
Given the prevalence of text messaging as a form of communication, smishing has become a significant concern in cybersecurity.
Smishing is illegal because it is a type of fraud. In other words, it is (1) a false statement of fact; (2) made with the knowledge of its falsity (or with reckless indifference as to its truth); (3) made with the intent that the listener rely on the false statement; (4) the listener in fact relies on the false statement; and (5) the listener is harmed (economically) as a result.
