All iPhone and Android users, please be aware of this dangerous scam.  We urge that you delete smishing texts as a new SMS threat has been on the rise. The FBI has been actively alerting users about these scams, emphasizing the importance of vigilance and caution. Over 10,000 domains have been registered by cyberattackers, baiting users into disclosing personal and/or financial information.

Many cybercriminals have been posing as tolling agencies such as E-ZPass, demanding money with state-specific payment links. Clicking the link will compromise your security, allowing them to access your personal information and even impersonate you for fraud. Attackers are sending toll scam messages throughout cities in the U.S., particularly in Dallas, Atlanta, Los Angeles, New York, NJ, Chicago, and Orlando.

How to Recognize Smishing Scams:

Avoid falling for smishing texts – they often follow a predictable formula. Here are a few clues to help you spot them:

1. You have an outstanding bill that requires immediate payment or else you’d be charged more,
2. The text includes a link where you can pay,
3. Instructs you to either reply or paste the link into a web browser to complete the payment.

Other Signs that it’s a Scam:

• The domain link contains “.XIN” at the end. However, this doesn’t mean you should trust links that don’t contain this string.
• The dollar sign appears after the amount whereas the U.S. customarily displays it before the amount.

It is always best to check your account through the toll company’s website or connect with provider’s customer service line. If you are an E-ZPass customer, you can just go to the E-ZPass website and login and check your account or call their customer service phone number.

For Anyone who has Fallen Victim to these Smishing Texts, We Advise You to:

1. File a complaint with the IC3 (Internet Crime Complaint Center), reporting the phone number the text came from, and the website linked as well. Their website is ic3.gov and you will see a big red button on their website that says “File A Complaint”.
2. Access and review your account through the toll service’s official website or call their customer service line.
3. Delete all scam texts.
4. If you pressed any links or shared your information, be sure to take extra measures to protect your personal and financial information. Check for any unauthorized charges and dispute them with your bank.

As technology continues to evolve and become more accessible, cyberattacks will grow in sophistication and frequency. This makes them harder to detect.

DDKinfotech offers comprehensive user awareness training for businesses, empowering employees to identify fraudulent emails, texts, and voicemails. Our training programs are designed to protect your identity and data from cybercriminals, ensuring a safer and more secure digital environment for your organization. Contact us if you’re interested.