Unraveling the U.S. toll road smishing scams

SUMMARY :

A widespread financial theft SMS phishing campaign targeting toll road users across multiple U.S. states has been observed since October 2024. The attacks impersonate automatic payment services like E-ZPass, claiming outstanding bills under $5 USD and warning of late fees. Victims are directed to spoofed domains where they are prompted to enter personal and credit card information. The campaign is believed to be carried out by multiple financially motivated threat actors using a smishing kit developed by 'Wang Duo Yu'. The kit's developer offers tutorials and services through Telegram channels and a YouTube channel. The ongoing campaign has targeted at least eight states, including Washington, Florida, Pennsylvania, and Texas, using typosquatted domains resolving to specific IP addresses.

OPENCTI LABELS :

smishing,phishing kit,sms phishing,toll road scams


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Unraveling the U.S. toll road smishing scams