Since the start of the year, a phishing campaign targeting toll payments has gained traction and spread across the United States, the EU, and UK.
Scams like these are nothing new. They’ve targeted Massachusetts drivers in the past, as well as drivers in Ireland and other parts of Europe and Asia. However, since about mid-January, the number of text messages reporting failed or missed toll payments and demanding immediate action has risen considerably.
The following is a breakdown of some of the phishing pages observed by TechnicalOutcast. The numbers below represent single URLs targeting a given agency. As you can see, some campaigns are spamming the same URL hundreds of times. Thousands of times if duplicate records are included.
| Toll Agency | Count (Dupes Removed) | Count (Dupes Included) |
|---|---|---|
| SunPass | 643 | 4,373 |
| E-ZPass | 630 | 2,913 |
| EZDrive Massachusetts | 228 | 494 |
| FasTrak | 73 | 94 |
| AutoPASS | 54 | 113 |
| EasyPark | 15 | 20 |
| HKeToll | 1 | 2 |
An example of these scams, sent to drivers in Illinois, can be seen below.
The scams are working, based on an account reported by AARP, where a volunteer fell victim due context and timing. Having previously completed a road trip through Massachusetts three months prior, the AARP volunteer presumed the text message from EZDriveMA demanding toll payments was legit.
“I was in a hurry, so I followed the instructions on the text and completed the information on my iPhone,” they explained.
Lucky for them, their bank caught the compromised card being used and was able to reverse charges. However, if that wasn’t the case, the repercussions could have been dire.
The Massachusetts Department of Transportation was alerted that a text message-based [scam] is fraudulently claiming to represent tolling agencies from across the country. The scammers are claiming to represent the tolling agency and requesting payment for unpaid tolls.
The targeted phone numbers seem to be chosen at random and are not uniquely associated with an account or usage of toll roads. Customers who receive an unsolicited text, email, or similar message suggesting it is from EZDriveMA or another toll agency should not click on the link. -EZDriveMA Advisory
The Texas Department of Transportation issued an alert in February, similar to one released in 2024, warning drivers about the scams. “There have been multiple reports of TxTag customers receiving text messages claiming to have a balance due or past due… TxDOT is working to have fraudulent websites taken down in hopes of preventing customers from becoming victims.”
In the meantime, the FTC has urged consumers to report these messages and to avoid following any links.
Report and delete unwanted text messages. Use your phone’s “report junk” option to report unwanted texts to your messaging app or forward them to 7726 (SPAM). Once you’ve checked it out and reported it, delete the text.