Highway Robbery: Toll Road Smishing Scams Target Unsuspecting Drivers!
Beware of toll road smishing attacks! Cybersecurity researchers reveal that threat actors, armed with phishing kits from Wang Duo Yu, are targeting U.S. toll road users. These campaigns impersonate electronic toll systems to steal personal and financial details. Remember, before you pay that toll, make sure it’s not a digital troll!
Hot Take:
Looks like the toll roads are not the only thing that’ll take your money, thanks to scammers who’ve turned paying tolls into a high-tech heist. Move over Fast & Furious, we’ve got Fast & Smished on our hands!
Key Points:
- There’s a large-scale SMS phishing campaign targeting toll road users in the U.S., masquerading as unpaid toll notifications from systems like E-ZPass.
- The phishing campaign is linked to a Chinese SMS phishing service called Lighthouse, operated by the Smishing Triad group.
- Victims are tricked into clicking fake links, solving bogus CAPTCHAs, and entering personal and financial information on fraudulent pages.
- The phishing kits, crafted by Wang Duo Yu, are sold on Telegram, with some kits even including backdoors for double theft.
- The Smishing Triad has used over 60,000 domain names, making it difficult for tech giants to effectively block their activities.
Already a member? Log in here