Few days ago, I got sent a text message from +1(902)986-3512 that says ”Oregon Toll Services: We’ve noticed an outstanding toll balance of $11.69 on your record. To prevent a late fee of $50.00 please vicit (https://toll-sunpass.com/) to settle your invoice”
It is obviously a smishing scam attempt as Toll Services (SunPass, BreezeBy, EZpass, etc) do not ask customers via text to make a payment or to take immediate action on their account. Secondly, the link on the text message wasn’t the legit Sunpass website for toll payment which is ‘Sunpass.com‘. Meanwhile, when I searched up the number on the internet, I discovered it has been used by similar toll payment scam (See Image below)
As can be seen from the image, the scammers have impersonated Arkansas Toll Services, South Carolina Toll Services, and even Louisiana Toll Services.
Other red flags spotted;
- It has a sense of urgency prompting me to click on a link.
- The text message contains Spelling and grammatical mistakes
How This Smishing Scam Works
Like all scams, this text message scam (Smishing) is an attempt to defraud people. Clicking on the link in the text message takes victims to a spoofed SunPass website that ask for credit card details for the toll fee. People who provide their credit card info would become a victim of credit card fraud. The scammers would not only deduct the fake $11.99 outstanding balance but would make huge withdrawals.
Also, mere clicking on the link could expose your mobile device to viruses, spywares, or malware. This is because the website could’ve a malware program running in the background. Malware is software that is installed on a computer without the user’s consent and that performs malicious actions, such as stealing passwords or money. Malware can be installed in a variety of ways, including through email attachments, drive-by downloads, or by clicking on links in malicious websites.
Here’s what to do If you received a scam text message;
- Don’t attempt to click on the link no matter how legit it looks. Clicking it would either direct you to a fraudulent website or install malware into your device.
- Block The Sender Number. You can do this by flagging the telephone number as spam.
- Delete The Text Message. Deleting the text message will prevent you from mistakenly replying or clicking on it.
What Victims of Oregon Toll Services Text Scam Should Do;
Inform Their Credit Card Company
If you provided your credit card details on this scam site, the first step you should take is calling your credit card company. They need to know that your card details have been compromised so as to closely monitor and prevent any unauthorized charges.
Place a Credit Freeze or Fraud Alert
Fraud alert is sort of like a two-factor authentication process for accessing your credit, whereas a credit freeze blocks anyone from accessing your credit — until you remove it. The credit freeze is the best option for you, if you know you wouldn’t be using the credit card anytime soon.
Scan Their Device with a Malware Checker Tool
There’s a likelihood that your device has been infested by malware or spyware after visiting the spoofed website. Scanning your device with a malware removal tool will detect and remove any viruses, spyware, or other malicious programs.
See similar trending smishing scam –