Mastodawn

Links to a fresh set of "road toll" scam websites were pushed out by SMS today, targeting people with mobile phones in #Colorado area codes. The messages tell the recipient that they owe back tolls for driving on a highway in Colorado and purports to link to the Colorado DMV website. The page that loads accurately mimics the Colorado Department of Revenue website appearance, and claims you owe $6.69 in tolls. Needless to say, this is fake. Spread the word: Tolls are not collected directly via SMS message.

This is a continuation of an ongoing, Russia-originated campaign that has been targeting specific states and regions for the past year. I blogged about it in October for @Netcraft - we gave the threat actor the moniker Logger EIO. https://www.netcraft.com/blog/taxpayers-drivers-targeted-in-refund-and-road-toll-smishing-scams

#smishing #phishing #colorado #CODOR #CODMV #DMV #scam #fraud #roadtoll #tollroad #tollscam #LoggerEIO

securityskeptic

Jun 26, 2025

Visual deception in phishing attacks is more present today than many care to admit. Phishing campaigns, for example, the recent Unpaid Toll Scams, employ visual deception. In this post, we show how phishers exploit peoples' tendencies to see what they want to read rather than what appears in a message or hyperlink.

https://interisle.substack.com/p/common-visual-deceptions-in-phishing

#phishing #url #infringement #tollscam #lookalikedomain

Common Visual Deceptions in Phishing URL Composition

Dave Piscitello

Interisle Insights

The Spamhaus Project May 8, 2025

We've talked before about abuse issues with .top domains, and sadly, things aren’t getting better. In fact, we’re now seeing a rise in "toll scams" you might have spotted hitting the headlines in recent weeks. 📈🗞️

But, why is this happening? What do we actually know about .🔝? And more importantly, what can be done to stop it? ✋

Learn more in the latest Domain Reputation Spotlight 🔦 ⤵️
https://www.spamhaus.org/resource-hub/service-providers/abuse-takes-its-toll-on-top/

#DotTop #DomainAbuse #TollScam #Registrars #CyberSecurity #ThreatIntel

Domain Spotlight | Abuse takes its “toll” on .top: But who is paying the price? | Blog

In this Domain Spotlight, we look into the escalating abuse issue at .top, why is this happening, and what can be done to stop it.

The Spamhaus Project

Lenora May 4, 2025

I’m getting tired of seeing this #scam in my text messages. +63 is the #philippines #tolls #tollscam I’m sure most people know to just delete and #block this

The DefendOps Diaries Apr 6, 2025

Received an urgent toll message? It might not be from your toll agency at all. Cyber crooks are now using encrypted texts to mimic trusted names and pull off sneaky phishing scams. Are you sure it's legit?

https://thedefendopsdiaries.com/the-toll-payment-text-scam-a-modern-cybersecurity-threat/

#phishing
#cybersecurity
#smishing
#tollscam
#infosec

The Toll Payment Text Scam: A Modern Cybersecurity Threat

Explore the toll payment text scam, a modern phishing threat exploiting encrypted messaging to deceive victims.

The DefendOps Diaries