IT, Cybersecurity and Compliance Solutions in Washington and Oregon

FBI Issues Warning: Don't Fall for the Latest Toll Road Smishing Scam

Written by Byron Martin | Mar 17, 2025

Recently, the FBI issued a fresh warning about "smishing" scams involving fake toll-road notifications sent via text messages. Scammers are targeting drivers across multiple states, attempting to trick recipients into clicking malicious links and providing personal or payment information.

These fraudulent texts impersonate legitimate toll services specific to your state. For instance, if you're in California, scammers may pretend to be FastTrak; in New York and other states using E-Z Pass, the texts appear to originate from that service. In Washington state, they’re impersonating WSDOT Good To Go.

Scammers often send these messages widely, hoping to trick recipients regardless of whether they've ever driven in the state mentioned. Do not click any links or share personal information with these unsolicited messages.

 

 

What is Smishing?

Smishing—short for SMS phishing—is a cyberattack involving deceptive text messages designed to trick recipients into sharing sensitive personal information, payment details or clicking malicious links.

How the Toll Scam Works

  • Victims receive texts claiming unpaid tolls or fees.
  • Texts impersonate legitimate state transportation departments or toll road authorities.
  • The message creates urgency, warning of penalties or additional charges if immediate payment isn't made.
  • Link masking or shortened URLs involves hiding malicious links behind shortened URLs to disguise their true destination.
  • Victims who click on the included links are directed to fraudulent websites designed to steal personal information or payment credentials.

 

FBI Smishing Scam Alert

The FBI warns a threat moving across America “from state to state" targets citizens via malicious SMS (smishing) texts, telling iPhone, Android users to file a complaint with the IC3, and to delete any smishing texts received. And if you clicked any link or provided your information to take efforts to secure your personal information and financial accounts.

How to Protect Yourself and Your Business

Follow these essential tips to stay safe:

1. Verify the Source

  • Be skeptical of unsolicited text messages, especially ones demanding immediate payment.

  • Independently verify any outstanding tolls or fees directly through official websites or customer service phone numbers, not through links or numbers provided in text messages.

2. Never Click Unfamiliar Links

  • Don't click on links from unknown or suspicious text messages. Even if the message seems legitimate, it's always safer to navigate directly to the official website through your browser.

3. Never Share Sensitive Information via Text

  • Genuine agencies and reputable companies typically won't ask for sensitive personal or payment details via text message.

4. Report Suspicious Messages

  • Forward fraudulent or suspicious texts to your wireless provider’s spam reporting service (often by forwarding to 7726, spelling "SPAM").

  • Report smishing attempts to local law enforcement and file complaints through the FBI’s Internet Crime Complaint Center (IC3).

5. Educate Your Team

  • Make sure employees and colleagues understand the risk and know how to spot potential scams.
  • Encourage them to verify independently before responding or clicking on suspicious links.

Cybercriminals continuously evolve their methods, using timely, believable scams to trick people into making mistakes. Awareness is your best protection.

Stay informed, stay cautious, and always verify before you click.

Teknologize is a SOC 2 certified, Professional Technology Services company with clients throughout the Pacific Northwest. We have offices located in:

  • Tri-Cities, Washington 509.396.6640
  • Yakima, Washington 509.396.6640
  • Bend, Oregon 541.848.6072
  • Seattle, Washington 206.743.0981

Questions about your IT or Cybersecurity? Give us a call today!
View full post