Philadelphia researcher traces who's sending those annoying scam text messages about unpaid tolls
Pennsylvania Attorney General Dave Sunday issued a warning in June about the messages, which purport to be coming from agencies like PennDOT.
State officials say they will never ask for payment over the phone or via text message and advise you to ignore and delete the message.
But Aidan Holland couldn't ignore them. The Philadelphia-based cybersecurity researcher started tracing the texts.
"A lot of family and friends were reaching out to me like, 'What is this thing? What do I do?'" Holland said. "Because it was so widespread, I figured there has to be a way that I can track that down and figure out where it's coming from."
Unpaid toll scam texts traced to China
The texts vary, but the scam is the same. They come from odd emails or out-of-area numbers with urgent warnings that you owe the DMV money for a traffic ticket, parking ticket or unpaid toll. The goal is to get you to click on a link to a bogus site and pay.
"What they really want is your credit card," Holland said. "They either want to use it for money laundering or for reselling your credit card at a higher cost."
Holland is a researcher with Censys, a threat research platform, where he said they scan the entire internet every four hours.
"Every server, every website," he said, which means they can identify the bogus sites linked in the texts as soon as they're created.
Holland said he's uncovered more than 100,000 of these scam sites impersonating government and toll agencies, like E-ZPass. The researcher says many of the sites are hosted on networks in China.
The scam sites linked in the messages typically begin with some variation of a legitimate-looking website, but then end with a less common domain like .win, .xin, or .top — legitimate government websites for departments like PennDOT end in domains like .gov.
Cheap and easy for scammers
Part of what makes the scam so successful, Holland said, is that fraudsters can buy up these domains for very little money.
"They're really cheap, like $3 or $4 domains for the whole year," he said. "So it's really easy to use those for scams. "
The inconsistencies in legitimate toll road collection domains also work to the advantage of scammers, he said.
Apple devices appear to get the bulk of these scam texts, according to Holland, because iMessage accepts email addresses.
Protecting yourself from text messages claiming to be the DMV
Holland said he's working closely with the FBI and local agencies to shut down the sites as soon as possible after they're identified.
E-ZPass and Toll By Plate customers can use approved safe methods to check their accounts, including the official Pennsylvania, New Jersey, or Delaware E-ZPass websites, or the Toll Pay apps available from the Apple App Store or Google Play store.
The FBI and FTC advise that you should never click any links in unexpected texts or reply. Users are also encouraged to forward the messages to 7726 or "SPAM" to report them to their wireless provider, and then delete it. Customers can also report the fraudulent messages to the FBI's Internet Crime Complaint Center at http://www.ic3.gov.
Do you have a money question, a consumer issue, or a scam story you want to share? Email InYourCorner@cbs.com.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Associated Press
20 minutes ago
- Associated Press
Victims of Reno casino shooting include 2 men visiting for a bachelor party, police say
RENO, Nev. (AP) — Two of the three people killed this week in a shooting outside the largest casino in Reno, Nevada, were 23-year-old men in town celebrating a bachelor party and the third victim was a 66-year-old man who lived in the area, authorities said. The suspect, who is in critical condition after being shot by police, was identified Tuesday as Dakota Hawver, a 26-year-old Reno resident. Investigators have found no connections between Hawver and the Grand Sierra Resort or any of the victims, according to police in the neighboring town of Sparks who are leading the investigation. They said the motive is still unknown. Two other people wounded in Monday's shooting remained hospitalized but were expected to make a full recovery, police said in a statement Tuesday. Justin Aguila and Andrew Canepa, both 23 years old and from Southern California, were fatally shot from behind while waiting in the casino's valet area for a ride to the airport, officials said. They had been visiting with a group of friends for a bachelor party. Angel Martinez, a 66-year-old Reno resident, was driving his car through the parking lot when he was shot and killed by the suspect, who had been hiding behind a parked vehicle, police said. Investigators determined Hawver used multiple magazines and fired approximately 80 rounds from a 9mm handgun that he had legally purchased two years ago. He has no criminal record and no history of mental health problems, officials said Tuesday. The investigation is ongoing. The shooting occurred around 7:30 a.m. Monday, when the gunman walked up to the valet area, pulled out the gun and pointed it at a group of people, police said. His weapon initially malfunctioned, but he was quickly able to get it to shoot multiple times before running through the parking lot, where he encountered an armed casino security guard. The gunman opened fire on the guard, who returned fire as the shooter fled again before being shot by police and arrested, police said Monday. In addition to those who were killed and the people taken to the hospital, three others were treated for minor injuries at the casino, according to Devon Reese, chair of the Board of Health in northern Nevada. One person was grazed by a bullet on their pinky finger, one was treated for severe anxiety and one was injured while running, he said Monday. The Grand Sierra Resort, one of Reno's most prominent venues, has hosted concerts, sporting events and a campaign rally by President Donald Trump before the 2024 election. Near the California border and just northeast of Lake Tahoe, the town is a popular summer tourist destination. The resort claims to have the biggest casino floor in northern Nevada and sits just a few blocks from the Reno-Tahoe International Airport. It's also one of the tallest buildings in the city, with nearly 2,000 hotel rooms.
CNN
20 minutes ago
- CNN
Analysis: Another reason to be skeptical of Trump's Epstein concessions
The Trump administration's efforts to allay concerns about its handling of the Jeffrey Epstein files by pushing for more information have been suspect, at best. The moves seem to be geared more toward creating the appearance of action than producing anything that would amount to the extensive transparency it promised. The administration is practically daring people – including many MAGA supporters – to balk at the thin gruel it's serving up. And a new filing from the Justice Department overnight reinforces how little light the administration's moves could shed. The filing lays out its case for unsealing grand jury testimony, which was President Donald Trump's first announced concession. Plenty of experts regarded that move with skepticism. They noted the courts are often reluctant to disclose grand jury materials – an effort to unseal Epstein-related material in Florida already failed just last week – and those materials themselves will often be limited, even if they are released. That certainly appears to be the case here. In the filing, the Justice Department cites just two witnesses who remain alive whose testimony would be released. 'Here, there was one witness—an FBI agent—during the Epstein grand jury proceedings,' the filing says. 'There were two witnesses—the same FBI agent from the Epstein grand jury proceedings and a detective with the NYPD who was a Task Force Officer with the FBI's Child Exploitation and Human Trafficking Task Force—during the [Ghislaine] Maxwell grand jury proceedings.' That would suggest the testimony is largely second hand, relying on law enforcement officials relaying the accounts of witnesses. Indeed, the filing says these officials 'described statements of others, including statements of and concerning victims, many of whom are still alive.' And beyond that, the filing says many of those accounts were already aired in criminal and civil trials – and by the witnesses themselves. 'Many of the victims whose accounts relating to Epstein and Maxwell that were the subject of grand jury testimony testified at trial consistent with the accounts described by an FBI agent and the detective from the New York City Police Department ('NYPD') in the grand jury and some have also made public those factual accounts in the course of civil litigation,' the filing says. And finally, the Justice Department reiterates that even any transcripts that would be released would be subject to significant redactions. It again cited 'appropriate redactions of victim-related and other personal identifying information.' It's not clear precisely what redacting 'other personal identifying information' means, in practice. (The government's proposed releases and redactions are, of course, going to remain under seal.) But the government has previously expressed a desire not to 'expose any additional third-parties to allegations of illegal wrongdoing.' That certainly suggests the widespread appetite for learning more about Epstein's supposed clients would go unsatisfied, even if these materials are released. And indeed, that's basically the main thing people are interested in. A CBS News-YouGov poll this month showed Americans agreed 92-8% that the Epstein files 'probably include damaging information about powerful or wealthy people.' And they said 89-11% that the government should 'release all the information it has' about Epstein. A Reuters-Ipsos poll also found Americans said by a massive 69-6% margin that they believed the federal government was 'hiding information' about 'alleged clients of accused sex trafficker Jeffrey Epstein.' That was a bigger margin even than the percentage who believed the government was hiding information about Epstein's death (60-12%). (And even conspiracy theories about Epstein's death tie into the idea that there are unknown clients; they hold that powerful people wanted him dead and killed him because of what he knew, rather than that he died by suicide.) The DOJ's Tuesday night filing is merely the latest reason to be skeptical of the Trump administration's efforts to make this story go away. In addition to the judge in Florida already rejecting the release of grand jury materials (the rules are less stringent in New York, where the most recent memo was filed), the administration's second major concession was having Deputy Attorney General Todd Blanche interview Maxwell. But we still don't know what came of that or how fulsome the disclosure of the interview will be. Maxwell is someone the Trump Justice Department once labeled a brazen liar. And the administration took very little care to insulate the situation from politics: Blanche isn't just a political appointee; he's also Trump's own former personal lawyer. And then Trump repeatedly dangled the prospect of a pardon over Maxwell, reinforcing her likely motivation to say what the Trump administration wants. On top of that, questions continue to be raised about the administration's one big, recent disclosure: video footage of the area near Epstein's cell on the night he died. The administration presented it as 'raw' footage and proof that he couldn't have been killed. But the video was missing at least one minute – potentially for technical reasons – and experts have said there's evidence it's not actually raw. The administration's handling of this case has been a mess in so many ways, from its promises of extensive disclosures to its conspicuously timed reversal on that to Trump's false and misleading claims about his past ties to Epstein. The question is increasingly whether people will view this as transparency – or just as a transparent ploy by the administration to try to move on without living up to its promises.
New York Times
20 minutes ago
- New York Times
Brennan and Clapper: Let's Set the Record Straight on Russia and 2016
Tulsi Gabbard, the director of national intelligence, and John Ratcliffe, the Central Intelligence Agency director, have over the past month claimed that senior officials of the Obama administration manufactured politicized intelligence, silenced intelligence professionals and engaged in a broad 'treasonous conspiracy' to undermine the presidency of Donald Trump. That is patently false. In making those allegations, they seek to rewrite history. We want to set the record straight and, in doing so, sound a warning. Let's recap. The Trump administration's claims focus on the intelligence community's findings about Russian interference in the 2016 U.S. presidential election, which were published in January 2017. The assessment found that President Vladimir Putin of Russia had ordered an influence campaign to undermine public faith in the U.S. democratic process and harm the electability and potential presidency of the Democratic candidate, Hillary Clinton. The assessment also found that the Russians had developed a 'clear preference' for Mr. Trump and aspired to help his election prospects. It further stated that the Russians employed a variety of tactics as part of this campaign, including hacking into the email accounts of Democratic Party organizations and officials and publicly releasing the stolen data through digital allies. Those covert activities were complemented by the overt but disguised efforts of Russian government intelligence agencies, state-funded media, third-party intermediaries and paid social media users. As stated in the assessment, Mr. Putin himself ordered Russian intelligence to conduct the campaign. While some external critiques have noted that parts of the Russia investigation could have been handled better, multiple, thorough, yearslong reviews of the assessment have validated its findings and the rigor of its analysis. The most noteworthy was the unanimous, bipartisan, five-volume report issued by the Senate Select Committee on Intelligence, whose Republican members at the time included Marco Rubio, now the secretary of state, and Senator Tom Cotton, now the committee chairman. 'In all the interviews of those who drafted and prepared the [assessment], the Committee heard consistently that analysts were under no politically motivated pressure to reach specific conclusions,' the Senate report said. 'All analysts expressed that they were free to debate, object to content and assess confidence levels, as is normal and proper for the analytic process.' The special counsel John Durham, who was appointed during Mr. Trump's first term to investigate how the Russia probe was conducted, similarly found no evidence of an Obama administration conspiracy against Mr. Trump. But he affirmed the findings of the special counsel Robert Mueller, who conducted a separate investigation into the allegations, which found ample evidence of Russian interference in the election. More recently, the C.I.A.'s Mr. Ratcliffe ordered yet another review of the 2017 assessment, which determined that its 'level of analytic rigor exceeded that of most [intelligence] assessments.' Want all of The Times? Subscribe.
