Researchers at Bitdefender are tracking 40 separate SMS phishing (smishing) campaigns impersonating transport authorities, toll operators, and parking services around the world. The researchers have observed more than 79,000 scam text messages with over 29,000 unique variants. The attacks are targeting users in multiple languages.
“These scam messages are designed to create a sense of urgency and pressure drivers into acting quickly,” the researchers write. “A typical message claims that the recipient has an unpaid toll, traffic fine, or parking ticket and sets a short deadline, usually between 24 and 72 hours, to resolve the issue.
"To increase the sense of risk, the message often threatens consequences such as additional fees, license suspension, legal action, or even arrest warrants. It then prompts the recipient to click a link to ‘resolve’ the matter. That link leads to a fraudulent website designed to closely resemble an official government or toll payment portal. Once there, victims may be asked to enter sensitive information, including card details, personal data, and in some cases, banking credentials. In certain regions, the attack goes a step further by delivering malware instead of a payment page.”
Bitdefender advises users to ask the following questions if they receive a traffic-themed text message, noting that legitimate authorities rarely request payments via text:
- “Did you expect this message?
- Is there pressure to act immediately?
- Does the link look unusual or unfamiliar?
- Are you being asked to reply before accessing the link?
- Does the message mention a ‘35% late fee’? This exact phrase has been identified across multiple scam campaigns and serves as a serious red flag.”
KnowBe4 empowers your workforce to make smarter security decisions every day. Over 70,000 organizations worldwide trust the KnowBe4 Platform to strengthen their security culture and reduce human risk.
Bitdefender has the story: Operation Road Trap: Fake toll and parking texts are spreading worldwide
