In this article, we'll break down toll-related scams, how they work, list ongoing scams, and give you valuable tips to avoid being scammed. Let’s dive right in!

How Do Toll Phishing Scams Work?

⇒ Toll Scam Modus Operandi: Long Story Short

Scam Detectors Most Trusted Websites in Online Security

Guard.io (100): Surf the web safely. Clean up your browser, remove malicious extensions and check for privacy violations.
Incogni.com (100): Delete your personal data from the internet and protect against scams and identity theft.
ExpressVPN (100) Stay secure and anonymous online - Best VPN Out There

Step 1: Unsuspecting drivers receive a text message about unpaid tolls.

Step 2: They’re directed to a malicious website to make the payment and avoid extra fees.

Step 3: The fake website prompts drivers to enter personal and financial information which is then sent directly to scammers.

Step 4: Scammers collect and use the data for illegal activities or sell it on the dark web.

The simplest and quickest way to pay toll fees is to use an electronic toll collection system (ETC) such as E-ZPass, NZTA, CTR or SunPass.

Scammers target unsuspecting drivers with text messages (aka smishing), claiming they owe an outstanding toll balance that must be paid immediately to avoid late fees. That’s the most common scenario.

The text message also contains a link that directs drivers to a fake website that looks like the official webpage of E-ZPass, NZTA, CTR, or SunPass to pay the charge with their credit card. The goal is to steal personal and financial information. If you click that link, you’ll fall into the scammer's trap. The malicious link leads to a cleverly designed fake webpage that replicates the look and feel of the real toll website. These fake websites appear almost indistinguishable from the real webpages.

Driven by a sense of urgency to avoid extra fees, unsuspecting drivers hurry to enter their personal and financial information, as instructed by the scammers. Sometimes, you’ll be asked to enter additional personal information such as your full legal name, home address, phone number, full debit or credit card details, including the CVV code. All that information is collected by scammers who use it to steal your identity and empty your bank account.

And they won’t stop here. To maximize profits from the information they got their hands on, they’ll probably sell it on the dark web as well. This information can be used by other scammers for additional fraudulent activities such as taking loans in your name. Scammers use various websites that include the word “toll” and even the name of the toll authority in their domain name to gain trust.

For example, SunPassTollsServices[DOT]com is a domain name that scammers used extensively in the past to target Florida’s SunPass users. These websites are quickly taken down once scammers have collected enough information or enough drivers have complained about them. But scammers are quick to set up new websites once the compromised ones have been taken down. These toll scams are rampant across all US states and are also spreading rapidly in countries like New Zealand and Canada.

The FBI has already issued a warning about these rampant toll scams.

Scammers’ modus operandi often includes heavily targeting a particular state for a while, then moving to the next. Speaking of modus operandi, let’s explore in detail two of the most common MOs(Modus Operandi) used by scammers.

Toll Scam Variations

Scenario 1: “Overdue balance” and “late fees”

Scammers will send you a text message, appearing to originate from real toll authorities from your region. For example, if you’re in Florida, the sender will be “PA Turnpike Toll Services”. These messages often create a sense of urgency by using words such as “overdue balance”, “extra charge” and “late fees”. The text will likely contain a link leading to a webpage where you can pay the overdue balance and thus avoid the extra fees.

Scenario 2: Scammers Impersonate Toll Authority Representatives

In this scam variation, scammers send mass emails claiming to be from the roll authority representatives. These emails might come from email addresses that have nothing to do with the official company, such as [email protected]. The subject might be: “Payment for driving on toll road” or “Update your account details”.

The content of the email, as seen in the image above, is:

Dear customer,

You have not paid for driving on a toll road. This invoice is sent repeatedly, please service your debt in the shortest time possible. The invoice can be downloaded HERE (malicious scam link).

Some toll scam emails are so cleverly crafted that even the sender’s email address seems to be that of a real toll authority.

Important! Ongoing Toll Scams Confirmed by Authorities

The E-ZPass Toll Scam

The E-ZPass scam is running wild across the US, with New Jersey, Maine, New Hampshire, Massachusetts, Pennsylvania, Maryland and New York being particularly hit. E-ZPass attracts scammers due to its massive user base. With over 53 million devices in use across 19 states, it offers scammers a large pool of potential victims.

E-ZPass has already issued an official warning to customers about the uptick in fraudulent text messages for unpaid toll fees.

The E-ZPass Group is issuing an alert to all E-ZPass customers about a text messaging scam targeted at customers of tolling agencies across the United States. The scam aims to deceive customers into entering their personal data and financial information to a fake website.

Customers receiving text messages claiming to be sent by “E-ZPass Toll Services” that directs them to click a link to pay an outstanding toll balance to avoid a late fee should be aware that this message is fraudulent. The toll account information provided in these texts is neither valid nor accurate.

E-ZPass warns customers to delete the texts immediately and do not click on any links embedded in the text messages. Customers who have clicked the link and completed the form should immediately contact their financial institution and notify E-ZPass of any erroneous information posted to their accounts.

The SunPass Phishing Scam

SunPass is Florida’s electronic toll collection system. Scammers send unsolicited text messages to drivers informing them about a small toll fee they forgot to pay. As of writing, the following fake websites are being used by scammers [PLEASE DON’T VISIT THESE WEBSITES, WE’RE USING INVALID LINKS FOR THE PURPOSE OF THIS ARTICLE]:

https://myturnpiketollservices[DOT]com

As you can see, the website is already flagged for potential phishing.

Another one is sunpasstollsservices[DOT]com.

sunpasstollsservices-toll-scam — Image Source: Reddit

As a quick reminder, the real SunPass website is sunpass.com.

If SunPass needs to contact drivers, the following email addresses will be used: [email protected] or [email protected]. The only number they’ll use to contact you via text message is 786727.

Delete all the emails that don’t have these two email addresses as the sender. Delete all the text messages that don’t have the official SunPass number as the sender.

The CTR Phishing Scam

This toll scam is targeting Central Texas Regional Toll Services users following the same MO. One of the websites used for this scam was CTRTollServices.com, which has been taken down.

The NZTA Toll Scam

NZTA-Toll-Scam-screenshot — Image Source: Twitter

Drivers from New Zealand are targeted by toll phishing scams with fake text messages about unpaid toll fees supposedly sent by NZTA. The NZTA has already issued an official warning about these ongoing scams.

The 407ETR Toll Scam

If you’re in Canada or passing through, you might think you’re safe from toll scammers. While most scammers target US drivers, Canadian drivers should exercise caution when receiving messages about unpaid toll fees.

Scammers targeting Canadian drivers have taken the scam one step further. They even threatened drivers that their driving licenses would be suspended unless the balance was paid in full.

407ETR-Toll-Scam-screenshot — Image Source: Reddit

Red Flags for Toll Scams

The main red flags for toll scams include:

Unsolicited messages
Urgent payment requests
Suspicious domain names and links
Generic greetings
Poor grammar and spelling

Scammers use different URLs than the official toll website. Always double-check the website you’re visiting is real before entering personal information. If you’re prompted to urgently make a payment to avoid extra charges, that should raise another red flag.

Scammers often use the “pay now or else” scheme to manipulate your emotions and create a sense of urgency, so as to prevent you from pausing and thinking about what you’re about to do. The fact that you’re not being given specific details about the unpaid toll fee should raise another red flag. If a real toll authority were to send you a payment notice, they’d mention at least the date and road you failed to pay for.

Scammers often prompt you to enter personal details the toll authorities either don’t need or already have access to. They may also have grammar errors or awkward phrasing in their messages.

How to Avoid Toll Phishing Scams

Never Click Links Sent via Unsolicited Text Messages

Toll authorities will not send text messages demanding immediate action. Don't click any links from senders who address you as “Dear customer” or “Dear Driver”. If you’ve done something wrong, your name or license plate will be mentioned or photographed. If you receive a text about unpaid toll fees, delete that text message and do not click on any links.

Always confirm a site’s authenticity. The URLs used by scammers are different from the official domain names used by toll authorities. They’re also full of spelling mistakes, such as this one: mysunspasstollsservices[DOT]com.

Always check the website URL before entering personal or financial information, especially when you’re prompted to make an urgent payment.

⇒ Quick Tip:

Scam websites have fresh domain names. If a domain name was registered a few days before you got the message about some mysterious unpaid toll fees, that’s a major red flag.

Go to Scam Detector's Validator tool, enter the domain, and check the registration date.

You can also stay safe from scams like these using Guardio, Scam Detectors trusted partner which blocks such phishing and scam sites.

Verify Directly with the Toll Authorities

If you're not sure the message is real, contact your toll authority directly through their official website or phone number.

Check Your Account Online

Log in to your toll account via the official website, not from a link you received via a text message. Verify your balance and account activity to see if you notice anything unusual.

Beware of Spoofed Sender Names

Scammers can fake sender names to make them look real. Don't rely solely on the sender's name for verification. Always check the email address or phone number that the message was sent from.

What to Do if You’ve Been Scammed

If the scammers managed to deceive you, and you already paid the “outstanding balance”, the first thing you should do is freeze your bank account. Contact your bank and let them know what happened.

Then change the password of your toll account and remove the compromised financial information.

You should also file a complaint with the Internet Crime Complaint Center, or IC3. As a quick reminder, the IC3 is run by the FBI and specializes in investigating cybercrime.

Contact your toll authority and let them know about the scam.

Why Toll Scams Are Particularly Deceptive

-> Urgency and Fear: The messages create a sense of urgency with threats of late fees, making you act fast without checking the facts or asking too many questions.

-> Familiarity: The scammers use the names of real toll authorities and cleverly copy their official websites.

-> Easy Solution: The malicious link offers an easy and quick solution, pushing unsuspecting drivers to click on it without second-guessing it.