Hackers Impersonating As Fake Toll Payment Processor Across The U.S.


A convincing phishing scam recently targeted a cybersecurity researcher’s (Jonathan Munshaw) wife with a fake text claiming she owed unpaid New Jersey E-ZPass highway tolls.

The message prompted visiting a fraudulent site mimicking the legitimate E-ZPass website to pay fictitious fines. 

The timing coincided with a recent trip to the state where they have active E-ZPass accounts for automatic toll payment, lending credibility to the scam attempt. 

E-ZPass is an electronic toll collection system used across multiple U.S. states and managed by various agencies, which the scammers exploited by spoofing New Jersey’s official website alarmingly well.

Cybersecurity researchers at Talos Intelligence recently discovered that hackers had been actively impersonating fake toll payment processors across the U.S.

 All-in-One Cybersecurity Platform for MSPs to provide full breach protection with a single tool, Watch a Full Demo

Fake Toll Payment

Many states in the United States are experiencing phishing campaigns in which cybercriminals disguise themselves as toll payment services like E-ZPass. 

The scammers are taking advantage of people’s familiarity with these systems. They usually pay small amounts of money to try to get credit card details and login credentials from individuals who use mobile phones. 

The campaign, which covers New Jersey, California, and Florida, along with an FBI warning, has demonstrated that no organization is immune to this method of social engineering aimed at a service’s user base. 

Being cautious enough to verify such payment requests directly from the original company can help one avoid becoming a victim.

The phishing website (Source – Talos Intelligence)

Over the last three weeks, Cisco Talos disclosed more than twenty vulnerabilities, including two out-of-bounds read bugs in Adobe Acrobat Reader that could lead to the revelation of private memory contents. 

Furthermore, eight vulnerabilities have been discovered on AutomationDirect’s widely used P3 line of PLC CPU modules implemented in industrial systems, while among them, four scored 9.8 out of 10 based on CVSS due to threats like remote code execution using special packets. 

Patches are available, and Snort rules can be deployed to detect exploitation attempts.

According to Talos, users should apply vendor patches as soon as possible to minimize the risk associated with these vulnerabilities.

Get special offers from ANY.RUN Sandbox. Until May 31, get 6 months of free service or extra licenses. Sign up for free.



Source link