Got a suspicious E-ZPass text? Don’t click the link (and what to do if you already did)

March 24, 2025 TH Author

A widespread “smishing scam” is targeting people for their personal information under the guise of unpaid tolls.

In recent months, the American public has been hit with waves of texts claiming they owe unpaid tolls or E-ZPass bills. The FBI’s Internet Crime Complaint Center has logged more than 60,000 reports of the such texts, a spokesperson told NBC News.

Also: These phishing attacks are now targeting Mac browsers – how to protect yourself

Scammers, purporting to be from E-ZPass or other toll providers (like SunPass, Peach Pass, or EZDriveMA), are behind the fraudulent text messages asking for toll payments and urging recipients to click a link to settle their fake bills. Authorities across the US, including in New York, New Jersey, Virginia, Maryland, and Indiana, have warned their residents to watch out for the ongoing scam.

According to cybersecurity experts, the fraudulent E-ZPass texts originate from an online syndicate of Chinese-speaking scammers selling ready-made ‘phishing kits’ on Telegram for stealing credit cards and personal information. The same phishing kit system has been employed for USPS scam texts informing recipients that they missed a package, which many Americans have also received.

How to spot the E-ZPass scam

Luckily, the scam isn’t hard to spot. The fake E-ZPass messages usually threaten that if the person does not pay their balance, they will face consequences such as incurred fines or losing their license entirely.

screenshot-20250305-104739-messages-720 — Screenshot from Alyson Windsor/ZDNET

The texts come from a random number or even an email address featuring a link with a suspicious, shortened URL and insist that urgent action must be taken to address the unpaid toll in question. Some texts will have misspelled words or awkward spacing between words.

img-8190-720 — Screenshot by Matene/ZDNET

Like the scam text pictured above, the scammers usually text from a +63 country code for the Philippines.

The texts also tend to demand small payment amounts. The threatening, urgent tone of the messages and the requirement of only small payments are effective strategies for scammers because toll payments are generally small amounts, and most people expect scammers to demand more.

img-8189-720 — Screenshot by Matene/ZDNET

But it’s not really about the money; the scammers are after your identity. The fake link will direct you to a site where scammers scrape your personal and financial information for their own purposes.

What to do if you get the E-ZPass scam text

Do not click any links. Report the scam text as spam or junk, and delete the message.

If you already clicked the link and sent payment information, you should immediately contact your bank and credit card companies to freeze or monitor your accounts. You should also consider freezing your credit as a general precaution to keep scammers from opening accounts in your name.

Also: Why rebooting your phone daily is your best defense against zero-click attacks

If you only clicked the phishing link and didn’t input personal information, cybersecurity pros at NordVPN recommend putting your phone or laptop in airplane mode, scanning it for malware, backing up your data, and changing your passwords. Read more about their recommendations here.