LOS ANGELES, CA – A growing scam involving fraudulent text messages disguised as toll collection or package delivery alerts continues to reach thousands of phones across California and beyond, prompting renewed warnings from federal authorities and cybersecurity experts.
The scheme, known as “smishing” — a form of phishing conducted via SMS — has drawn the attention of the Federal Bureau of Investigation and the Federal Trade Commission, both of which have issued public alerts urging Americans to stay vigilant.
Officials say the scam typically involves a text message claiming that the recipient owes money for unpaid highway tolls or needs to resolve an issue with a pending package delivery. The messages usually include a specific dollar amount and a link directing users to a fake payment website. The site is designed to collect sensitive personal and financial data, including credit card numbers, bank account credentials, or even driver’s license information.
“Not only is the scammer trying to steal your money, but if you click the link, they could get your personal info — and even steal your identity,” said Andrew Rayo, a consumer education specialist with the FTC. He added that the agency has received a growing number of reports of people clicking the link and unknowingly compromising their personal data.
The FBI reported receiving more than 2,000 complaints related to toll smishing scams since March 2023. According to the agency, the texts often feature nearly identical wording and links impersonating state-operated toll services. Phone numbers and domain names used in the scams are known to rotate between states, making the operation difficult to trace.
In California, the messages may reference FasTrak — the state’s legitimate tolling system — or mimic the look of communications from Caltrans or regional agencies. But similar scams have been reported in Florida, New York, Texas, Illinois, and other states, as well as in Canada.
A more recent wave of attacks expands beyond toll services. According to researchers at Palo Alto Networks’ Unit 42, a new campaign is now impersonating delivery companies in addition to state tolling agencies. The group said over 10,000 malicious domains have been registered for smishing-related purposes, with many following a specific naming pattern designed to fool users.
“A threat actor leveraging the same naming pattern has registered 10K+ domains for various smishing scams,” the researchers said in a post on X (formerly Twitter). “They pose as toll services for U.S. states and package delivery services.”
While some messages attempt to alarm recipients with urgent warnings of unpaid fees, others offer fake delivery updates or request address confirmations, capitalizing on the widespread use of online shopping and parcel tracking services.
Authorities are urging the public to take specific precautions:
- Do not click on links or reply to suspicious or unexpected texts.
- Verify toll or delivery claims directly through official websites, not through links in the message.
- Use your phone’s “report junk” function or forward spam messages to 7726 (SPAM).
- Once reported, delete the message from your phone.
The FTC stressed that legitimate government agencies and tolling authorities do not contact drivers via unsolicited texts requesting immediate payment. Anyone receiving a questionable message is advised to contact the relevant agency using a verified phone number or website.
The FBI also recommends that victims file complaints through its Internet Crime Complaint Center (IC3), especially if they’ve provided any information or suspect financial loss.
As scammers continue to evolve their tactics, federal and state agencies say they are working closely with cybersecurity partners to monitor suspicious domains and block access when possible. Still, experts emphasize that consumer awareness remains the most effective line of defense.
