Express Toll scams come on a monthly basis now. Two of the latest:
From: [email protected]
From: [email protected]
Both are posing as the E-470 Public Highway Authority (of which there is none) and threatening DMV penalties, including vehicle impoundment, if the toll is not paid.
Payment address for the first is:
https://expresstoll.com-ronc.win/us
Payment address for the second is:
https://expresstoll.com-tiznqmeny.world/pay
Screenshots of the actual text are attached if needed.
Hereโs a new one
๐-๐ญ๐ฃ๐ฎ๐๐ ๐ก๐ผ๐๐ถ๐ณ๐ถ๐ฐ๐ฎ๐๐ถ๐ผ๐ป: Immediate action ๐ถ๐ ๐ป๐ฒ๐ฒ๐ฑ๐ฒ๐ฑ to ๐ฟ๐ฒ๐๐ผ๐น๐๐ฒ ๐ฎ ๐๐ผ๐น๐น ๐ฑ๐ฒ๐ฏ๐ on ๐๐ผ๐๐ฟ ๐ฎ๐ฐ๐ฐ๐ผ๐๐ป๐. Make ๐ฝ๐ฎ๐๐บ๐ฒ๐ป๐ ๐ฏ๐ ๐ ๐ฎ๐ ๐ญ๐ฌ, 2025 ๐๐ผ avoid further ๐ฝ๐ฒ๐ป๐ฎ๐น๐๐ถ๐ฒ๐.
๐๐ฎ๐ถ๐น๐๐ฟ๐ฒ ๐๐ผ ๐ฎ๐ฑ๐ฑ๐ฟ๐ฒ๐๐ ๐๐ต๐ถ๐ ๐ถ๐๐๐๐ฒ may result ๐ถ๐ป ๐ฎ๐ฑ๐บ๐ถ๐ป๐ถ๐๐๐ฟ๐ฎ๐๐ถ๐๐ฒ ๐ณ๐ฒ๐ฒ๐, ๐น๐ฒ๐ด๐ฎ๐น collection procedures, ๐ฎ๐ป๐ฑ possible suspension.
Review and resolve here: https://rb.gy/bek9fc?LfB=###### {๐ฆ๐ด:๐๐ข:๐๐ข:๐ซ๐ฆ:๐ฒ๐:๐ฑ๐ฅ:๐จ๐ซ:๐๐ณ:๐ฉ๐ญ}
The URL redirects to https://ezpassxo.com/ny?LfB=###### where ###### is a six-digit alphanumeric ID. I tried various combinations and they all return the same phishing site so it may just be an ID for accounting purposes.
The site collects various personal information and attempts to charge a small amount to a credit card. It seems that it does some CC validation since fake CC numbers from fakenamegenerator.com are rejected.
You must set your browser user-id to a common mobile browser (Safari on iOS or Chrome on Android).
