KANSAS CITY, Kan. — How many times have you driven the Kansas Turnpike and thought you forgot to pay the toll? Cybercriminals know it's a common mistake and are using that to their advantage.
If you've gotten an E-ZPass collection text in the last few weeks, you're not alone.
Winnie West, the Kansas cyber security advisor for the Cybersecurity & Infrastructure Security Agency (CISA) said their office has received dozens of reports of scammers posing as toll collectors from Kansas and other surrounding states.
"We just can't keep up with it because ransom as a service is a huge thing," West said.
The texts claim the user has unpaid toll debts and threatens serious consequences if the user doesn't take action by a certain date. The texts also include a link to pay the 'outstanding balance', prompting victims to put in credit card information.
"For somebody that doesn't really know how to look for those specific things, they would have automatically clicked because of the urgency with how the message came across," West said.
West said even she and her family got the smishing text.
"They asked me, 'Hey mom, what do we need to do with this?"' West said.
She told them to not click on the message.
You should be on the lookout for red flags, like a number with a strange area code, the sender is from an unknown email address or anyone claiming to be a government agency demanding money.
"Don't click on the link," West said. "Don't click on anything until you verify that that is truly a valid request."
Smishing scams are becoming more common nationwide, mainly because everything in the 21st century relies on data.
West explained scammers can get real phone numbers through the dark web, data leaks and even social media.
"Through those means is really how they were able to collect and then target those numbers," West said. "Sometimes, they're just spamming those numbers."
Scams can be annoying at best, but malicious at worst. If you already clicked the link, West explained you should contact your bank, reset your passwords and then report it to the CISA.
"There will always be a person that will fall victim to those type of activities, unfortunately," West said. "If you're not aware of what to do and how to protect yourself from those type of cyber criminals, it can be pretty devastating."
If you think you have been targeted with a smishing or phishing scam, you can find resources with CISA.
—
KSHB 41 reporter Isabella Ledonne covers issues surrounding government accountability and solutions. Share your story with Isabella.
