Cybersecurity experts are warning about a large-scale SMS phishing operation aimed at toll road users across multiple U.S. states for financial theft. Researchers from Cisco Talos have traced the attacks to a group of financially motivated threat actors utilizing a phishing kit by 'Wang Duo Yu.' These campaigns impersonate electronic toll collection systems, misleading users into clicking fake links. Victims are lured into a fraudulent E-ZPass page to provide personal and financial information, emphasizing the malicious strategy behind these ongoing attacks.
The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by 'Wang Duo Yu,' Cisco Talos researchers assessed with moderate confidence.
It's worth noting some aspects of the toll phishing campaign were previously highlighted by security journalist Brian Krebs in January 2025, with the activity traced back to a China-based SMS phishing service called Lighthouse that's advertised on Telegram.
Collection
[
|
...
]