A nationwide E-ZPass text scam has intensified, targeting residents across Minnesota and beyond. Fraudulent messages, resembling those from the Minnesota Department of Transportation (MNDOT) and the E-ZPass program, are luring unsuspecting individuals into providing sensitive information or money under false pretense. With the FBI now involved, authorities are warning the public about this widespread phishing campaign.
Initially reported on March 24, 2025, the scam involves texts claiming recipients owe money for unpaid tolls, sometimes as low as $6.99. Recipients are directed to click links, which can result in serious consequences, including identity theft. Cybersecurity expert Jason Baker from GuidePoint Security advises against interacting with such messages. “First things first, do not engage,” Baker warns, noting that these text scams utilize unfamiliar country codes and suspicious links that lack standard domains like .com, .org, or .gov.
This has become a major issue, especially after the Anti-Phishing Working Group (APWG) categorized the scam as an ‘infrastructural attack’ affecting countless individuals. According to reports, over 19 billion spam texts were disseminated in February alone, marking a significant escalation of digital threats targeting Americans.
These texts not only threaten penalties but also impersonate legitimate toll agencies like E-ZPass and others. Notably, the fraudsters are using sophisticated phishing kits created by Chinese cybercriminals, which automate the sending of these scam messages and the creation of fake websites designed to harvest personal information. With scammers rotating through numerous phone numbers, this makes the filters used by tech giants like Apple and Google less effective in blocking fraudulent texts.
“They don’t care about the seven dollars,” said cybersecurity researcher Aidan Holland. “They want your credit card number.”
The Federal Trade Commission (FTC) also indicated that even minimal engagement with these scam sites could lead to identity theft for those who inadvertently interact with them. Victims are therefore urged to delete such texts immediately and report them to relevant authorities.
The scope of this scam is alarming, with the FBI logging over 60,000 reports related to these fraudulent texts and tracing their origins to a network of scammers operating predominantly in China. Officials have noted the growing sophistication of these attacks since early 2024, highlighting a worrying trend where cybercriminals adapt and mutate their strategies to remain undetected.
With scams evolving rapidly, similar schemes have emerged, targeting individuals with false claims of unpaid utility bills, missed packages, and even cryptocurrency breaches. In total, imposter scams were the second most prevalent form of fraud in 2023, leading to victims losing nearly $3 billion in the U.S.
While the threat of these scams looms large, cybersecurity experts stress that individuals can take steps to protect themselves. Recommendations include registering for official electronic toll accounts, using credit cards for better fraud protection, and actively monitoring accounts for unauthorized charges. Furthermore, enabling two-factor authentication can enhance security and safeguard personal data.
For anyone who has received one of these unsolicited messages, the message is clear: it’s crucial to stay vigilant. If you suspect you may have already fallen victim to one of these scams, contact your bank or credit provider, dispute unauthorized charges, change your passwords, and report the incident to the authorities.
As the FBI continues to investigate this phenomenon, the best defense against such a widespread issue is awareness and education. Individuals should familiarize themselves with how these scams operate and be prepared to act swiftly if they suspect foul play. Whether it’s E-ZPass or another service, being proactive can help avoid the fallout from what might seem to be a minor inconvenience but could lead to significant financial repercussions.
