Alert: Don’t Get Fooled By the NYMailTolls.com Toll Scam

A text message scam has emerged targeting New York residents with fake unpaid toll violations. The messages claim the recipient must pay toll balances immediately and provide a link to “NYMailTolls.com”. However, this domain directs to a fraudulent phishing website designed to steal personal and financial data.

In this comprehensive guide, we will dissect the NYMailTolls.com scam from top to bottom. First, we will overview the scam operations and objectives. Next, we will do a step-by-step breakdown of how the scam ensnares victims. We will also outline measures you should take if you were unfortunate to fall for the trickery. Finally, we will summarize the key lessons learned to avoid this in the future.

Tolls by Mail NY Services scam

An In-Depth Overview of the NYMailTolls Scam

The NYMailTolls.com scam begins with text messages sent en masse to phones across New York. The messages follow this general template:

“NYMailTolls: You have an unpaid toll balance. Go to NYMailTolls.com now to pay and avoid additional penalties.”

The domain name sounds legitimately tied to toll payments. However, in reality it is an elaborate phishing site designed to mimic official portals and steal entered data.

The Objectives of the Scam

The end goal of this scam is simple – to trick users into inputting sensitive personal information that can then be exploited for financial fraud.

Specifically, the scammers aim to:

  • Deceive recipients about owing NY toll fees
  • Get users to visit the phishing site by posing as a billing portal
  • Collect personal data like names, addresses, phone numbers
  • Steal credit card information when victims try to “pay balance”
  • Resell this data on the dark web or use it directly for ID theft

Tolls by Mail NY Services 2

How Did This Scam Originate?

The source of this scam is unclear, but most signs point to an organized criminal entity. Spoofing toll agencies provides a clever angle of attack for several reasons:

  • Toll billing is inherently confusing, making “violations” seem plausible
  • Most people dislike tolls and are quick to trust notices to avoid fees
  • New York’s bridge and tunnel tolls are high, provoking urgency
  • E-ZPass complications enable deception about unpaid balances

Additionally, the rise of SMS marketing software enabled efficient text blast capabilities ideal for spreading this scam far and wide.

Scope and Scale of the NYMailTolls Scam

This scam campaign peaked in early 2023, with victims reported across New York City and the broader metropolitan area. Staten Islanders appeared to be targeted most aggressively.

Hundreds of toll-related phishing domains like NYMailTolls.com popped up to support the ploy. The operation likely netted the scammers thousands of stolen identities and credit card numbers.

While the scam has slowed, isolated reports continue to surface. And new variants could arise at any time. Authorities believe many victims never came forward, so its true impact may be grossly underreported.

How the NYMailTolls.com Scam Tricks Victims

Now that we have outlined the scam overview, let’s examine the step-by-step process victims are manipulated through:

Step 1: The Recipient Receives a Text Message

The scam initiates with an unsolicited text sent to the target’s mobile phone. The sender ID is usually a 10 digit number or random letter string.

The message follows this general format:

“NYMailTolls: You have an unpaid toll balance. Go to NYMailTolls.com now to pay and avoid additional penalties.”

The domain name sounds plausibly connected to toll payments but actually directs to a phishing site.

Step 2: The Message Triggers Urgency

The content of the text is carefully crafted to trigger urgency in the recipient. It states they have an “unpaid toll balance” that must be addressed “now” to “avoid penalties”.

These phrases spark concern over owing money and facing late fees. Most people will rush to resolve the issue. This gets them to visit the scam website.

Step 3: The Recipient Visits NYMailTolls.com

Anxious about late toll payments, the recipient will click the link to pay the supposed outstanding balance.

The domain name contains “toll” and “pay” keywords that seem legitimate. But in reality, it sends visitors to a fraudulent phishing website.

Step 4: The User Lands on the Phishing Site

When users click the link, they are taken to the fraudulent NYMailTolls.com site. The site is dressed up to precisely mimic official toll payment portals.

Everything from branding, logos, fonts, messages, and the UI is engineered to look real. But it is a complete scam operation.

Step 5: The User Tries to Pay the Fake Balance

The phishing site displays an unpaid toll balance amount the victim “owes”, often $10-20. Worried about late fees, the user tries to pay this fake balance.

The site asks the user to enter their personal and payment card details including:

  • Full Name and Address
  • Phone Number
  • Credit Card Number
  • CVV Security Code
  • Expiration Date

Step 6: The Scammers Steal Entered Payment Details

Armed with the credit card info, names, addresses, and other data entered, the scammers can now use it or sell it online.

They may make fraudulent purchases with the card numbers or sell the info on dark web marketplaces.

Meanwhile, the oblivious user thinks they resolved a toll violation. They will only realize the deception later when fraud occurs.

How to Identify the NYMailTolls.com Scam

While the scammers make this scam hard to detect, there are key signs you can watch for:

Suspicious Text Message

  • Comes from unknown 10-digit or random alphanumeric sender ID
  • Contains threatening language demanding immediate payment
  • Link in the text directs to NYMailTolls.com specifically

Phishing Website Red Flags

  • URL does not match official toll agency domains like E-ZPass
  • Branding copies logos/graphics but contains small mistakes
  • Poor grammar, spelling and site design expose illegitimacy

Dubious Payment Claims

  • The “unpaid balance” amount seems made up or arbitrary
  • You have no recollection of incurring any toll violations
  • The toll agency referenced is not one you’ve used before

Lack of Confirmation

  • Official toll agencies send confirmation emails after collecting payments
  • If you don’t receive a confirmation, the payment was fraudulent

Trust your instincts. If anything seems suspicious, avoid providing personal data and contact toll agencies directly to verify before taking action. Look for these scam indicators to avoid potential traps.

What to Do If You Are Targeted by the NYMailTolls Scam

If you receive a text directing you to NYMailTolls.com or fall victim to the phishing site itself, take the following steps immediately:

1. Do Not Click Any Links

If you receive a suspicious text, do not click the link within it no matter how legitimate it appears. Contact toll agencies directly instead.

2. Call Your Phone Carrier

Contact your cell phone carrier and report the scam text. They can investigate the suspicious sender ID and block future messages.

3. Check with Toll Providers

Reach out to legitimate toll providers like E-ZPass that service New York to verify if you actually have unpaid toll balances.

4. Notify Your Bank

If you entered payment information, call your bank and credit card companies immediately. Alert them to the potential identity theft and fraudulent charges.

5. Reset All Passwords

Assume any passwords you entered on the phishing site are compromised. Rapidly reset passwords on all critical online accounts. Enable two-factor authentication as well.

6. Place Fraud Alert

Contact credit bureaus to place a fraud alert on your name and SSN. This makes it harder for scammers to open new accounts in your name.

7. File a Police Report

File a complaint with local law enforcement about the scam text and site. Provide all details available to aid investigation efforts.

Frequently Asked Questions About the NYMailTolls.com Scam

1. What is the NYMailTolls.com scam?

The NYMailTolls.com scam is a phishing scam where scammers send text messages claiming recipients have unpaid NY toll balances. The texts provide a link to NYMailTolls.com, which is a fake website designed to steal personal and financial information.

2. How does the NYMailTolls.com scam work?

The scam begins with an urgent text message stating you have unpaid toll balances and must pay immediately. If you click the link, you are taken to a convincing but fraudulent website. You are prompted to enter credit card and personal details to “pay the balance”, which the scammers steal.

3. What techniques do the scammers use?

The scammers use urgency tactics in the text to get you to click the link. The phishing site mimics real toll payment sites with logos, branding and web copy. This fools users into entering sensitive data which is stolen.

4. What information did the scammers collect with NYMailTolls.com?

The phishing site collected full names, addresses, phone numbers, credit card numbers, security codes, and expiration dates. This gave them the ability to commit financial fraud.

5. How can I recognize the NYMailTolls.com scam?

Warning signs include texts from unknown senders about unpaid tolls, threatening language demanding immediate payment, suspicious links, and the NYMailTolls.com domain specifically.

6. What should I do if I get a text linking to NYMailTolls.com?

Do not click the link or provide any information. Contact your cell phone carrier to report the scam text. Verify with toll agencies directly if you actually have any unpaid balances.

7. What steps should I take if I entered my information?

Immediately call banks and credit card companies and inform them of potential fraud. Place fraud alerts on your credit reports. Reset all account passwords and security questions. Monitor statements for suspicious charges.

8. How can I protect myself from the NYMailTolls.com scam?

Use unique passwords on all accounts and enable two-factor authentication when possible. Never click links in unsolicited texts. Independently verify any payment notices with providers before taking action.

9. How extensive was the NYMailTolls.com scam?

The scam peaked in early 2022, affecting thousands in the NYC metro area. While it has declined, isolated incidents still occur and new variants could arise. Many victims likely never reported, so its reach is underestimated.

10. What should I do if I encounter a new toll payment scam?

Avoid clicking any links and contact providers directly to verify legitimacy. Report suspicious texts or emails to carriers and authorities. Take preventative measures like placing fraud alerts if personal data was compromised.

The Bottom Line

The NYMailTolls.com scam leverages clever social engineering to steal identities and payment data. By learning the scammer tactics, we can avoid falling victim.

Key takeaways include:

  • The scam starts with texts about fake unpaid toll balances
  • Phishing links direct to fraudulent “payment” sites to steal entered data
  • Contact cell carrier, banks, and toll agencies if targeted
  • Reset passwords, enable two-factor authentication, and place fraud alerts
  • Do not click links in messages – instead call providers directly
  • Report scam texts and sites to law enforcement to aid investigation

While this specific scam has declined, new variations could arise at any time. Stay vigilant about texts requesting payments or personal information. Verify any violation notices directly with providers. Take swift action if targeted to minimize damage. Through awareness and caution, we can protect ourselves.

How to Stay Safe Online

Here are 10 basic security tips to help you avoid malware and protect your device:

  1. Use a good antivirus and keep it up-to-date.

    Shield Guide

    It's essential to use a good quality antivirus and keep it up-to-date to stay ahead of the latest cyber threats. We are huge fans of Malwarebytes Premium and use it on all of our devices, including Windows and Mac computers as well as our mobile devices. Malwarebytes sits beside your traditional antivirus, filling in any gaps in its defenses, and providing extra protection against sneakier security threats.

  2. Keep software and operating systems up-to-date.

    updates-guide

    Keep your operating system and apps up to date. Whenever an update is released for your device, download and install it right away. These updates often include security fixes, vulnerability patches, and other necessary maintenance.

  3. Be careful when installing programs and apps.

    install guide

    Pay close attention to installation screens and license agreements when installing software. Custom or advanced installation options will often disclose any third-party software that is also being installed. Take great care in every stage of the process and make sure you know what it is you're agreeing to before you click "Next."

  4. Install an ad blocker.

    Ad Blocker

    Use a browser-based content blocker, like AdGuard. Content blockers help stop malicious ads, Trojans, phishing, and other undesirable content that an antivirus product alone may not stop.

  5. Be careful what you download.

    Trojan Horse

    A top goal of cybercriminals is to trick you into downloading malware—programs or apps that carry malware or try to steal information. This malware can be disguised as an app: anything from a popular game to something that checks traffic or the weather.

  6. Be alert for people trying to trick you.

    warning sign

    Whether it's your email, phone, messenger, or other applications, always be alert and on guard for someone trying to trick you into clicking on links or replying to messages. Remember that it's easy to spoof phone numbers, so a familiar name or number doesn't make messages more trustworthy.

  7. Back up your data.

    backup sign

    Back up your data frequently and check that your backup data can be restored. You can do this manually on an external HDD/USB stick, or automatically using backup software. This is also the best way to counter ransomware. Never connect the backup drive to a computer if you suspect that the computer is infected with malware.

  8. Choose strong passwords.

    lock sign

    Use strong and unique passwords for each of your accounts. Avoid using personal information or easily guessable words in your passwords. Enable two-factor authentication (2FA) on your accounts whenever possible.

  9. Be careful where you click.

    cursor sign

    Be cautious when clicking on links or downloading attachments from unknown sources. These could potentially contain malware or phishing scams.

  10. Don't use pirated software.

    Shady Guide

    Avoid using Peer-to-Peer (P2P) file-sharing programs, keygens, cracks, and other pirated software that can often compromise your data, privacy, or both.

To avoid potential dangers on the internet, it's important to follow these 10 basic safety rules. By doing so, you can protect yourself from many of the unpleasant surprises that can arise when using the web.