Unpaid toll bill, E-Zass-Text fraud, which is fueled by telegram sellers

A rush of undesirable texts to the Americans’ phones in the past few months, in which it is claimed to owe unpaid toll and e-Zass calculations, is more than an anger. It is the end of an elaborate online syndicate of Chinese-speaking fraudsters to sell prepared cyber criminance kits for telegram to steal credit cards and personal information, tells NBC News.

The exact wording is different, but the fraud texts generally give the recipient to give a toll payment and owe a small fee that may grow if it is not paid and contain a link to a wrong payment website.

Authorities in the United States, including New York, Virginia, Maryland and Indiana, have warned of fraud.

The FBI’s Internet Crime Complaint Center has received more than 60,000 reports on the fraud, a spokesman for the agency told NBC News.

No US authorities have made public statements where the fraud comes from, and at least some said they were in the dark about their origin.

“We have no idea who is behind it. We only know that it always comes and it changes every few days, ”Jennifer Givner, spokeswoman for New York State Thruway Authority, told NBC News.

“We take care of a few dozen calls every day, calling people to make sure,” she said.

But cybersecurity researchers have found a flourishing loose network that is devoted to the fraud on the social media and messaging platform Telegram based in Dubai. Cybercriminal praised their tools in Chinese to send the fraud texts and steal the victim’s credit cards, and even offer to license programs called Phish Kits that rationalize the process for other people in order to carry out the entrance participation. In the phish kits, fraudsters can operate authentically looking payment pages in order to steal the private information of the victims.

“There are many people who use the kits. There is no person, ”said Genina Po, a threat researcher who pursues the fraudsters of the Cybersecurity Company Proofpoint to NBC News.

“Many of them are Chinese users. The Chinese language is a large part of this scene, ”she said.

The cyber criminal underground buys, new to pack and sell large data records with chopped phone numbers, which makes it easier for aspiring frauds to acquire numbers in large quantities and to carry them out themselves.

Last year, companies that retain the telephone numbers of the customers sent more than 100 million messages to the victims who informed them that their telephone number may have been included in a chopped database according to the identity theft center, a non -profit company in California.

Ford Merrill, a researcher at Secalliance, a subsidiary of the CSIS security group of the Cybersecurity Company, has followed the fraud in telegram channels since 2023 and has informed NBC News that he has escalated quickly in recent months.

Telegram, which has long been marketed as an unone -experienced bastion of freedom of speech, is a hub for cyber criminal activities. After the CEO of Telegram, Pavel Durov, was arrested and charged by the French authorities, he said that he took steps to moderate the platform better. The company did not answer a request for comment for this story.

The same phishing kits that now tell the victims that they have unpaid toll fees told them that they had missed US -Post -Service packages, he said. The USPS warned of this fraud in July.

The toll fraud seems to work partly because it often asks for a small fine and appears to be a reasonable request, said Merrill. This scheme is escalated because fraudsters worked and “have no concerns about the copy of the other”, he said.

“If one of them immediately finds out that something is effective, the others basically bounce on it and copy it immediately. For example, at the beginning of February, they started seeing the first toll roads in the United States within a few days.

The fraud can be used to steal both the personal data of the victim and their payment details, and enables cybercriminals, an Apple or Google letter pocket to add the victim’s credit cards.

Videos published in Telegram and displayed by NBC News show how the fraudster can see this information in real time if a victim can enter his personal and payment information on the fake payment page.

If the person enters your credit card number, your phishing kit creates a fake, scanning credit card that the fraudster scan and insert into his Apple or Google Wallet. This can cause Apple or Google to send the victim a text message code to check their identity. But if the victim does not read the text carefully, it can copy it and insert it into the fake payment page, as this is part of a legitimate payment process.

Phishing kits that were advertised in the telegram offers a variety of toll fees to imitate both in the USA and around the world.

A telegram channel that is viewed by NBC News advertises that your KIT can imitate topics from the USA, including the Bay Area Fastrak, E-Zass, Georgia’s Peach Pass, Oklahomas Pike Pass and Louisiana’s Gauxpass.

It is unclear what, if at all, the fraudsters can stop. A spokesman for the CTIA, a trading group that represents the most important American telecommunications companies such as AT&T, T-Mobile and Verizon, said in an email declaration that the industry is “striving to protect consumers from illegal and non-confident SMS messages, but it increasingly depends on the Americans with deteriorated news that is not up to date.

Apple rejected a statement. Samsung did not respond to a request for comments.

In an e -mail declaration, a Google spokesman said, “Security is the core of the Google Wallet experience and we work closely with map exhibitors to prevent fraud.”

In contrast to Russia, where cybercriminals that aim abroad are constitutionally before delivery, China has extradition contracts with some countries, although it no longer has the United States. The Ministry of Justice is responsible for the accused hackers at regular intervals when it worked for Chinese intelligence, although there is little hope that they will be arrested.

The FBI did not answer questions whether it knows the identity of the fraudsters or plans to take measures against them.

A spokesman for the Chinese embassy in Washington, DC, said NBC News in a declaration of email that the state’s government is “firm, in combating telecommunications and online fraud, against cross-border illegal and criminal activities and the protection of the rightful rights and interests of Chinese citizens.”

“At the same time, we also ask the Chinese citizens overseas to strictly adhere to local laws and regulations and not to take part in illegal and criminal activities,” it said.