A new phishing scam attacking e-mail users has surfaced this month. The e-mail imitates the E-ZPass Service Center, the electronic toll collection system, and uses E-ZPass colors and logo to appear authentic. The subject line reads something like, "In arrears for driving on a toll road." The text is vague, but informs the recipient that they "have not paid for driving on a toll road." The e-mail then asks the user to download an invoice to remit payment of the unpaid toll as soon as possible.
The e-mail is not legitimate and the link to the invoice actually contains a virus that can adversely impact your computer's performance and/or steal passwords or other sensitive information.
According to E-ZPass, they do not, and will not, send invoices via e-mail. All E-ZPass invoices are sent through United States Postal Service.
What to do:
- Notify your users immediately! Tell them to be wary of any e-mail messages with unexpected links or attachments. Any suspicious e-mail should be verified as legitimate before clicking on any link. If in doubt, DELETE it!
- Pay attention to your antivirus notifications regarding authorization of any new downloads. Be sure you know what you are downloading and click NO to anything suspicious.
- Verify your backups and make sure they are operating properly. Hopefully, you won't need it, but if you do, you'll be glad to know it's up-to-date.
- If you become infected, instantly remove the device from the network and shut it down. Contact Daystar immediately for assistance.
