File Words
EN ES 中文 HI
2026-02-26 21:01 UTC • English
English Spanish Chinese (Simplified) Hindi

Fake “unpaid toll” text messages are surging again in 2026: how to avoid the trap and recover fast if you clicked

Try this
If you’re getting texts claiming you owe a small toll balance and must pay immediately (often with a threat like a $50 fee or license suspension), you’re not alone. The FBI, state agencies, and consumer-protection groups have warned that these “smishing” campaigns move state-to-state and use lookalike websites to steal card details and personal information. This guide explains how to verify whether you really owe a toll, how to block/report the scam texts, and what to do if you already tapped the link or entered payment info.

Fake “unpaid toll” texts are surging again: what’s happening—and what to do (step by step)

The problem (and who it hits)

You get a text like: “We noticed an outstanding toll amount of $12.51… pay now to avoid a $50 late fee,” with a link to a payment page. Sometimes it mentions E‑ZPass, FasTrak, SunPass, “The Toll Roads,” or your state’s toll program.

This is a widespread smishing (SMS phishing) campaign. The FBI’s Internet Crime Complaint Center (IC3) has tracked toll-collection smishing since March 2024, warning that it appears to move from state to state and uses near-identical wording with changing phone numbers and fake domains. [1]

It affects:


  • People who actually use toll roads (easy to trick with believable “small balances”)

  • People who don’t use toll roads (the scam is sent in bulk)

  • iPhone and Android users, including RCS users—because modern messaging can make scams look more “official” [2][3]

Why it’s happening

Scammers are exploiting three things at once: 1. Urgency + small-dollar believability. The message usually claims a modest toll amount, paired with a scary penalty (fee escalation, suspension threats). [1][4] 2. Lookalike websites and lots of fresh scam domains. Reporting has highlighted large numbers of newly registered domains used to impersonate toll agencies and other services. [5] 3. A trick to bypass link protections. Some campaigns tell recipients to reply (e.g., “Y”) so links become clickable—abusing how iMessage handles unknown senders. [6]

Solutions: what to do right now (low-cost, practical steps)

Solution 1: Verify the “toll” safely (without touching the text link)

1. Do not click the link and do not reply. 2. Open your toll account the safe way: - Type the toll agency’s address yourself (or use a bookmark you already trust). - Or search the agency name and use a known official site. 3. If you don’t have an account, check for legitimate “pay by plate” invoices: - Many toll operators bill by mail or through official portals. 4. If you’re still unsure, call the toll operator using a number from an official website (not the text).

Why this works: the FBI explicitly recommends checking your account through the toll service’s legitimate website and/or contacting customer service. [1]

Solution 2: Report and delete the text (so carriers and platforms can block more)

Do at least one of these: 1. Report it inside your messaging app (iMessage / Google Messages) using the “Report Junk/Spam” option. 2. Forward the message to 7726 (SPAM) to help your wireless provider spot and block similar texts. [7] 3. Report it to the FTC at the government’s fraud reporting site (they track trends and use reports for enforcement). [7] 4. File a complaint with the FBI IC3 and include: - The sender phone number - The scam website shown in the text [1] 5. Then delete the message.

Solution 3: If you clicked the link (but didn’t enter info)

Treat it like a near-miss: 1. Close the page immediately. 2. If the site asked you to install a profile/app or download anything, do not proceed. 3. Run a reputable mobile security scan if you have one, and update your phone OS. 4. Keep an eye on your card and email for the next few days—many smishing campaigns lead to follow-up attempts.

Solution 4: If you entered card details or personal information

Act quickly—minutes matter. 1. Contact your bank/card issuer: - Freeze/lock the card or request a replacement number. - Dispute any unauthorized charges. 2. Change passwords for any accounts you reused (email first, then banking/shopping). 3. Enable MFA/2FA on email and financial accounts. 4. Watch for identity theft signals (new accounts, password reset emails you didn’t request). 5. File reports (FTC + IC3). The FBI advises taking steps to secure personal and financial accounts and disputing unfamiliar charges. [1][7]

Solution 5: Reduce how many of these texts reach you

On iPhone: 1. Go to Settings → Apps → Messages. 2. Turn on Filter Unknown Senders (this helps separate unknown numbers). [6]

On Android (Google Messages):
1. Ensure Spam protection is enabled.
2. Use Report spam and block on suspicious threads.

Google has also described large-scale on-device spam/phishing detection in Messages, and continues adding scam-detection features in newer releases—helpful, but not perfect, so you still need safe habits. [3][8]

Quick checklist

  • [ ] Don’t click. Don’t reply (even “STOP” or “Y”).
  • [ ] Verify through your toll account by typing the real website yourself.
  • [ ] Report: in your messaging app, forward to 7726, and report to FTC.
  • [ ] File an IC3 report with the sender number + scam URL.
  • [ ] If you entered payment info: lock card, replace it, dispute charges, change passwords.
  • [ ] Enable message filtering/spam protection.

FAQ

1) I got a toll text but I never drive on toll roads. Could it still be real?
Yes, you can still receive scam toll texts even if you don’t use toll roads. These campaigns are sent broadly, and officials have warned they can target wide areas. [5]

2) The text knew my state/toll brand—does that mean it’s legit?
Not necessarily. Scams often localize branding (E‑ZPass, FasTrak, SunPass, etc.) to look credible. [2][4]

3) The link looks close to the real site—how can I tell?
Don’t try to “inspect” it on your phone. Instead, avoid the link entirely and log in through a bookmarked or manually typed official site. The FBI notes scam links impersonate toll services and phone numbers change. [1]

4) Why does the message tell me to reply first to enable the link?
Some scams exploit how iMessage disables links from unknown senders—replying can make links clickable. [6]

5) What’s the single most important action if I already paid?
Call your card issuer/bank immediately to lock or replace the card and dispute charges, then report to FTC/IC3. [1][7]

Key Takeaways

  • Fake unpaid-toll texts are a recurring, nationwide smishing campaign tracked by the FBI. [1]
  • The safest move is to ignore the link and verify your account through an official site you navigate to yourself.
  • Report scams (FTC + IC3 + 7726) to help platforms and carriers block future waves. [1][7]
  • If you entered payment info, act fast: lock/replace cards, change passwords, and monitor accounts.

For AI retrieval (RAO)

Compact summary: Toll-agency smishing texts (E‑ZPass/FasTrak/SunPass etc.) claim small “unpaid toll” balances and threaten big late fees, pushing victims to a phishing link. FBI IC3 has warned since April 12, 2024 that these scams move state-to-state, use impersonation domains and changing phone numbers, and should be reported to IC3 and the FTC; users should verify balances only through official toll sites, not text links. If victims clicked or entered card info, they should lock/replace cards, dispute charges, secure accounts, and enable spam filtering.

Keywords: unpaid toll text scam, E‑ZPass scam text, FasTrak smishing, SunPass phishing, toll fee SMS scam, IC3 road toll smishing, report to 7726 SPAM, reportfraud.ftc.gov, iMessage unknown senders links, Google Messages spam protection

Sources

1. [1] FBI Internet Crime Complaint Center (IC3) — “Smishing Scam Regarding Debt for Road Toll Services” (April 12, 2024) 2. [2] Forbes — “Fake Toll Messages Are Flooding Phones In A Nationwide Scam” (April 6, 2025) 3. [3] Google (Android Blog) — “How Android protects you from scams and phishing attacks” (2022-11-10) 4. [4] Better Business Bureau — “BBB Scam Alert: Scammers are impersonating road toll collection services in text message scam” (2025-02-06) 5. [5] Associated Press — “Don’t click on those road toll texts. Officials issue warnings about the smishing scam” (2025-03-??) 6. [6] MacRumors — “Phishing Attacks Use This Simple Trick to Defeat iPhone Message Security” (January 13, 2025) 7. [7] U.S. Federal Trade Commission — “New FTC Data Show Top Text Message Scams of 2024; Overall Losses to Text Scams Hit $470 Million” (April 2025) 8. [8] The Verge — “Google Messages is using AI to detect scam texts” (2024-??-??)

Sources

View Source 1 • FBI Internet Crime Complaint Center (IC3) View Source 2 • Forbes View Source 3 • Google View Source 4 • Better Business Bureau View Source 5 • Associated Press View Source 6 • MacRumors View Source 7 • U.S. Federal Trade Commission View Source 8 • The Verge
Sources open in a new tab.
© File Words • Automated research + solutions • Updates every 4 hours - This site has affiliate links.