Debunking hoaxes and exposing scams since 2003!

Hoax-Slayer Logo

Malware : E-ZPass Unpaid Toll Email Links to Malware Website


Outline

Email purporting to be from US toll collection system E-ZPass claims that the recipient has not paid for driving on a toll road and should click a link to download an invoice.

E-ZPass unpaid toll malware
Pin to share (Pic will Pin larger)

Brief Analysis

The email is not from E-ZPass. It is a criminal ruse designed to trick you into downloading malware to your computer. If you receive this message, do not click any links or open any attachments that it contains.

Example

From: Collection Agency
Subject: Pay for driving on toll road


E-ZPass Service Center

Dear customer,
You have not paid for driving on a toll road. This invoice is sent repeatedly, please service your debt in the shortest possible time.

The invoice can be downloaded here.

E-ZPass unpaid toll malware


Detailed Analysis

'E-ZPass' Email Claims Recipient Has Unpaid Toll

Inboxes are currently being hit by emails that claim to be from US toll collection service E-ZPass. The email claims that you have not paid for driving on a toll road and should therefore click a link to download an invoice.

The email, which includes the E-ZPass logo, claims that the invoice has already been sent to you repeatedly and warns that you should service your debt 'in the shortest possible time'.

Email is Not From E-ZPass - Links to Malware

However, E-ZPass did not send the email and has no connection to it.  And, the claim that you should follow a link to settle an unpaid toll debt is a lie.

In fact, clicking the link will take you to a website that harbours a version of the Asprox/Kuluoz malware hidden inside a fake invoice .zip file.  Once installed, the malware attempts to download further malware and allows criminals to maintain control of the infected computer.

Subject lines and other details in the malware emails may vary.

New York State Thruway has published a notice on its website warning users about the bogus E-ZPass emails.

If you receive one of these emails, do not click any links or open any attachments that it contains.




E-ZPass unpaid toll malware

© Depositphotos.com/klublub


Last updated: July 11, 2014
First published: July 11, 2014
By Brett M. Christensen
About Hoax-Slayer

References
Inside The New Asprox/Kuluoz (October 2013 - January 2014)
E-ZPass themed emails lead to Asprox
New York State Thruway E-ZPass Warning






Latest Hoax-Slayer Articles