Malware : E-ZPass Unpaid Toll Email Links to Malware Website
Email purporting to be from US toll collection system E-ZPass claims that the recipient has not paid for driving on a toll road and should click a link to download an invoice.
The email is not from E-ZPass. It is a criminal ruse designed to trick you into downloading malware to your computer. If you receive this message, do not click any links or open any attachments that it contains.
From: Collection Agency
Subject: Pay for driving on toll road
E-ZPass Service Center
You have not paid for driving on a toll road. This invoice is sent repeatedly, please service your debt in the shortest possible time.
The invoice can be downloaded here.
'E-ZPass' Email Claims Recipient Has Unpaid Toll
Inboxes are currently being hit by emails that claim to be from US toll collection service E-ZPass. The email claims that you have not paid for driving on a toll road and should therefore click a link to download an invoice.
The email, which includes the E-ZPass logo, claims that the invoice has already been sent to you repeatedly and warns that you should service your debt 'in the shortest possible time'.
Email is Not From E-ZPass - Links to Malware
However, E-ZPass did not send the email and has no connection to it. And, the claim that you should follow a link to settle an unpaid toll debt is a lie.
In fact, clicking the link will take you to a website that harbours a version of the Asprox/Kuluoz malware
hidden inside a fake invoice .zip file. Once installed, the malware
attempts to download further malware and allows criminals to maintain control of the infected computer.
Subject lines and other details in the malware emails may vary.
New York State Thruway has published a notice on its website
warning users about the bogus E-ZPass emails.
If you receive one of these emails, do not click any links or open any attachments that it contains.
Last updated: July 11, 2014
First published: July 11, 2014
By Brett M. Christensen