Fake Toll Violation Notice Redirects Users To Apparently-Hijacked Church Website In Ontario
U.S. drivers with and without electronic toll accounts have been receiving emails purporting to represent the E-ZPass electronic toll system. The phishing notices have been sent since at least July 8, 2014, and the emails warn users of an unpaid toll that must be paid. The spoof emails use the E-ZPass logo, but they do not originate with E-ZPass or any other state agency.
The emails read, “You have not paid for driving on a toll road. This invoice is sent repeatedly.” The sentence structure and capitalization of the emails do not follow English grammar rules, even to the point of a blatant error at the start of one sentence. “[P]lease service your debt in the shortest possible time,” the email reads, with an obvious capitalization error at the start of the sentence.
TurnpikeInfo.com has received several queries from website visitors asking if the emails are authentic. The spoof demand for payment is completely fake. Furthermore, it does not originate with E-ZPass or with TurnpikeInfo.com.
Instead, the the alleged sending email address is from the domain GlobalOpen.org, using the email email@example.com. The website, itself, is a blank page, and a review of source code shows no content of any kind. The domain name is owned by a man named Mobashar Yazdani, according to the Whois database maintained by the sponsoring registrar company, 1and1.com. It is unknown whether the emails are actually being sent from GlobalOpen.org. Mr. Yazdani’s email address is listed as firstname.lastname@example.org.
Spoof Toll Collection Link Sends Users To Church Domain In Canada
TurnpikeInfo.com sent an email to the developer of the website, Sault Ste Marie Web Design, in Sault Ste Marie, Ontario, Canada, warning that their client website may have been compromised. At the time of the writing of this article, we had not received a reply.
Toll Violation Notices Are Only Sent Via Postal Mail
If a driver has violated a toll barrier or has a toll invoice to be paid, states’ Departments of Transportation always send the invoice to the address of the registered vehicle using the U.S. Postal Service. Email is never used by state agencies when attempting to collect tolls, either on account or for a violation.
However, even the postal mail has fallen victim to scammers, in recent months. The state of Florida warned drivers in early April of fake toll collection notices that were being sent to drivers across that state, eventually issuing a media warning and issuing pictures of a real toll notice, so that drivers would know how to spot an authentic invoice.