A North Carolina driver gets a text about a $6.99 unpaid toll on a road she drives every weekday. A Colorado commuter sees a nearly identical message referencing ExpressToll. A New Jersey father taps a link that looks like EZ-Pass and enters his debit card number before it occurs to him that the state turnpike authority has never once texted him. All three are targets of the same scheme, and by the time they realize it, their payment credentials are already in someone else’s hands.
Fake toll-road texts have become one of the fastest-spreading fraud tactics in the country. The Federal Trade Commission’s May 2026 consumer alert singled out toll-road phishing as a rapidly growing subset of imposter scams, the broad fraud category that the agency says cost Americans billions in reported losses. Nationwide fraud losses already surpassed $10 billion in 2023, with imposter scams ranking among the costliest categories each year.
How the scam works
The setup is deliberately mundane. A driver receives an unsolicited text claiming a small unpaid toll, almost always under $15, paired with a threat of escalating penalties or even a suspended license. The low dollar amount is the key: it sits below the threshold where most people would bother to verify the charge, and the threatened late fee injects just enough urgency to prompt a quick tap rather than a second thought.
The link leads to a site built to mimic a legitimate toll-payment portal. Scammers replicate official logos, color schemes, and URL structures that look plausible at a glance. Once a victim enters payment information, the stolen data can be used to drain bank accounts, open new lines of credit, or get sold on dark-web marketplaces. The FTC’s overview of imposter fraud notes that these schemes frequently spoof caller ID information and invoke consequences like license suspensions to keep victims from pausing to think.
A national problem, confirmed state by state
State officials have been sounding alarms since at least 2023, and the warnings keep coming. In March 2025, the North Carolina Attorney General and the North Carolina Turnpike Authority issued a joint alert about a surge in smishing texts targeting NC Quick Pass users, stressing that the state’s toll system never demands payment through a text-message link.
Colorado’s Department of Transportation has been tracking fraudulent texts impersonating Colorado Express Lanes, ExpressToll, and EZ-Pass since at least mid-2023 and says the volume has not slowed. Similar warnings have come from transportation and law enforcement agencies in states including Virginia, Pennsylvania, Massachusetts, Florida, and Texas, confirming that the campaign spans the country rather than targeting any single toll network.
What remains unclear
The FTC tracks imposter fraud as a single broad category. No public data breaks out how much of the total came specifically from toll-text scams versus other variants like fake government-agent calls, business-email compromise, or tech-support fraud. The E-ZPass Interagency Group, which coordinates electronic tolling across much of the eastern United States, has not released its own figures on scam volume or victim counts.
Federal investigators also lack a clear public picture of who is behind the messages. Officials have not detailed whether the bulk of texts originate from a small number of organized groups or from many loosely connected actors copying a proven script. How scammers select their targets, whether through data breaches, random number generation, or regional toll-usage data, remains an open question, and that gap makes it harder to design targeted countermeasures.
Wireless carriers have filters designed to catch bulk spam, but toll-phishing texts frequently rotate sender numbers and use link-shortening services that evade automated detection. No major carrier has published data on how many toll-scam texts its filters block or how quickly new variants bypass existing rules.
How to protect yourself right now
Every toll agency that has issued a warning delivers the same core message: legitimate toll operators do not send texts demanding immediate payment through an embedded link. If you receive one of these messages, the FTC and state officials recommend the following steps:
- Do not tap the link. Go directly to your toll account through the official website or app instead.
- Verify independently. Call the customer-service number printed on your toll statement or posted on roadside signage. Do not use any phone number included in the suspicious text.
- Report the text. Forward the message to 7726 (SPAM), which routes it to your wireless carrier’s fraud team. You can also file a report with the FTC at ReportFraud.ftc.gov or with the FBI’s Internet Crime Complaint Center.
- Act fast if you already clicked. Contact your bank or card issuer immediately to freeze the compromised account. Change any passwords you entered on the fraudulent site and place a fraud alert on your credit file through any of the three major bureaus (Equifax, Experian, or TransUnion).
Why carriers and regulators have not stopped the texts
Toll-text scams exploit a narrow window of plausibility that most other phishing schemes cannot match. The majority of American drivers pass through tolled roads or bridges often enough that a small unpaid balance feels entirely believable, and the threatened penalty feels worth avoiding. That combination collapses the moment of skepticism that might otherwise protect someone from clicking.
The scam also benefits from a reporting gap. Many victims who lose only a few dollars never file a complaint, which means official imposter-fraud totals almost certainly understate the real damage. Scammers rotate phone numbers faster than carrier filters adapt, and no federal agency has announced a dedicated enforcement action targeting toll-phishing networks. Until regulators publish toll-specific loss data, carriers demonstrate measurable progress in filtering these texts, and law enforcement disrupts the groups behind them, the burden of defense falls on individual drivers. The advice from every state that has weighed in is the same: if a text asks you to pay a toll through a link, delete it and go straight to the source.
