CONCORD — If you have received what appears to be an email from E-ZPass, saying you owe a missed toll, do not click on the link in the email.
It’s an Internet “phishing” expedition by scammers trying to fool people into giving out their bank account numbers.
The phony emails are even going to people who don’t have E-ZPass accounts. That’s because they don’t come from E-ZPass, which never sends emails about tolls missed. Those invoices come via snail mail, through the U.S. Postal Service.
New Hampshire Transportation Department spokesman Bill Boynton said Wednesday that he’s been hearing about such emails, that are awkwardly worded, for several weeks, and and there is a warning about them on the NH E-ZPass website.
But Boynton said the scammers aren’t limiting themselves to Granite State residents. “It appears to be widespread,” he said, with his department hearing from other states. An Internet inquiry for “E-ZPass scam” brings up stories from just about every state where E-ZPass is used.
One of the Granite Staters who received such an email, Stanley Chapman, said it looked official, with the recognizable purple and black E-ZPass logo. It said:
You have not paid for driving on a toll road. This invoice is sent repeatedly,
“Please service your debt in the shortest possible time.
The invoice can be downloaded here.”
The word “here” was a link, which Chapman did not open. He was immediately suspicious, because he couldn’t imagine how he could have done so since he keeps his account up to date.
He was also suspicious because of the return email: ft.parsons.edu. He called the NH E-ZPass toll-free number and found out the email was a scam.
The key to safety is not clicking on the “here,” which can enable the scammers to load malware onto your computer and ultimately access a bank account.
Chapman said he could understand how someone could have found his email. “It must be floating out there,” he said, but he wanted to be sure the scammers hadn’t hacked a server somewhere and were able to access his bank account.
Boynton said: “It’s not specific to E-ZPass customers.” He said scammers send out many emails, not worrying about whether the recipients are actual customers, because they only need a few people to be gullible and click on the link. “They will try any and all angles,” he said, to net a few victims.
But he said it’s not like the situation when hackers breached retail companies’ servers. “There’s no suggestion that the (E-ZPass) systems have been compromised,” he said.