Beware Highway 407 Drivers…. This Is One Of The Most Convincing Phishing #Scam Websites I Have Seen In A Long Time
A reader alerted me to a phishing text that is going around that is directing people to https://hwy407etr.com to pay a bill for Highway 407 which is a toll highway in Toronto. The thing is, that this isn’t the actual Highway 407 website. But you’d never know it because it is very well done. Let me illustrate:
This is the fake website. The real one which is https://407etr.com looks like this:
The general theme of the website is pretty much the same, and I can easily see people being caught out if they don’t pay attention to which website they are going to. What’s even more interesting is if you go to “Create My Account” or “Log In”, it takes you to the real Highway 407 website. Having said that, I would close the browser completely and start over by going to the real 407 website just in case the threat actors have done something to try and capture login details.
Now if you click on “Make a Secure One Time Payment” you get this:
You’ll note that the payment amount is already filled in. How does the website know what dollar amount that you owe if you haven’t logged in? Well, it doesn’t because its just a ruse. The endgame becomes clear once you click “Continue”:
The endgame for the threat actors is to snatch your credit card details. Now I wasn’t able to go beyond this because there was logic to check the validity of the card that you entered. But it’s crystal clear what they are up to.
Now as far as I know, the people who run Highway 407 don’t use text messages to communicate to you. So if you get one of these text messages, it’s a scam and you should delete it ASAP.
This entry was posted on February 8, 2024 at 4:25 pm and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Beware Highway 407 Drivers…. This Is One Of The Most Convincing Phishing #Scam Websites I Have Seen In A Long Time
A reader alerted me to a phishing text that is going around that is directing people to https://hwy407etr.com to pay a bill for Highway 407 which is a toll highway in Toronto. The thing is, that this isn’t the actual Highway 407 website. But you’d never know it because it is very well done. Let me illustrate:
This is the fake website. The real one which is https://407etr.com looks like this:
The general theme of the website is pretty much the same, and I can easily see people being caught out if they don’t pay attention to which website they are going to. What’s even more interesting is if you go to “Create My Account” or “Log In”, it takes you to the real Highway 407 website. Having said that, I would close the browser completely and start over by going to the real 407 website just in case the threat actors have done something to try and capture login details.
Now if you click on “Make a Secure One Time Payment” you get this:
You’ll note that the payment amount is already filled in. How does the website know what dollar amount that you owe if you haven’t logged in? Well, it doesn’t because its just a ruse. The endgame becomes clear once you click “Continue”:
The endgame for the threat actors is to snatch your credit card details. Now I wasn’t able to go beyond this because there was logic to check the validity of the card that you entered. But it’s crystal clear what they are up to.
Now as far as I know, the people who run Highway 407 don’t use text messages to communicate to you. So if you get one of these text messages, it’s a scam and you should delete it ASAP.
Share this:
Like this:
Related
This entry was posted on February 8, 2024 at 4:25 pm and is filed under Commentary with tags Scam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.