A fake notice passed off as coming from Autostrade per l’Italia for an alleged «unpaid toll» is forcefully returning “to the charge”. The text of the message is as follows: «Autostrade per l’Italia: there is an unpaid toll. Amount €6.50. Pay securely by (…) », followed by the date and the link which, however, once clicked, collects sensitive information from the victim of this scam. The mechanism of this new scam is simple only in appearance: a message invites you to click on a link to avoid penaltiesbut behind this request lies a complex technical infrastructure, designed to imitate the official Autostrade per l’Italia website. Being able to understand how the Autostrade per l’Italia fake SMS scam works it is the starting point to be able to defend yourself from online fraud which could potentially claim numerous victims.
How the Italian motorway toll scam works: SMS alert
To be able to recognize the scam one fact must be clear: Autostrade per l’Italia never requests urgent payments via SMS or e-mail. Failure to pay the toll can be regularized within 15 days without additional costs, and any authentic reminders always have a clear expiry date. If a message leverages the psychological pressure, Surely it does not come from Autostrade per l’Italia. Another sign that should alert you concerns the request for personal data: passwords, card numbers, bank details, etc., are never asked via SMS, email or WhatsApp by serious companies, and Autostrade per l’Italia is no exception.
From a technical point of view, a key indicator is represented byURLi.e. the address of the web page included in the communication received via SMS. If the URL begins with “http://” and not for “https://” (therefore it does not include the “yes”), you are certainly faced with a dangerous address. Even if the “https://” protocol is present, however, you should still be careful: in some cases, scammers may still be able to use the latter to make their communications more convincing (as can be seen from the following screenshot).
To dispel any doubt, also check the domain name. In the most recent campaigns the typosquattinga technique that consists of registering domains that are very similar to real ones, with small variations in letters (for example “autostiade.com” And “autostedu.com” in the place of “autostrade.it”).
There is also a need to reiterate the importance of paying attention CERT-AGIDThe Computer Emergency Response Team of the Italian Public Administration, according to which the campaign in question mainly uses the smishingi.e. phishing via SMS. The malicious link included in the fake SMS attributed to Autostrade leads to a site that graphically copies the authentic one and asks for data such as plate, telephone number And payment card. The most advanced part is that the behavior of the site changes based on the device: from a computer it can redirect to the real site, while from a smartphone it shows the fraudulent page. This serves to fool both the user and some automatic security scanners.
What makes the scam attempt serious is also the so-called phishing-as-a-service: “ready-to-use” packages sold on the Dark Web, which allow even inexperienced criminals to launch complex scams. These kits can intercept not only card data, but also OTP (One Time Password), or the temporary codes used by banks and payment institutions, and the codes 3D Securei.e. the security protocols used to authenticate transactions and make them more secure. The malicious server recognizes the card circuit (VISA, MasterCard, American Expressetc.) and shows a fake page of the corresponding bank, imitating the interfaces of Italian institutions.
How to protect yourself from the Autostrade fake SMS scam
In light of what has been said, therefore, the only weapon we have available for protect ourselves from the Autostrade fake SMS scam is to learn to distinguish true communications from false ones. Once you have understood the fraudulent origin of a communication, you must then carry out these three important actions.
- Do not click on any links.
- Do not provide any personal data.
- Report the incident to Autostrade per l’Italia (using the email [email protected]) and to CERT-AGID (via the address [email protected]).
