A Bitdefender investigation uncovers 40 active smishing campaigns targeting drivers in at least a dozen countries.
Most read
A new Bitdefender investigation reveals an international SMS fraud (smishing) campaign that uses fake notifications about traffic fines, tolls or parking penalties to deceive thousands of drivers.
Between December 2025 and April 2026, cybersecurity researchers detected more than 79,000 fraudulent SMS messages, over 31,900 malicious URLs and up to 40 distinct campaigns that remain active and affect at least a dozen countries, including the United States, Canada, Australia, New Zealand, France, Spain, Colombia, Brazil, India, the United Kingdom, Ireland and Luxembourg.
The attackers’ ultimate goal varies depending on the campaign, ranging from financial theft and the extraction of personal and banking data to the installation of malware capable of intercepting SMS messages, accessing sensitive information on the victim’s device or even taking full remote control.
The messages are delivered in multiple languages –including English, Spanish, French, Portuguese and Hindi– and, according to Bitdefender, impersonate transport authorities, toll operators and parking services.
“These scam messages are designed to create a sense of urgency and pressure drivers into acting quickly. A typical message claims that the recipient has an unpaid toll, traffic fine, or parking ticket and sets a short deadline, usually between 24 and 72 hours, to resolve the issue. To increase the sense of risk, the message often threatens consequences such as additional fees, license suspension, legal action, or even arrest warrants.” the cybersecurity firm explains, adding:
“It then prompts the recipient to click a link to ‘resolve’ the matter. That link leads to a fraudulent website designed to closely resemble an official government or toll payment portal. Once there, victims may be asked to enter sensitive information, including card details, personal data, and in some cases, banking credentials. In certain regions, the attack goes a step further by delivering malware instead of a payment page.”
Bitdefender also warns that these attacks rely on advanced techniques to increase credibility and evade detection systems. These include:
According to Bitdefender, the activity behind this operation –dubbed Operation Road Trap– is widespread and highly coordinated. However, researchers have found no clear links between the campaigns beyond the use of similar lures, and therefore do not attribute them to any specific threat actor or group.
Bitdefender notes that smishing campaigns involving unpaid fines, tolls or parking penalties have been circulating for years, but their scale is now growing rapidly.
To stay protected, the company recommends taking the following precautions if you receive such a message:
A new Bitdefender investigation reveals an international SMS fraud (smishing) campaign that uses fake notifications about traffic fines, tolls or parking penalties to deceive thousands of drivers.
Between December 2025 and April 2026, cybersecurity researchers detected more than 79,000 fraudulent SMS messages, over 31,900 malicious URLs and up to 40 distinct campaigns that remain active and affect at least a dozen countries, including the United States, Canada, Australia, New Zealand, France, Spain, Colombia, Brazil, India, the United Kingdom, Ireland and Luxembourg.
The attackers’ ultimate goal varies depending on the campaign, ranging from financial theft and the extraction of personal and banking data to the installation of malware capable of intercepting SMS messages, accessing sensitive information on the victim’s device or even taking full remote control.
The messages are delivered in multiple languages –including English, Spanish, French, Portuguese and Hindi– and, according to Bitdefender, impersonate transport authorities, toll operators and parking services.
“These scam messages are designed to create a sense of urgency and pressure drivers into acting quickly. A typical message claims that the recipient has an unpaid toll, traffic fine, or parking ticket and sets a short deadline, usually between 24 and 72 hours, to resolve the issue. To increase the sense of risk, the message often threatens consequences such as additional fees, license suspension, legal action, or even arrest warrants.” the cybersecurity firm explains, adding:
“It then prompts the recipient to click a link to ‘resolve’ the matter. That link leads to a fraudulent website designed to closely resemble an official government or toll payment portal. Once there, victims may be asked to enter sensitive information, including card details, personal data, and in some cases, banking credentials. In certain regions, the attack goes a step further by delivering malware instead of a payment page.”
Bitdefender also warns that these attacks rely on advanced techniques to increase credibility and evade detection systems. These include:
According to Bitdefender, the activity behind this operation –dubbed Operation Road Trap– is widespread and highly coordinated. However, researchers have found no clear links between the campaigns beyond the use of similar lures, and therefore do not attribute them to any specific threat actor or group.
Bitdefender notes that smishing campaigns involving unpaid fines, tolls or parking penalties have been circulating for years, but their scale is now growing rapidly.
To stay protected, the company recommends taking the following precautions if you receive such a message:
Become a premium member for free!
Categories
About us
Legal
Suscríbete a la información sanitaria de calidad, totalmente gratis
If you don’t have an account Register
Free access to restricted content. Receive our newsletter.
Already have an account? Login
Enter the email address you use to access the site and we will send you a new access password.

source