A widespread and persistent SMS phishing (smishing) campaign, uncovered by the Cisco Talos team, has been targeting toll road users across at least eight U.S. states since October 2024, aiming to steal payment credentials under the guise of overdue toll bills.

‍