Stock image of a person holding a cell phone. Photo:

Getty

The FBI has issued a public service announcement after widespread reports of “smishing” texts that scam cell phone users into believing they have unpaid road tolls.

The FBI defines “smishing” as “a social engineering attack using fake text messages to trick people into downloading malware, sharing sensitive information, or sending money to cybercriminals.” The term is a combination of SMS (short message service) and phishing.

This month marks one year since the FBI Internet Crime Complaint Center (IC3) began seeing an increase in “smishing” complaints about texts claiming to represent road toll collection services from at least three states, the FBI wrote in the PSA. In the last year, the IC3 reports they’ve received over 2,000 complaints.

F.B.I. seal. Chip Somodevilla/Getty

The road toll collection scam texts claim the recipient carries an “outstanding toll amount” that must be paid immediately to avoid increased charges, the IC3 writes. The link provided in the text message mimics a state’s toll service name and tricks recipients into clicking on it.

Never miss a story — sign up for PEOPLE’s free daily newsletter to stay up-to-date on the best of what PEOPLE has to offer, from celebrity news to compelling human-interest stories.

An example of the text recipients receive reads: “(State Toll Service Name): We’ve noticed an outstanding toll amount of $12.51 on your record. To avoid a late fee of $50.00, visit https://myturnpiketollservices.com to settle your balance.”

Palo Alto Networks’ Unit 42 explains the scammer’s new campaign “entices users to reveal personal and/or financial information, including credit or debit card and account information.”

The Federal Trade Commission (FTC) warns users who receive a text regarding an unpaid toll that “it’s probably a scam” and these scammers are working “coast to coast.”

“Not only is the scammer trying to steal your money, but if you click the link, they could get your personal info and even steal your identity,” the FTC warns. 

The text messages follow a similar format relying on urgency within the message, claiming recipients will accrue even higher costs if they don’t pay right away. Scammers craft a new domain that provides a link to the payment site, Forbes reported.

While Apple iMessage provides a layer of protection from scammers by disabling links from unknown senders, scammers found a way to bypass this by asking users to reply with “Y” and reopen the message. This action by users enables links to be received from “smishing” texts, according to Unit 42. 

A trick for users to check whether or not the link is legit is by looking at the domain name that usually includes the Chinese .XIN TLD, Unit 42 advises. This is a toolkit built by Chinese cybercrime groups, Forbes reports. Examples of domains to keep an eye out for include:

• dhl.com-new[.]xin
• driveks.com-jds[.]xin
• ezdrive.com-2h98[.]xin
• ezdrivema.com-citations-etc[.]xin
• ezdrivema.com-securetta[.]xin
• e-zpassiag.com-courtfees[.]xin
• e-zpassny.com-ticketd[.]xin
• fedex.com-fedexl[.]xin
• getipass.com-tickeuz[.]xin
• sunpass.com-ticketap[.]xin
• thetollroads.com-fastrakeu[.]xin
• usps.com-tracking-helpsomg[.]xin

The IC3 advises recipients of these “smishing” scam messages to take action by first filing a complaint with them which includes reporting the phone number from the road toll collection service impersonator as well as the website linked in the message. 

The FBI recommends “smishing” scam recipients to delete all questionable messages they receive. And if recipients happen to click on any links sent or provide their personal information, they should take immediate action to secure personal information, especially financial accounts.