Recently, a QR code scam impersonating traffic violation notices has been spreading in the New York and New Jersey areas, targeting not only drivers but also non-vehicle owners who have received similar messages. Even without owning a car, individuals are receiving texts claiming to be related to traffic violations. In a WeChat group yesterday, several people shared notifications they received, all containing similar content.
The scam operates under the guise of “Traffic/Toll Court Notice,” sent via text messages or emails. The contents include what appears to be official hearing times and addresses, along with QR codes or links demanding immediate payment. The notices threaten legal consequences, such as additional penalties for not attending hearings on time or making early payments, even mentioning being handed over to law enforcement agencies, creating panic to persuade recipients to make payments.
In New Jersey, the Bergen County New Milford Police Department recently issued a warning that such “Hearing Notice – Traffic Violation/Toll” letters are all forged and carry no legal weight. However, these documents are highly realistic in appearance, with just the header and date altered, enabling them to circulate in different regions.
Simultaneously, the New York Department of Motor Vehicles (DMV) also warned the public last Thursday about a new wave of phishing text message attacks. Scammers are impersonating official agencies, claiming that individuals’ licenses are on the verge of suspension and setting extremely short payment deadlines to pressure recipients into hastily providing personal or financial information. The DMV Commissioner pointed out that these scams often occur in “intermittent bursts,” and people need to remain vigilant.
Law enforcement and relevant agencies emphasize three points for individuals who receive such notifications: do not scan QR codes, do not click on any links, and do not provide personal or financial information. All information regarding traffic violations or toll fees should only be inquired through official channels.
Additionally, fraudulent emails often exhibit obvious flaws, such as originating from non-governmental email accounts (like Gmail, Yahoo, etc.), URLs not matching official sources, or containing spelling and grammar errors. People should heighten their alertness and maintain skepticism towards any messages claiming to be from “official agencies” demanding urgent payments.
If personal information has already been provided inadvertently, it is recommended to take remedial measures immediately, including changing account passwords, checking device security, informing banks, and contacting credit bureaus (such as TransUnion, Equifax, Experian) to set up credit freezes or fraud alerts to mitigate the risk of identity theft.
Experts remind that the main goal of phishing and fake websites is to steal personal information or induce the downloading of malicious software. In everyday life, individuals should reduce the disclosure of personal information to avoid becoming targets of scams. The safest approach when encountering any suspicious messages is still “do not click, do not respond, and verify thoroughly.”