This one right here is from my personal phone.

這張照片來自我的私人手機。

Please pay your fast track lane tolls by February 22nd, 2025.

請在 2025 年 2 月 22 日前支付快車道通行費。

It's an old school scam in a new form.

這是一種新形式的老式騙局。

It's enabled by the rise of smartphones, cashless billing and transaction systems, and AI.

智能手機、無現金計費和交易系統以及人工智能的興起使這一切成為可能。

We have been bedoubled by these scams.

這些騙局讓我們防不勝防。

The scamsters mutate every few weeks with different messages.

金光黨每隔幾周就會變種，發出不同的資訊。

The messaging has become more sophisticated, more aggressive.

資訊傳遞變得更加複雜，更加咄咄逼人。

There's one thing I find with fraud, financial crime, is that people are so busy and these things are just annoying, but if somebody makes the wrong click, it literally takes a millisecond.

我發現欺詐和金融犯罪的一個特點是，人們都很忙，這些事情很煩人，但如果有人點擊錯了，只需要幾毫秒的時間。

Your life could be ruined.

你的生活可能會毀於一旦。

The Federal Trade Commission, the FBI, state governments all around the country, even local transportation authorities have all issued warnings to customers.

聯邦貿易委員會、聯邦調查局、全國各州政府，甚至地方交通管理部門都向客戶發出了警告。

CNBC dives into the world of international financial crime to figure out why and how these scams have become so widespread and who could be behind them.

CNBC 深入探究國際金融犯罪的世界，以找出這些騙局為何和如何變得如此普遍，以及誰可能是幕後黑手。

The scam is simple.

騙局很簡單。

The text says something like this.

文字是這樣說的

You have unpaid tolls.

你有未支付的通行費。

You need to pay them by a certain date or else.

您需要在某個日期之前支付，否則就會被拒之門外。

Then it will often supply a link and or ask you to respond.

然後，它通常會提供一個鏈接，或要求您回覆。

It might spell out some kind of threat, as you can see on mine.

它可能會寫出某種威脅，就像你在我身上看到的那樣。

If you don't pay this, you will be fined or you will lose your license or whatever.

如果不交，就會被罰款或吊銷執照之類的。

So you, conscientious and concerned citizen that you are, click on the link.

所以，你，有良知且關心此事的公民，請點擊鏈接。

From there, one of a few things can happen.

從這裡開始，可能會發生幾件事中的一件。

Your phone could start downloading malware, software that can damage your device or steal your data.

您的手機可能會開始下載惡意軟件，這些軟件可能會損壞您的設備或竊取您的數據。

The link could also take you to a fake website where you enter your credit card or bank account information and bam, the scammers have your financial info.

該鏈接還可能將您帶入一個假網站，在那裡您輸入信用卡或銀行賬戶資訊，然後金光黨就掌握了您的財務資訊。

The second you click that, that point of no return, the Pac-Man game over, I call it is don't click that.

一旦你點擊了那個 "不歸點"，吃豆人遊戲就結束了，我稱之為 "不要點擊那個"。

The fact that I received a text at all is the first red flag.

我收到簡訊的事實是第一個危險信號。

We do not contact our customers by text with a request to pay via a link to a website.

我們不會通過簡訊與客戶聯繫，要求客戶通過網站鏈接付款。

We don't do that, nor do any other legitimate toll operators anywhere in the country.

我們不這樣做，全國任何地方的其他合法收費運營商也不這樣做。

That's just not how business is done.

做生意不是這樣的。

Here's how business is done the legal way.

下面介紹如何以合法方式開展業務。

There are about 359 toll facilities across the U.S.

全美約有 359 個收費設施。

Altogether, they pull in about $23 billion in revenue.

它們的總收入約為 230 億美元。

They include bridges, tunnels, turnpikes and in some cases, highways that allow you to bypass traffic.

它們包括橋樑、隧道、匝道，在某些情況下，高速公路還能讓您繞過車流。

Toll points used to, and in some cases still do, have staffed booths that collect cash.

收費站過去（在某些情況下仍然）設有收取現金的收費亭。

But around 2008, they converted in large numbers to all electronic tolling.

但在 2008 年前後，他們大量改用全電子收費系統。

The switch really picked up speed during and after 2020.

2020 年期間和之後，轉換速度確實加快了。

And that's where scammers saw an opportunity.

這讓金光黨們看到了商機。

The advent of technology, it has just catapulted the world of financial crime, fraud, cybercrime.

技術的出現，使金融犯罪、欺詐和網絡犯罪的世界瞬息萬變。

They are exploiting both the rise of cashless billing systems and the fact that we use our phones to conduct all kinds of business.

他們正在利用無現金計費系統的興起和我們使用手機處理各種業務的事實。

Cashless tolling, in most cases, works like this.

在大多數情況下，無現金收費是這樣工作的。

You sign up for an account and the agency in your area sends you a little box called the transponder that you put in your car.

您註冊一個賬戶後，您所在地區的機構會給您寄來一個叫做應答器的小盒子，您可以把它裝在車上。

In some cases, operators might also just read your license plate when you go through a toll point, or you might be able to use a mobile tolling app to pay without a transponder.

在某些情況下，運營商還可以在您通過收費站時讀取您的車牌，或者您也可以使用移動收費應用程序進行支付，而無需使用應答器。

Every time you go through a toll point, you get billed automatically.

每次通過收費站時，都會自動向您收取費用。

That is automatically.

這是自動的。

It is highly unusual to receive a text.

收到簡訊是非常不尋常的。

There are occasional exceptions.

偶爾也有例外。

Basically, if a toll hasn't been paid, unless the unpaid toll is sent to a collections agency, you would always hear directly from the roadway or transponder operator themselves.

基本上，如果沒有支付通行費，除非未支付的通行費被送往收款機構，否則您總是會直接從公路或應答器運營商那裡聽到消息。

Even if there is a problem with the transponder, most facilities have license plate readers and can find your account.

即使應答器有問題，大多數設施都有車牌讀取器，可以找到您的賬戶。

I think it's safe to say that any time you get a text that purports to be directly from a tolling operator, that that is a malign text.

我認為，可以肯定地說，任何時候收到自稱直接來自收費運營商的簡訊，都是惡意簡訊。

Catherine Clay is the CEO of the International Bridge Tunnel and Turnpike Association.

凱瑟琳-克萊是國際橋樑隧道和高速公路協會的首席執行官。

She represents toll collectors and says this surge in incidents is not the result of a data breach.

她是收費員的代表，並表示此次事件激增並非數據洩露所致。

This is an opportunistic scam.

這是一個投機取巧的騙局。

These are people that have stumbled upon the idea of tolling as a target rich environment because it's so much a part of our daily lives now that even if you're starting with a random set of phone numbers, there is a very high probability that some of the recipients of those texts also happen to use tolling lanes.

這些人偶然發現，收費是一個目標豐富的環境，因為它已經成為我們日常生活的一部分，即使你從一組隨機的電話號碼開始，這些簡訊的一些接收者也很有可能碰巧使用收費車道。

The SF Bay Area Fast Track system, Goodwin's department overseas, has two million customers alone.

古德溫在海外的部門--舊金山灣區快速通道系統--就擁有 200 萬客戶。

Doherty works for the New York State Thruway, which controls tolling across 570 miles of road throughout New York state.

Doherty 為紐約州高速公路公司工作，該公司控制著紐約州 570 英里公路的收費。

It is part of the Easy Pass system, which is accepted in 18 other states.

它是 Easy Pass 系統的一部分，該系統已被其他 18 個州接受。

The New York Thruway logged 400 million transactions last year.

紐約高速公路去年的交易量達 4 億次。

That's 400 million trips through the system's toll gates.

這相當於 4 億人次通過該系統的收費站。

Ninety percent of them used Easy Pass.

其中 90% 的人使用 Easy Pass。

So if you just spray enough of these texts out there, most recipients will be baffled or recognize it as spam.

是以，只要你向外噴灑足夠多的此類簡訊，大多數收件人都會感到莫名其妙或認出這是垃圾郵件。

But sooner or later, you're likely to hit someone who wonders if they owe money.

但遲早有一天，你可能會遇到那些想知道自己是否欠錢的人。

Doherty's agency has been wrestling with this latest iteration of text based scams for about the last six months.

在過去的六個月裡，多爾蒂的機構一直在與這種最新的簡訊詐騙搏鬥。

It does seem like almost every New York area code was targeted with this recent text message scam.

最近的這起簡訊詐騙案似乎幾乎針對了紐約的所有區號。

In the text I received, there are all kinds of other clues, quite common, actually, that can immediately indicate it's fraudulent.

在我收到的文本中，還有其他各種線索，其實很常見，可以立即表明這是欺詐行為。

These details are not that easy to notice, and scammers are betting that customers will overlook them.

這些細節並不那麼容易被注意到，金光黨們就是在賭客戶會忽略這些細節。

Michael Skiba is a veteran cybercrime investigator who has worked with the FBI, the U.N., Interpol and others.

邁克爾-斯基巴是一名資深網絡犯罪調查員，曾與聯邦調查局、聯合國、國際刑警組織等機構合作。

He says there's a kind of psychology of fraud.

他說有一種欺詐心理。

The texts exploit a person's sense of urgency, such as by threatening a fine or a legal penalty.

這些簡訊利用人們的緊迫感，比如威脅要罰款或處以法律懲罰。

They are also taking advantage of the way we are accustomed to using our phones, which tends to be hastier than how we behave with other screens such as laptops.

它們還利用了我們習慣使用手機的方式，這種方式往往比我們使用筆記本電腦等其他螢幕的方式更加粗暴。

You have all those apps on your phone, you know, Instagram, you're swiping videos.

你的手機上有所有這些應用程序，你知道的，Instagram，你在刷視頻。

And so it's more like the swipe psychology.

是以，這更像是一種刷屏心理。

That means we're liable to make some snap decisions, even ones we shouldn't.

這意味著我們有可能做出一些當機立斷的決定，甚至是不該做的決定。

Even the smaller size of the phone screen compared with the size of, say, a laptop makes it harder to read small print or notice suspicious details.

即使手機螢幕比筆記本電腦小，也很難看清楚小字或注意到可疑的細節。

But look closely.

但仔細看看。

Though I live in New York, I am from the San Francisco Bay Area and my number has a 650 area code, which covers a portion of the peninsula south of the city.

雖然我住在紐約，但我來自舊金山灣區，我的號碼是 650 區號，覆蓋了舊金山南部半島的一部分。

The text I received mentions the fast track cashless toll billing system used in the Bay Area.

我收到的簡訊提到了灣區使用的快速無現金收費系統。

The scammers misspelled the name, which only has one T in it.

金光黨們拼錯了這個名字，裡面只有一個 T。

I didn't catch it at first and even copied the error in an email to a potential source for this story.

我一開始沒注意到，甚至還在給本報道潛在消息來源的電子郵件中複製了這個錯誤。

The URL also mimics the Web address for a toll collection system in Texas, not California.

該 URL 還模仿了得克薩斯州而非加利福尼亞州收費系統的網址。

Another detail I missed.

我忽略的另一個細節。

A colleague had to point it out.

一位同事不得不指出來。

The second tell it is they're asking people to reply why to get a link.

第二種說法是，他們要求人們回覆為什麼要獲得鏈接。

Easy Pass would never ask that they would actually send an official link with an official website.

Easy Pass 絕不會要求他們真正發送帶有官方網站的官方鏈接。

Even then, you have to be careful.

即便如此，你也必須小心謹慎。

Scammers have gotten better at disguising bogus links like in this other text I received.

金光黨們越來越善於偽裝假鏈接了，比如我收到的另一條簡訊。

This time they spelled fast track correctly.

這次他們把 fast track 拼寫對了。

More convincingly, the enclosed URL looks at first like an address for the toll roads, a group that oversees tolling in California.

更令人信服的是，所附網址乍一看像是收費公路的地址，該組織負責監督加利福尼亞州的收費情況。

It's only when you carefully read that you can see it is not by the string of letters at the end.

只有當你仔細閱讀時，你才能從結尾的一串字母看出它不是。

Another giveaway is a suspicious number.

另一個線索是可疑號碼。

This one starts with a country code for the UK.

這個以英國的國家代碼開頭。

The second comes from the Philippines.

第二個來自菲律賓。

We would never send a text message from an international number.

我們絕不會從國際號碼發送簡訊。

They're invariably registered at offshore locations.

它們無一例外都在境外註冊。

The first wave a year ago, many of them were from Hong Kong, others from Russia.

一年前的第一波浪潮中，許多人來自香港，其他人來自俄羅斯。

More recently, there have been some South American nations where the domains were registered.

最近，一些南美國家也註冊了這些域名。

Those international numbers point to the identities of the scammers, large international criminal networks.

這些國際號碼指向金光黨的身份，即大型國際犯罪網絡。

Back in the day, a scammer might just be a guy in his basement sending out emails or making phone calls one at a time.

在過去，金光黨可能只是在地下室裡一個人一個人地發郵件或打電話。

Today, smishing, which is what these types of scams are called, is done by large, sophisticated international criminal syndicates.

如今，這類詐騙被稱為 "網絡釣魚"（smishing），是由大型、複雜的國際犯罪集團所為。

Now you have these massive, massive cartels, terrorist groups collaborating.

現在，這些規模龐大的販毒集團和恐怖組織相互勾結。

One smart person can run 20, 50 computers at once, running thousands of A.I. programs, sending out thousands of texts a second.

一個聰明人可以同時運行 20、50 臺電腦，運行數千個人工智能程序，每秒發送數千條簡訊。

A text scam is an appealing, far less dangerous way of making money than some of the more traditional criminal trades like kidnapping.

簡訊詐騙是一種很有吸引力的賺錢方式，其危險性遠遠低於綁架等一些傳統的犯罪行當。

It's very low risk for them and the reward could be incredible.

這對他們來說風險很低，回報卻可能驚人。

While common, these types of scams are difficult to track.

這類騙局雖然常見，但很難追蹤。

Researchers in law enforcement say it's hard to even estimate the total loss to consumers.

執法部門的研究人員說，甚至很難估計消費者的總損失。

I've seen statistics come out, try to put a number on like, I personally think it is astronomical and I think it would be so alarming to know what the true cost is.

我看到過一些統計數字，試圖用一個數字來表示，我個人認為這是一個天文數字，我認為如果知道真實的成本是多少，將是非常令人震驚的。

Unfortunately, they're also difficult to investigate.

不幸的是，它們也很難調查。

The international nature of them requires a high level of international cooperation.

其國際性要求高度的國際合作。

A single text received in New York could be at first tracked to an I.P. address in, say, Connecticut.

在紐約收到的一條簡訊，一開始可能會被追蹤到康涅狄格州的一個 I.P. 地址。

But then it was linked to somewhere overseas and then it crossed three state lines.

但後來它被鏈接到海外某處，然後又跨越了三條州界。

But then they transferred the money to cryptocurrency.

但後來他們把錢轉成了加密貨幣。

I mean, it literally is a headache to just even try to figure out where if you don't have the big numbers behind it, it doesn't gain the momentum that's really needed.

我的意思是，如果沒有大數據的支持，就無法獲得真正需要的動力，這簡直就是一個令人頭疼的問題。

When Skiba says big numbers, he means an accurate understanding of how much money this is costing people.

斯基巴說的 "大數字"，指的是準確瞭解這讓人們損失了多少錢。

That is difficult to track, in part because it is likely underreported.

這很難跟蹤，部分原因是很可能報告不足。

There are a lot of people, unfortunately, that when they do get tricked, they're embarrassed.

不幸的是，很多人一旦被騙，就會感到尷尬。

You know, they don't want to report it.

你知道，他們不想上報。

Number two, there's some that only get scammed out of a couple thousand dollars and they think it's not worth it.

第二，有些人只被騙了幾千美元，他們認為不值得。

So they don't even bother reporting it to anybody.

所以他們甚至懶得向任何人報告。

I have seen a shift, though.

不過，我已經看到了轉變。

There are some new laws in place.

有一些新的法律已經出臺。

There are some new powers given to law enforcement.

執法部門被賦予了一些新的權力。

I do see dedicated units now to it.

我確實看到有專門的組織、部門在使用它。

So what do you do?

那你該怎麼辦？

Know that these texts are sprayed out to people indiscriminately.

要知道，這些簡訊是不分青紅皁白地噴向人們的。

So it is not an indication that your tolling account has been hacked or anything like that.

是以，這並不表明您的收費賬戶被黑客攻擊或類似情況。

I was involved in a recent case, international like this, where I saw these programs and they actually will throw out these algorithms.

我最近參與了一個類似的國際案例，在那裡我看到了這些程序，他們實際上會把這些算法扔掉。

It looks kind of like the matrix.

看起來有點像矩陣。

Right.

對

And it goes through these numbers and it just keeps sending these texts.

然後它就通過這些號碼不停地發送簡訊。

And it doesn't know if you're a real person or not.

它也不知道你是不是真人。

And the only way it knows you're a real person is when you engage.

只有當你參與時，它才會知道你是一個真實的人。

So never click on the link and never respond to the text.

是以，千萬不要點擊鏈接，也不要回覆文字。

Just go directly to the website for the tolling agency or group and contact them.

只需直接訪問收費機構或集團的網站並與他們聯繫即可。

Skiba says the scams adapt to changes in technology.

斯基巴說，這些騙局會隨著技術的變化而變化。

Phone scams gave way to email and now text.

電話詐騙讓位於電子郵件，現在又有了簡訊。

But car infotainment systems, smartwatches, potentially anything that can be hacked or exploited is up for grabs.

但是，汽車信息娛樂系統、智能手錶，甚至任何可以被黑客攻擊或利用的東西，都有可能被竊取。