Cybercriminals are currently running a phishing campaign disguised as messages from the Bureau of Motor Vehicles (BMV). These fraudulent texts claim you have unpaid traffic tickets and urge you to pay immediately to avoid penalties.

One of the fake messages reads:

“Ohio (BMV) Final Notice: Enforcement Begins September 10nd. Our records indicate you still have an outstanding traffic ticket. If you fail to pay by September 9st, the following actions will be taken: license suspension, vehicle registration suspension, toll booth fees, and even prosecution. Pay now: [link].”

While the tone is designed to trigger panic, the threats are fabricated. In fact, the Ohio Department of Public Safety had already warned about such scams, and law enforcement in Bowling Green (OH) has recently repeated the alert. Similar warnings have also been issued by authorities in Indiana, Colorado, West Virginia, Hawaii, Arizona, and New Hampshire.

If the victim clicks the link, they’re redirected to a spoofed DMV website that asks for personal and financial details. This information is then exploited for fraud or identity theft.

How to Spot the Red Flags

These scam texts share a number of suspicious characteristics:

• Poor spelling and grammar: phrases like “September 10nd” or “9st” are obvious mistakes.
• Extreme urgency: only one or two days to respond, or face severe penalties.
• Unrealistic threats: claims about your credit score being affected for a traffic ticket.
• Fake legal codes: citations like “Ohio Administrative Code 15C-16.003” don’t exist.
• Suspicious payment links: real BMVs don’t send direct “pay now” URLs.
• Generic targeting: legitimate agencies use your legal name, not mass scare tactics.

Best Practices to Stay Protected

• Verify suspicious numbers, emails, or messages before engaging.
• Go directly to the official agency website instead of clicking links in texts.
• Don’t reply to unsolicited messages—even if asked.
• Take time to think before acting on threats that demand immediate action.

If you already interacted with a scam site:

• Change compromised passwords immediately.
• Notify your bank to monitor or freeze accounts.
• Place a fraud alert or credit freeze with major credit bureaus.
• Report identity theft to the FTC at identitytheft.gov.

Known Scam Domains

Recent campaigns have used domains such as:

• https://ohio.dtetazt[.]shop/bmv?cdr=Bue4ZZ
• https://askasas[.]top/portal
• https://dmv.colorado-govw[.]icu/us

But attackers rotate domains quickly, so remain alert.

Source: https://www.malwarebytes.com/blog/news/2025/09/fake-bureau-motor-vehicles-texts-are-after-your-personal-and-banking-details