DMV scam texts: what's really going on (and how to protect yourself)

DMV scam texts: what's really going on (and how to protect yourself)

Kaelee Nelson, M.A. (Digital Humanities) | Data Analyst & Researcher
Kaelee Nelson, M.A. (Digital Humanities) | Data Analyst & Researcher Author
Updated on 9 min read

If you've gotten a text this year claiming your driver's license is about to be suspended, or that you owe a traffic fine you need to pay immediately, you are not alone. And you are not the target of a random scammer who happened to find your number.

You are one of millions of Americans being swept up in a coordinated, industrial-scale fraud operation run by organized cybercriminal groups operating primarily out of China.1

This is not a small problem. In 2025, the FTC announced that 160,520 Americans reported DMV scams in 2025, a 1234.66% increase from the 12,037 complaints filed in 2024.1 Total losses also surged year over year, up 790% at 14.6 million in 2025, versus 1.64 million in 2024.2

Who is behind the DMV scams?

The operation behind the majority of toll and DMV scam texts has a name in the security research community: the Smishing Triad. It's a loosely affiliated network of Chinese cybercriminal groups that have industrialized SMS phishing—or "smishing"—into a service product.

Between January 2024 and June 2025, researchers at Palo Alto Networks' Unit 42 identified 136,933 root domains registered by this operation, representing nearly 200,000 fully qualified domain names.3 The infrastructure is primarily hosted on U.S. cloud services, making it harder to block at the network level.

The texts themselves are generated and distributed using "phishing-as-a-service" kits (sold on Telegram for as little as $8 per 1,000 messages) that come preloaded with brand impersonation templates for every major state DMV, toll authority, and federal agency.4

Security experts advise that a single bad actor can send "up to 2,000,000 smishing messages daily,” which is the equivalent of targeting “up to 60,000,000 victims per month, or 720,000,000 per year, enough to target every person in the U.S. at least twice every year.”4

The messages aren't random. Arizona residents, for example, received texts from a made-up government agency, the “Arizona Ministry of Communications”. The Smishing Triad adapts its campaigns to the agency name used in the target state, which is why, depending on where you live, the sender field might say:

  • "California DMV" (for the “Department of Motor Vehicles”)
  • "Texas DPS" (for the “Department of Public Safety”)
  • "Ohio BMV" (for the “Board of Motor Vehicles)

New Jersey residents briefly got texts referencing the "DMV". However, the state renamed its agency to the MVC almost a decade ago. When security researchers flagged this, the group updated its templates within days.

That's not a glitch. That's an operation that iterates.

How DMV text scams work

Text message fraud works because people trust their phones in a way they've learned not to trust email. Verizon's vice president of global cybersecurity solutions put it plainly: "People tend to be more trusting of these devices, and as a result they're more likely to click on links and follow through."2

Here's a play-by-play on how DMV scams typically work:

  • The Message: Users receive a text informing them of a "final notice" regarding an outstanding traffic ticket or toll.
  • The Link: The message contains a link to a fraudulent website that mimics an official state DMV site.
  • The Goal: The site asks for personal information, such as name, address, and credit card details, to pay a fake fee or fine.
  • The Red Flags: DMV scam messages are sent from personal email addresses or random numbers and often contain poor grammar.

Common DMV scam tactics

Here's a typical example, reconstructed from real complaints:

"New York DMV: Our records show an outstanding traffic violation on your account. To avoid suspension of your driving privileges and an additional $150 late penalty, you must settle your balance of $17.40 by June 12. Pay here: ny-dmv-gov[.]icu"

Several things make this message effective as a scam:

  • The amount is small. $17.40 is not alarming. Most people can imagine owing that from a forgotten toll or a parking ticket. It doesn't trigger skepticism the way a $1,500 demand would.
  • The threat is real-feeling. License suspension is a genuine, consequential outcome of unpaid violations. The scammer isn't threatening you with something implausible—they're invoking something you actually want to avoid.
  • The URL is convincing. Scammers often include “.gov” in the URL to make it appear legitimate.
  • The deadline is tomorrow. The 24-to-48-hour window is intentional. It's designed to prevent you from pausing, asking someone, or looking it up. Urgency is the primary mechanism of every government impersonation scam.

The domain almost looks right. "ny-dmv-gov.icu" contains all the right words in the wrong order, on a non-.gov domain. Most people aren't in the habit of parsing URLs.

Pro Tip: In some cases, scammers use social media to promote “too-good-to-be-true” ads, such as fake 50% discounts on vehicle registration renewals.

The motive behind DMV text scams

When victims click the link, they land on a convincing replica of their state DMV's payment portal. The median amount lost per report dropped to $7 in 2024 and 2025, compared to $83-$199 in years prior.

This shift suggests scammers are prioritizing volume over high-value targets, banking on the sheer number of people who will pay a small, believable amount without questioning it. But the real payoff for scammers isn’t in the payment itself.

The goal isn't just the $7—it's everything the form asks for: name, address, drivers license number, date of birth, and credit card details. That combination is enough to open new accounts, file fraudulent tax returns, and access existing financial accounts.

FBI Tennessee’s Supervisory Special Agent David Palmer warns that these DMV scam texts can “put malware on your phone, which then can go in and steal information from your device, or collect your payment information.”5

Identity theft that originates from a single clicked link can take months or years to fully surface. Someone who hands over their license number and address in June may not see fraudulent accounts opened until September, and may not connect the two events at all.

Locations hit hardest by DMV scam texts

Scammers are targeting drivers nationwide by mimicking a variety of state toll collection systems. E-ZPass, SunPass, FasTrak, and I-PASS are all being used as bait, among others. At least 14 states have issued alerts regarding DMV text scams, including:6

  • California
  • New York
  • Florida
  • Texas
  • Illinois
  • New Jersey
  • Virginia
  • Pennsylvania
  • Georgia
  • Colorado
  • Connecticut
  • Vermont
  • North Carolina
  • Washington, D.C.

But the reach is broader than official warnings suggest. The FTC received 160,520 reports of DMV scam texts in 2025, a 1235% increase from the 12,027 reports received in 2024.7 And that figure represents only the people who both noticed the scam and knew where to report it. Actual exposure may run into the millions.

The scam evolves with geography. In states without toll systems, the texts pivot to traffic tickets and registration fees. In states that have recently issued REAL ID compliance deadlines, they reference document verification. In other words, the content changes, but the mechanism—urgency, a spoofed government name, a link, a payment page—stays identical.

What to do if you received a DMV text message

If you received the text but didn't click: Forward it to 7726 (SPAM) to report it to your carrier, then delete it. You can also report it to the FTC at reportfraud.ftc.gov.

If you clicked but didn't enter information: Close the browser immediately and clear your cache. Your device is likely fine, but monitor for unusual account activity over the next 30 days.

If you entered personal information: Act quickly. Contact your bank or card issuer and request a new card. Place a fraud alert with all three major credit bureaus (Equifax, Experian, TransUnion)—this is free and takes about 15 minutes. File a report with the FTC at identitytheft.gov, which generates a personalized recovery plan. Check your state DMV's official site to verify your actual license and registration status.

If you paid money: File a dispute with your card issuer immediately. Because these transactions are typically processed as debit-style payments on a fake portal rather than through your card's standard merchant flow, chargebacks are not guaranteed—but filing promptly improves your odds significantly.

With OmniWatch, you can enlist the help of a dedicated professional who can call your bank, fill out forms, and even cover your financial losses when banks won’t. Learn more.

Where the DMV text scam fits into the government imposter trend

Government impersonator scam losses have grown almost every year for the past five years: $428 million in 2021, $497 million in 2022, $618 million in 2023, $789 million in 2024, and $917 million in 2025. The FTC now calls imposter scams the most commonly reported fraud category in the country.7

The Smishing Triad shows no sign of slowing down. Security researchers identified 37,000 additional malicious domains in the three months after Unit 42 published its June 2025 report. The operation has expanded from DMV and toll impersonation into bank impersonation, IRS impersonation, and agency-level fraud across more than 121 countries.3

The DMV is one of the most impersonated agencies in the country, alongside the IRS and USPS, because every licensed driver in America has a relationship with it, and almost no one knows exactly what their DMV will or won't text them. That ambiguity is the attack surface.

How to avoid falling for DMV scams in the future

The problem with DMV scams isn't just the immediate transaction. It's what comes after.

When you hand your name, address, license number, date of birth, and payment details to a phishing page, that data doesn't stay in one place. It gets packaged and sold in credential markets within hours.

The person who ran the phishing page is often not the same person who commits the identity fraud—your data moves through a supply chain before it surfaces as a fraudulent account or tax filing six months later.

That’s what makes these scams so hard to catch. By the time the damage shows up, the original scam is a distant memory. 

The best defense is staying ahead of where your data ends up. OmniWatch is designed for exactly this scenario. Our AI-powered scam detection flags suspicious activity before a loss occurs. Dark web and breach monitoring watches for your credentials and personal data appearing in places they shouldn't.

And if a DMV-style scam leads to real financial loss, OmniWatch's Elite plans include up to $50,000 in scam and social engineering coverage—the kind of protection that applies when you were deceived into providing information, not just when someone hacked your account without your involvement.

The distinction matters. Most identity theft insurance doesn't cover authorized transactions, or cases where the victim, believing they were doing the right thing, paid or provided information willingly. OmniWatch's scam coverage is built for that gap.

Protection built for modern threats, backed by real experts

With OmniWatch, you can enlist the help of a dedicated professional who can call your bank, fill out forms, and even cover your financial losses when banks won’t.

Explore scam protection

Frequently asked questions

Does the DMV text you?

Your state DMV will not text you an unsolicited link and ask you to pay money through it.

That's it. Not for unpaid tickets. Not for registration fees. Not for REAL ID verification. Not for outstanding tolls. If you get a text like this, it is a scam—regardless of how official it looks, what state name it uses, or what the amount is. Real DMV communications come through official mail and, in limited cases, opt-in notification systems you enrolled in yourself.

Every single state DMV that has issued a warning about these texts has said exactly this. California, New York, Florida, Texas, New Jersey—the language is different, the conclusion is the same: we didn't send that.

How do I report a suspected DMV scam?

If you’ve received a fake DMV text, report it by forwarding the message to 7726 (SPAM) and filing a complaint at reportfraud.ftc.gov. Make sure to delete the text. You can also report it to your state’s DMV directly through their official website.

If you clicked a link or shared any sensitive information, contact your bank immediately. You may also want to place a fraud alert on your credit file. OmniWatch’s expert scam agents are also available 24/7 to help you assess the damage and protect your identity before things escalate.

Sources

  1. FTC, Government Imposter, 2025
  2. Dark Reading, Tired of Unpaid Toll Texts? Blame the Smishing Triad, 2025
  3. Palo Alto Networks Unit 42: The Smishing Deluge — 194,000 domains identified, 2025
  4. Resecurity, Reimagine Cybersecurity
  5. Forbes, FBI Investigates DMV Text Scam Now Surging Across America, 2025
  6. NJCCIC, SMiShing at Scale
  7. FTC, Consumer Sentinel Network (2026)

Protection for identity theft, scams, and losses banks won't cover

View plans
OmniWatch app showing alerts and scan features