The Pennsylvania Criminal Intelligence Center has recently received information regarding a fraudulent email claiming to originate from the Pennsylvania Department of Motor Vehicles. The subject line of the email indicates "Action Required - Fine for Traffic Violations." The body of the email further states that "a vehicle registered to you was captured running a red light" along with a violation date, ticket number, and a specified fine amount. There were also various links to click on to view photos, pay the fine, or for more information regarding the email security service. These links redirect the user to other websites not affiliated with PennDOT.

There are signs that indicate this is a phishing scam, including: poor spelling or grammar within the message. This message not only has "violation" spelled incorrectly, but also lists two different violation dates. Additionally, citations or traffic tickets issued in Pennsylvania are not paid directly to PennDOT.Fraudulent emails purporting to be from legitimate government agencies is not new, but such scams often change form. Phishing is the process of deceiving recipients into sharing sensitive information with an unknown third-party, or cyber attacker, typically through email; however, websites and Internet pop-up ads are also used. 1 When using email, it is difficult to know exactly with whom you are communicating. Scammers utilize this uncertainty to pose as legitimate businesses, organizations, or individuals to gain the trust of users and compromise their personal, financial, and/or other sensitive information. Scammers appear to represent legitimate businesses or organizations by spoofing email addresses, creating fake websites with legitimate logos, and providing phone numbers to illegitimate customer service centers or tech support centers operated by attackers.Never give out your name, address, date of birth, Social Security number, bank account numbers, or passwords. Never open a link or attachment when the sender is not known. Never click on an email link that only has an IP address. Never run a program or allow a plug-in when the source is unknown or untrusted.