April 1st, the day of pranks and fake announcements, has passed.
But unfortunately, scammers don’t stop.
On the contrary, this is the time when they are most productive.
Teams ramp up for spring, moving a little fast, a little distracted.
A small anomaly slips through without being noticed until it does damage.
There are 3 main scams roaming around at the moment.
As you go through them, ask yourself; “Would my team pause and assess each one?”
Scam 1: The Toll Fee
An employee receives a text message: “You have an unpaid toll balance of $6.99. Pay within 12 hours to avoid late fees.”
The message comes from a real toll operator – Alameda CTC, BATA/MTC.
The amount is small enough not to trigger any alarms.
So the employee clicks, pays, and moves on with their work.
Except the link wasn’t real.
The FBI received over 60,000 complaints about fake toll texts in 2024. They found thousands of fake domains impersonating state toll systems – a number that shows how profitable this scam has become.
It works because it’s simple. The amount of money is negligible, and most people have driven through a toll road in the last month or two, so the message is completely plausible.
How to avoid the scam: Legitimate toll operators DO NOT ask for immediate payment via text
If you are expecting a similar message, go directly to the official website to check your balance.
Never reply to the text message, because responding confirms the number is active, which invites more scams.
Scam 2: A Shared File
An employee receives an email notification that a document was shared with them.
Something ordinary like a DocuSign or a spreadsheet on OneDrive.
The sender’s name is familiar. The email format looks exactly like the others.
They click on the link. They are prompted to log in, and they enter their work credentials.
Bam! Your personal details have been shared with a scammer, and they’ve gained access to your company’s cloud system.
Phishing attacks like this one have increased by 67% in 2025, according to KnowBe4.
Attackers abuse trusted platforms like Google Drive, Microsoft, and Salesforce. Employees are seven times more likely to click on an email coming from them, as they look identical to the real thing.
What’s more alarming is that attacks are now creating files inside compromised accounts and use the platform’s own sharing feature to send the notifications. This means the email actually comes from Google or Microsoft. Your spam filter doesn’t flag it because technically, it’s a legitimate notification.
How to avoid the scam: If you were not expecting a file, or you do not recognize the sender’s name, do not click on the link.
Instead, open the platform directly. If the file is real, it will be there.
You can also restrict file-sharing permissions from external parties and enable alerts for unusual login activity. Your IT team can configure these in 15 minutes!
Scam 3: The Perfect-Written Email
Ten years ago, phishing emails were very easy to spot – broken grammar, strange formatting, messages that don’t make sense.
Now things are VERY different.
In 2025, AI-generated phishing emails received a 54% click rate compared to just 12% for human-written ones.
The reason is simple. These emails don’t look like scams anymore. They reference real companies, real names, and real workflows, all scooped up by AI from websites in a matter of seconds.
A recent email scam is departmental targeting.
HR or Payroll received fake employee verification requests. Your finance team gets vendor payment redirects.
In a recent test, 72% of employees clicked on a vendor impersonation email. The message was professional, without any urgency, very normal to receive in your inbox on a Tuesday morning.
How to avoid the scam: Always verify requests involving credentials and payments through a second channel.
Be it a phone call, a text message, or a quick chat down the hall.
Before clicking on links, check the sender’s email address, and hover over the button to read the URL. If an email sounds urgent, it’s a red flag.
Why are these Scams so Effective
These text messages, emails, and notifications rely on familiarity, authority, and timing.
It is not about carelessness. All it takes is one employee who is busy and a little under pressure not to slow down and double-check.
This comes down to process.
And process problems are fixable.
How does an MSP Help
All business owners want their business to be protected.
But they don’t have the time to teach every single employee when to pause and what not to click.
This is where Managed Service Providers like Gravity IT Solutions come in.
Schedule a 15-minute Discovery Call where we’ll talk about:
- The possible risks your business can face
- Where issues are likely to arise in everyday work
- Practical ways to reduce exposure without slowing people down
No pressure. No scare tactics. Just a chance to identify possible gaps and discuss options for eliminating them.
Book a FREE Discovery Call
If you know someone who is concerned about what their team is dealing with, share this blog – we’re happy to have a conversation with them.
Let’s turn a “wouldn’t have clicked” into a “nice try”.
