TAMPA, Fla. (WFLA) — The Florida Attorney General’s Office and the Florida Department of Law Enforcement recently shut down hundreds of fraudulent Sun-Pass websites, designed to steal your money.

But that hasn’t stopped crooks from creating new ones and continuing to send them to Floridians, with threatening text messages to pay unpaid tolls. A Pinellas County woman fell for the scheme and ended up out more than $4,500.

At 80 years old, Ed Mondello works full days driving a truck. He said his elderly wife mistakenly clicked on a fraudulent link in a threatening text message claiming she had unpaid tolls. The scheme has hit consumers nationwide for months, and crooks aren’t letting up.

“They said she didn’t pay the toll, and she had to pay the toll $6.99 by a certain time,” Mondello said. “If not, it would go on her credit report, and she would lose her registration. I feel lousy. She’s going to be 83 years old. She can never make up that money again. It’s ridiculous.”

Mondello said his wife used her Achieva Credit union debit card to pay $6.99, but crooks used her debit card 25 times over three days at Staples Stores based in Connecticut and Massachusetts.

“Every time her balance went down the bank took it out of her savings and put it in her check so nothing would bounce,” Mondello said.

The Mondellos reported the fraud to Achieva and filed a police report. The fraud happened in February, and they recently received a letter, saying that because this was a digital payment, they won’t be reimbursed.

It was devastating news.

Consumer Investigator Shannon Behnken contacted Achieva and was initially told the claim was denied because the thief put Ms. Mondello’s debit card in an Apple digital wallet and would not have been able to do that if Mondello did not share a passcode that the credit union sent to her as a security measure.

This is something the Mondellos insist didn’t happen. But days later, there was good news:
it was determined that a vendor for the credit union should have caught these suspicious, repeated amounts and since it failed to do so, Mondellos would receive every penny back.

Mondellos tells me the credit union returned each of the transactions, totaling more than $4,500.
He’s relieved and said his wife learned a big lesson about clicking on links that show up in a text message.

A spokesperson for Achieva credit union said their vendor was already in the process of investigating this issue, but that if there was not a vendor mistake, the Mondellos would have been out the money.

Achieva said this is a reminder to guard your pin number.

Achieva sent these tips:

• Use account alerts: Set up alerts through your credit union’s mobile app to receive real-time updates on your transactions. This helps you catch unauthorized activity quickly. Time is truly of the essence in these types of situations because if the fraud is caught quickly, your financial institution can likely help you recoup your losses.
• Enable multi-factor authentication (MFA): This adds an extra layer of protection by requiring a second verification step when logging into your accounts.
• Report suspicious messages: If something seems suspicious, report it to SunPass and your financial institution as soon as possible.