Top 10 Scam Text Messages in 2026 (With Real Examples)

Americans lost $470 million to scam text messages in 2024, a 434% increase from 2020. Scam texts work because they create immediate urgency, impersonate brands you trust, and arrive when you are busy and not thinking critically. The best defense is recognition: knowing what each scam looks like before you receive it.

This guide covers the ten most common scam text messages in 2026 with real examples of each, how they work, the red flags that identify them, and exactly what to do if you receive one. If you received a suspicious text and want to know who sent it before responding, Social Catfish’s reverse phone lookup identifies the person behind any number privately and without alerting them.

1. Fake Package Delivery Scam

Real example: “USPS: Your package could not be delivered due to an incomplete address. Confirm your details to reschedule: usps-redelivery-notice[.]com/track”

How it works: This is the most reported scam text type in the FTC 2024 data. You receive a message claiming to be from USPS, FedEx, or DHL saying your package could not be delivered and you need to pay a small redelivery fee or update your address. The link goes to a convincing fake credit card website that collects your card details, name, address, and sometimes your Social Security number.

The small fee, usually between $1.99 and $3.99, is intentional. It is low enough to feel plausible and not worth questioning. But the real theft happens when your card details are harvested and sold or used for larger purchases.

Red flags:

• You were not expecting a package, or the message arrives for a delivery you were not tracking
• The link does not use the carrier’s real domain — usps.com, fedex.com, dhl.com
• The message uses a generic greeting rather than your name
• There is urgency about a specific deadline

What to do: Never click the link. Go directly to the carrier’s official website and enter your tracking number there. Report the text to 7726 (SPAM) and to the FTC at reportfraud.ftc.gov.

2. Bank Fraud Alert Scam

Real example: “ALERT: A charge of $847.00 has been attempted on your account. If this was not you, call us immediately: 1-888-555-0192”

How it works: A text arrives claiming to be from your bank, warning about a large unauthorized transaction. It asks you to call a number in the text or click a link to dispute the charge. The number connects to a scammer posing as a bank fraud specialist, who then walks you through “securing” your account, which involves transferring funds to a “safe account” or providing your full account details.

This scam is effective because the emotional urgency of a large unauthorized charge overrides critical thinking. The fact that the text usually does not name your bank or use your full name does not register in the moment.

Red flags:

• The message does not name your specific bank
• You are told to call a number included in the text, not the number on your card
• The message does not address you by name
• The requested action involves transferring money or providing account numbers

What to do: Never call the number in the text. Hang up if you’ve already called. Call the number on the back of your debit or credit card directly to check your account status.

3. Toll Road / E-ZPass / SunPass Scam

Real example: “SunPass Notice: You have an outstanding toll balance of $3.17. Failure to pay by 04/25/2026 may result in additional fees. Pay now: sunpass-tolls-pay[.]com”

Real example 2: “E-ZPass: Your account shows an unpaid toll of $2.94. Avoid penalties and pay here: ezpass-account-services[.]net”

How it works: This scam surged dramatically in 2024 and 2025, generating tens of thousands of complaints per month at its peak. A text claims you owe a small toll balance, usually under $5, from a specific road or bridge. The small amount makes it feel legitimate and not worth disputing. The link leads to a phishing page that collects your card details, name, address, and often your license plate number and Social Security number under the guise of account verification.

Red flags:

• The amount owed is always small — under $5
• The link does not match the official toll agency’s domain
• The message creates urgency with a specific payment deadline
• You may not have recently driven on a toll road at all

What to do: Delete the text. Check your actual toll account by going directly to the official website through a search engine, not through any link in the text. Report to the FTC and your state’s toll authority.

4. Wrong Number / Pig Butchering Setup

Real example: “Hey Emily! Can’t wait to see you Saturday. The reservation is at 7pm, don’t forget :)”

Follow-up after you reply, it’s the wrong number: “Oh, I’m so sorry! I feel terrible. I’m Jessica, by the way. Are you having a good day? :)”

How it works: This is the setup text for what is known as a pig butchering scam, named after the practice of “fattening” a victim before the slaughter. The initial wrong number message is intentionally designed to prompt a polite reply correcting the mistake. The scammer then uses that reply to start a friendly conversation that builds gradually over days or weeks into a romantic or friendly relationship.

Once trust is established, which can take months, the scammer introduces a “once in a lifetime” investment opportunity, usually cryptocurrency. They show fabricated returns on a fake trading platform they control. Victims invest increasingly large amounts before the platform disappears, along with all their money. The FBI reported $3.96 billion in losses to cryptocurrency investment fraud in 2023, with pig butchering accounting for a significant portion.

Red flags:

• A stranger responds to your correction and continues trying to chat
• The person is unusually warm and interested in you from the first exchange
• The conversation eventually steers toward investment or financial topics

What to do: Never respond to wrong number texts from unknown contacts. Block immediately. If you have already engaged and the conversation has moved toward investment, stop all contact and do not send any money.

5. Fake Job Offer / Task Scam

Real example: “Hi, I’m Sarah from TalentBridge Recruiting. We have a remote product review position paying $200-400/day, flexible hours, no experience needed. Interested? Reply YES for details.”

How it works: These scams appeared in the FTC’s top five most-reported scam categories in 2024. You receive an unsolicited job offer for a simple remote task rating apps, reviewing products, and liking social media posts. The job pays unrealistically well for minimal work. Once you express interest, you are onboarded onto a fake task platform and assigned simple tasks. Then comes the catch: to unlock your earnings or move to the next level, you need to make a small deposit. The deposits escalate. Eventually, the platform and recruiter disappear.

Red flags:

• You received a job offer without applying anywhere
• The pay is unrealistically high for the work described
• You are asked to pay anything upfront — for training, equipment, or to unlock tasks
• The recruiter uses a personal phone number rather than a company email

What to do: Run the recruiter’s phone number through Social Catfish’s reverse phone lookup to confirm whether the number is registered to a legitimate business identity before responding. Never pay anything to start a job.

6. Amazon / Apple / Google Account Alert Scam

Real example: “Amazon Security: Unusual sign-in detected on your account from Romania. Your account has been temporarily limited. Verify now to restore access: amazon-secure-login[.]co”

How it works: A text impersonating Amazon, Apple, or Google claims your account has been compromised and asks you to click a link to verify your identity or restore access. The link leads to a convincing fake login page. You enter your credentials, which are immediately captured by the scammer. They use your real account credentials to make purchases, access stored payment methods, or sell your login details.

Red flags:

• The link does not go to the company’s real domain — amazon.com, apple.com, google.com
• The message uses a generic greeting rather than your account name
• There is urgency about account restriction or suspension
• You are asked to log in through a link rather than through the official app

What to do: Never click the link. Open the official app or go directly to the website through your browser and check your account status there. Enable two-factor authentication on all major accounts.

7. IRS / Government Agency Scam

Real example: “IRS FINAL NOTICE: You owe $1,847 in unpaid taxes. Failure to pay within 24 hours will result in arrest warrant. Call immediately: 1-800-555-0174 or pay at: irs-payment-portal[.]com”

How it works: These texts impersonate the IRS, Social Security Administration, Medicare, or other government agencies and threaten legal consequences, arrest, benefit suspension, account seizure for unpaid taxes, or fraudulent activity on your account. The threat of government action creates immediate fear that overrides rational thinking.

The IRS does not contact taxpayers by text message. It does not demand immediate payment via gift card, wire transfer, or cryptocurrency. Anyone claiming to be from the IRS via text is running a scam.

Red flags:

• The IRS never contacts people by text, ever
• Threats of arrest or immediate legal action are always scams
• Requests for payment via gift card, wire transfer, or crypto are always scams
• Legitimate tax debt has a formal process involving mailed notices

What to do: Delete the text. If you are concerned about genuine tax obligations, contact the IRS directly at irs.gov or 1-800-829-1040. Report the scam text to [email protected].

8. Fake Prize / Free Gift Scam

Real example: “Congratulations! You’ve been selected as this week’s winner of a $500 Walmart gift card. Claim your reward before it expires: walmart-rewards-claim[.]net expires in 2 hours”

How it works: You receive a text claiming you won a prize you never entered to win. To claim it, you need to click a link and provide personal information, name, address, date of birth, and sometimes payment details for a “shipping fee.” There is no prize. The personal information is harvested for identity theft or sold to data brokers, and the “shipping fee” is pure theft.

Red flags:

• You did not enter any contest or promotion
• The link does not go to the retailer’s official domain
• You are asked for personal information or a small payment to claim the prize
• There is a tight deadline creating urgency

What to do: Delete and block. Report to the FTC at reportfraud.ftc.gov. Never pay a fee to claim a prize you supposedly won.

9. Two-Factor Authentication Code Request

Real example: “Hi, I accidentally sent a verification code to your number. I was trying to log into my old account. Could you send me the 6-digit code you just received? Sorry for the trouble!”

How it works: This scam is growing rapidly and is particularly dangerous because it does not ask for your password; it asks for the code that protects your account, even when someone has your password. The scammer already has your login credentials from a previous data breach. They trigger a login attempt on your account, which sends a real 2FA code to your phone. They then contact you with a plausible story about accidentally sending the code to the wrong number and ask you to forward it.

The moment you share the code, they have full access to your account.

Red flags:

• You received a 2FA code you did not request — someone is already trying to access your account
• Anyone asking you to share a verification code you received is attempting to hijack an account
• The story sounds reasonable — that is intentional

What to do: Never share a 2FA code with anyone under any circumstances. A legitimate service will never ask for it. If you received an unrequested code, change your password for that account immediately and enable a stronger authentication method.

10. Romance / Relationship Scam Text

Real example: “Hey, I know this is out of nowhere but I saw your profile and I really wanted to reach out. I’m Marcus, I work in international logistics. Are you single?”

How it works: Romance scam texts open a conversation that builds into a simulated relationship over weeks or months. The scammer never wants to video call, always has a reason, and never meets in person. Once emotional attachment is established, a financial emergency arises: a medical crisis, a business problem, a travel situation that needs a bridge. The requests start small and escalate.

The FTC reported that romance scams cost Americans more than any other fraud category, with losses exceeding $1.3 billion in 2023 alone.

Red flags:

• They contacted you out of nowhere with romantic interest
• They cannot or will not video call
• They always have a reason why they cannot meet
• A financial emergency eventually arises no matter how the relationship started

What to do: Run a reverse image search on any photos they send you. Social Catfish stolen profile photos from models or influencers are the most common signal. Run their phone number through Social Catfish’s reverse phone lookup to confirm the identity behind the number before the relationship goes any further.

How to Report a Scam Text

Reporting scam texts helps protect others and contributes to enforcement actions against the operations running these campaigns.

Forward to 7726 (SPAM). This reports the text to your carrier, who uses the information to identify and block scam numbers across their network.

Report to the FTC at reportfraud.ftc.gov. The FTC aggregates scam reports and uses them to identify patterns, pursue enforcement actions, and publish warnings about emerging scam types.

Report to the FBI at ic3.gov. If you lost money to a scam text, file a report with the FBI’s Internet Crime Complaint Center. This is particularly important for larger losses and for pig butchering and investment fraud cases.

Identify the sender first. Before reporting, run the number through Social Catfish’s reverse phone lookup. This tells you who owns the number, what identity it is registered to, and whether it is a VoIP or burner number, information that may be useful if you pursue a formal complaint or need to document what happened.

How to Tell If a Text Is a Scam — Universal Red Flags

Regardless of which scam type you encounter, these signals appear across almost all of them:

• Urgency or threats. A deadline, a threat of arrest, account suspension, or package loss scam texts almost always manufacture time pressure.
• Suspicious links. The domain in the link does not match the organisation’s real website. Look carefully — scammers use variations like usps-delivery-notice[.]com or amazon-secure[.]co.
• Generic greeting. Legitimate organisations that have your contact details know your name. “Dear customer” or no greeting at all is a red flag.
• Requests for personal or financial information. A legitimate text from a carrier, bank, or government agency will never ask you to provide your Social Security number, full account number, or card details via text.
• Payment via gift card, wire transfer, or cryptocurrency. No legitimate organisation accepts these as payment for taxes, fees, or penalties. These payment methods are irreversible, which is exactly why scammers prefer them.
• Request to move to WhatsApp or Telegram. Moving the conversation off the original platform removes the record of initial contact and takes you outside any potential carrier monitoring.

FAQ

Conclusion

Scam text messages are the fastest-growing fraud vector in the US. The ten types covered above, fake delivery, bank alerts, toll scams, pig butchering, fake jobs, account alerts, government impersonation, fake prizes, 2FA hijacking, and romance scams, account for the vast majority of reported losses.

The single most useful habit is to pause before acting on any text that creates urgency, asks you to click a link, or requests personal or financial information. If you receive a suspicious text and want to know who sent it before deciding what to do, Social Catfish’s reverse phone lookup gives you that answer privately, immediately, and without tipping off the sender.