10 Text Message Scams You Didn't Know About (Until Now)

Do You Know How To Spot a Text Scam?

Kizzy Broaden thought she was doing the right thing when she responded to a fraud alert text from her bank [*]. She called the number in the text and quickly “verified” her identity by providing her Social Security number (SSN) and debit card details. Minutes later, both her personal and business accounts were empty. 

Unfortunately, Kizzy is just one of nearly 60 million Americans who have fallen victim to text message scams in the past year [*]. 

Text scams (also known as “smishing”) are among the most common tactics scammers use to steal personal information. Last year alone, scammers sent out 87.8 billion spam text messages and defrauded victims of over $10 billion [*].

If you’ve received a suspicious text, don’t respond, click on links, or call any numbers. In this guide, you will learn what else to do to keep your identity and money safe from scammers.

{{show-toc}}

How Do Text Message Scams Work?

Fraudsters implement numerous types of text message scams. But they all follow a similar pattern:

• You receive a text message from an unknown or “spoofed” number. Scammers use technology to make it look like they’re messaging you from a business or person you know (such as the IRS, Apple, or Amazon).
• The message creates a sense of urgency to get you to act quickly. For example, it may claim that your bank account has been closed or that you’ve won a free gift. 
• Next, the scammer will try to get you to either respond, click on a link, or call a number. 

In recent years, text scammers have become masters of human psychology. They know exactly what to say to get you to act without thinking. 

But what happens when you fall for their schemes?

Are Text Message Scams Dangerous?

That depends on the scam — and how you respond to the message. 

Typically, text scammers have three goals:

1. Getting you to click on a link that downloads malware onto your device. Once infected, hackers can spy on you, steal your passwords and sensitive information, or lock you out and demand a ransom. 
2. Sending you to phishing sites that steal your personal information. Links could also take you to fake websites designed to steal your passwords, credentials, or credit card numbers.
3. Prompting you to call them. Once you’re on the phone, scammers can ask you to “verify” personal information (like your SSN or banking information) or target you with other social engineering attacks.

Any of these actions can result in immediate and long-term financial losses or even identity theft.

The 10 Latest Text Messages Scams To Avoid

1. Missed delivery notifications
2. “Is this you?” messages
3. Text scams claiming that your bank is closing your account
4. Texts claiming that you’ve won a prize
5. Texts claiming that your debit or credit card has been locked
6. Text messages supposedly from the IRS
7. Text messages from your own number
8. Texts claiming that your payment for subscription services didn’t go through
9. Texts about purchases you didn’t make
10. Two-factor authentication (2FA) scam messages

How can you identify these text message scams, and what should you do if you get one?

1. Missed delivery notification from UPS or others

With more people shopping online because of the pandemic, delivery notification scam texts have run rampant. 

In this scam, the fraudster sends a fake text message claiming to be from UPS, FedEx, or a similar delivery service, notifying you that a “delivery” was missed or needs to be rescheduled. 

If you’ve recently bought something online, you’ll be tempted to click on the link. But doing so will often lead you to a scam site that requests your personal information or asks for an advance payment in order to deliver your package. 

Spot the scam:

• You aren’t expecting a delivery from this company. 
• The text message comes from a long or unusual phone number. 
• The link in the text is obscured or doesn’t come from an official USPS, UPS, or FedEx website. 

What to do:

Don’t reply or click on the link in the text. Instead, go to the official website for the delivery service (FedEx, USPS, etc.) to track your package and get the latest updates. If you received a tracking number in the text message, you can always copy and paste it to confirm its legitimacy on the actual website. 

You should also report fraudulent texts or phishing scams to the company. Here’s how:

• UPS: Forward the scam message to fraud@ups.com. 
• FedEx: Forward the scam message to abuse@fedex.com.
• USPS: Forward the scam message to spam@uspis.gov.

⛳️ Related: How To (Finally) Stop Unwanted Texts on iPhones →

2. “Is this you?” messages purporting to be from a friend or colleague

A message from a friend, family member, or employer would likely prompt an immediate response. And that’s what scammers are counting on. 

With just your phone number and some publicly available information from your social media profiles and online footprint, scammers can send you a convincing text message claiming to be from someone you know. 

Some of these scams pretend to be from a colleague (such as a boss claiming to be in an emergency situation and needing you to send money or gift cards). Others might even claim to be a romantic interest. 

Spot the scam:

• You received a text claiming to be from someone you know, but the sender uses strange language or asks things you wouldn’t expect of them. 
• The sender requests you to send payment through unconventional means such as cryptocurrencies, Venmo, or gift cards. 

What to do:

Slow down and confirm the information before you act. Call the person, or make contact through a different method to make sure they sent the message. 

Never assume a text is legitimate — even if it uses a phone number you recognize (as scammers can spoof their number and hide the true source).

⛳️ Related: Can Someone Hack You With Just Your Phone Number? →

3. Text scams claiming that your bank is closing your account 

Scammers know that sending you anything to do with your bank account will prompt you to act without thinking. 

Fake bank text message scams will often claim that your account has been locked or closed due to security concerns. To restore access, you will be asked to follow a link or call a phone number — at which point the scam happens. 

Michelle Hoeting nearly fell victim to this scam after receiving a text claiming to be from her bank. Terrified of losing her account, she almost clicked on the link when she received another text. This time, it was from Wells Fargo. But Hoeting didn’t have a Wells Fargo account. That’s when she knew it was a scam [*]. 

Spot the scam:

• The text claims to be from a bank but uses an unofficial number.
• The sender requests personal information via text or phone call. 
• The text is from a bank or financial institution that you don’t use (or haven’t used in years).

What to do:

Don’t respond to the text. Instead, contact your bank via official channels to confirm the status of your account. If you find out that it's a scam, report it to your bank’s fraud department.

4. Texts claiming that you’ve won a prize or sweepstakes

Winning a tropical holiday to the Bahamas, a new MacBook, or a million dollar cash prize would make your day.  

But did you really win?

Receiving a notification about winning a prize from a competition you don’t remember entering is a red flag for a sweepstakes text scam. To claim the prize, scammers will ask you to pay a fee and provide personal and banking information. 

In the news: Scammers are using the name of the Powerball Winner, Manuel Franco, to lure people into providing personal information in order to claim their winnings [*].  

Spot the scam:

• You received a text about winning a competition you never entered. 
• The sender wants you to click on a link, pay a fee, or text an unknown number. 
• The sender wants you to “confirm your identity” by sending them your personally identifiable information (PII).

What to do:

Since you were never in a competition, don’t bother responding to the text. Also, never pay a fee or provide personal information such as your SSN, account number, driver license, etc., in exchange for claiming a prize. 

⛳️ Related: How To Spot (and Avoid) Publishers Clearing House Scams →

5. Texts claiming that your debit or credit card has been locked

If you’re out shopping or in immediate need of funds, you could be tempted to try and unblock your card using a link contained in a spam text message. But if you click on the link, it will take you to a phishing site that steals your information (and gives scammers access to your bank account). 

Spot the scam:

• You receive a fraud alert text from a credit or debit card company that you don’t use. 
• You’re asked to confirm your identity by providing your full name, credit card number, and PIN.
• The link in the text is different from that of your debit or credit card provider. 

What to do:

Notify your bank or credit card company via the appropriate channels. If in doubt, call the number on the back of your physical card — not the one contained in the text. 

If the scammer used your banking information in the text or on a call (such as your account or credit card number), you should assume your financial accounts are compromised and follow the steps in the fraud victim’s checklist. 

⛳️ Related: Beware of These 7 Wells Fargo Scam Texts →

6. Text messages supposedly from the IRS or other government agencies 

Criminals know most people become anxious dealing with the IRS. For this reason, they will often impersonate agents via texts and calls in an effort to trick you into paying for taxes and other related fees that you don’t owe.  

These scams can take different forms. For example, you might be told that there’s a warrant out for your arrest due to tax evasion, or that you’re eligible for additional stimulus funds. But in both cases, the scammers want you to engage so that they can steal your personal information or get you to send them money. 

Spot the scam:

• You receive an unsolicited text from the IRS (or any government agency) asking for your personal or financial information. In actuality, no IRS agent will initiate contact with you by phone or text message. 
• The agent or government agency wants you to pay a “fee” to accept your tax refund or benefits.  

What to do:

Contact the Treasury Inspector General for Tax Administration here. Alternatively, you can screenshot the message and caller ID and then forward it to phishing@irs.gov. 

⛳️ Related: The 13 Latest Tax Refund Scams To Beware Of →

7. Text messages from your own number

Perhaps the weirdest of all text scams is receiving one from your own number. Lately, criminals are spoofing users’ phone numbers and sending texts thanking them for paying their phone bills, with the hope that recipients will respond out of curiosity.

In April, a New York Times’ writer received a spam text from his own number reading: “ATT Free Msg: Your bill is paid for March. Thanks, here’s a little gift for you,” followed by a suspicious link [*]. 

Spot the scam:

• You’re getting strange text messages from your own phone number. 
• The message offers a free prize or asks you to click on a suspicious link. 

What to do:

Don’t click on any links as they could download malware — and potentially allow scammers to hack your phone. Also, never reply “STOP” as it indicates to the scammer that your number is active, which will prompt them to send you more spam texts. To report spam text messages, forward it to SPAM (7726).

⛳️ Related: Help! My Phone Number Is Being Spoofed (What To Do) →

8. Texts claiming that your payment for subscription services didn’t go through (Netflix, HBO, etc.)

Subscription services like Netflix, Disney, HBO, and Hulu have become common targets for text scammers. In these scams, you receive a text message claiming that your account has been locked due to non-payment — or that you have money waiting for you because of an “overpayment.” 

The scammer’s goal is to get you to click on the link and enter your payment information — which goes straight to the scammer. 

Spot the scam:

• Any unsolicited text message from a subscription service is a potential scam. 
• The text contains spelling or grammatical errors. 
• You’re asked to click on a link that is either obscured or leads to an unexpected URL. 

What to do:

Don’t respond or click on the link in the text. If you’re unsure of the status of your subscription, log in to your account directly on the company’s website, and check your payment history. If there’s an issue, update your billing information using the official website or app — never the link in the text message. 

⛳️ Related: How To Stop Spam Texts from Email Addresses →

9. Texts about purchases you didn’t make (fake fraud alerts)

No one wants to pay for products or services they didn’t ask for. Scammers use the threat of fraudulent purchases to get you on the phone or to prompt you to confirm your banking information. 

In one common version of this scam, you’ll get a “courtesy alert” about a purchase you didn’t make. A phone number is provided for you to call if it wasn’t you. Once on the phone, the scammers will push you to “verify” your personal information, such as your credit card number. 

Sometimes scammers will send these alerts claiming to be from your bank. These fake fraud alerts ask you to respond with “YES” or “NO” for a pending transaction. But no matter how you reply, you’ll be told you need to call to “verify” your response. 

Spot the scam:

• The text message creates a sense of urgency by claiming that you’ll lose money if you don’t respond quickly. 
• The text includes a phone number to call, or a link to click, in order to stop the pending payment. 

What to do:

Never click on links, respond to messages, or call phone numbers in these scam texts. Ignore them as much as possible. If you’re concerned about the potential purchase, contact your bank’s fraud department directly (using the phone number on their website or the back of your card), and ask them to verify the purchase. 

10. Two-factor authentication (2FA) scam text messages

Two-factor authentication (2FA) adds an extra layer of security to your accounts. It works by sending a short code to your mobile device once it detects a login attempt on your account. 

This process makes it difficult for hackers to access your account even though they have your username and password. So, their next attempt is to “smish” your authentication code from your mobile phone. 

First, they’ll spoof the number of a legitimate company (for example, Snapchat), and send you a text claiming they’ve detected “suspicious login activity” on your account [*]. To avoid locking your account, they’ll request that you text them back your 2FA code once you receive it. If you send it to them, you’ve given them access to your account. 

Spot the scam:

• Anyone asking for a 2FA code is a scammer — companies will never require you to share these codes with their support or security teams. 

What to do:

A fake 2FA message means someone already has your username and password — but can’t yet access your account. 

The best solution is to log in to your account using the official address of the website and then change your password. You can also switch to using an authenticator app instead of SMS-based 2FA.

Authenticator apps are more secure, as they generate a one-time code within the app that expires after a set-time limit — usually 30 seconds.

⛳️ Related: Don’t Fall For These 7 Dirty Snapchat Scams →

What To Do If You Receive a Scam Text

The good news is that receiving a scam text isn’t dangerous. But if you do anything more than look at it, you could put yourself at risk. Instead, here’s what to do if you receive a scam text:

• Don’t respond. Any action can put you at risk of being scammed or having your identity stolen. Don’t reply (even with “STOP”) or call phone numbers in unsolicited text messages.‍
• Don’t click on any links. Scam text links can send you to phishing sites or even infect your device with malware that allows fraudsters to steal your personal information. ‍
• Contact the company directly. If a scammer claims to be from a company you use (or your bank), contact them through official channels — not the contact information contained in the text message. 
• Report scam texts: Forward the message to the Federal Communications Commission (FCC) at SPAM (7726) or report it to the Federal Trade Commission (FTC) at ReportFraud.ftc.gov.  ‍
• Resist the urge to mess with scammers. Believing that you can outsmart scammers — either by prank calling them or constantly chatting with them — only puts you more at risk.‍
• Block the number. This will stop scammers from pestering you and continuing to try to scam you.‍
• Delete the scam text. Don’t leave it in your inbox where you might accidentally open it or click on a link. If possible, delete all scam texts without opening them. 

⛳️ Related: How To Stop Spam Text Messages (on Android and iPhone) →

Did You Click on a Link or Give Information To a Text Scammer? Do This

If you accidentally responded to a scam text or clicked on a link, you could be vulnerable to several different cyber and phishing attacks. Follow the steps below if you responded in any way to a scam text.

What to do if you clicked on a link in a scam text 

• Disconnect your device from your network and Wi-Fi. This stops hackers from spying on you or doing any further damage. 
• Use antivirus software to find and remove malware or spyware that has infected your phone. 
• Clear your browsing history, cache, and downloads to remove any malware that has entered your phone while visiting the website. 
• Uninstall all unrecognized apps, and reset your phone to default factory settings. 
• Check your bank statements and credit file for suspicious charges. 

What to do if you gave your personal information to a text scammer 

• Freeze your credit. This stops scammers from taking out loans or opening new accounts in your name. 
• Contact the fraud department of your bank and credit card issuers. They’ll guide you through the next steps in securing your accounts, freezing your current credit or debit cards, and applying for new ones. 
• Change passwords to your online accounts, and add an extra layer of security using two-factor authentication (2FA). 
• File an official identity theft report with the FTC at IdentityTheft.gov.
• If your identity has been stolen (or you have information about the scammers) file a police report with your local law enforcement. 
• Consider signing up for Aura’s identity theft protection service. With Aura, you get powerful antivirus protection for all your devices as well as identity theft protection, credit monitoring, and more. Plus, if the worst should happen, you’re covered by a $1,000,000 insurance policy for eligible losses due to identity theft.

The Bottom Line: Protect Your Phone Number from Scammers

2,695,229,046. That’s the number of spam texts that scammers send out every week [*]. 

If you’re not careful, you can easily become one of their victims. While there’s almost no way to stop scam texts, you can keep your inbox secure by following a few steps: 

• Filter out text messages from unknown senders. Aura's SMS protection will field unwanted texts and place them into a junk folder for you.‍
• On iPhone: Go to Settings > Messages > then scroll down to Message Filtering > Toggle on “Filter Unknown Senders.”

• On Android: Go to Messages > then navigate to Settings > Click on Spam Protection and enable it.

• Avoid giving out your phone number to strangers or posting it to your social media accounts.
• Never provide personal information over a text or phone call unless you know for certain whom you’re speaking with.  
• Forward all spam texts to SPAM (7726).
• Never assume a text message is from a trusted source. Scammers often spoof numbers of legitimate businesses to make spam texts appear authentic.

Don’t fall for sleazy text message scams. Instead, keep yourself safe by slowing down, avoiding suspicious links, and never giving out personal or sensitive information to people you don’t know — especially if they're texting or calling from random numbers.

And for added protection, consider Aura’s all-in-one digital security solution. 

Aura protects your devices from spam text messages, phishing websites, robocalls, and malware — and monitors your financial and personal accounts for signs of fraud. If anyone is trying to scam you, Aura will let you know and help you avoid financial losses and identity theft. 

Try Aura free for 14 days to protect your identity (and your finances).