Americans reported losing $3.5 billion to imposter scams in 2025, making it the single largest fraud category tracked by the Federal Trade Commission. The costliest versions of these scams often begin with a single text message or phone call that appears to come from a trusted source, such as a government agency, a bank’s fraud department, or a tech support line. What starts as a brief, alarming contact frequently escalates into a longer sequence designed to drain bank accounts and steal personal data.
How fake toll texts became a gateway to bigger fraud
The FTC’s June 2026 data release confirmed that imposter scams were the most reported fraud category last year. The agency also noted that the costliest variants often begin with a fake security contact, a pattern that has shifted in recent months toward text messages spoofing real toll-road programs.
Government imposter reports have shown growth tied to bogus “overdue toll” messages that mimic legitimate billing systems, according to FTC consumer alerts. These texts typically claim a driver owes a small fee and must pay immediately to avoid penalties. The low dollar amount is intentional. A request for $4.35 in unpaid tolls feels routine enough that many recipients tap the link without a second thought.
That tap is the entry point. Once a victim provides payment card details or clicks through to a spoofed website, scammers gain enough personal information to attempt a second, more profitable contact. The initial toll text functions less as a standalone theft and more as a screening tool, identifying people willing to respond to an urgent message from what looks like a government entity. Those who engage become targets for follow-up calls impersonating bank fraud departments or federal agencies, where the real financial damage occurs.
The FBI has documented a parallel pattern in tech support scams, which begin with an unexpected pop-up alert or phone call from someone posing as a security representative. The goal in those cases is to gain remote access to a victim’s computer or extract login credentials. A separate FBI alert on account takeover fraud describes how criminals impersonate financial institution support staff to trick people into handing over access to their own accounts. In both scenarios, the scam works because the first contact mimics a legitimate warning the victim expects to receive.
$3.5 billion in losses and the data behind the number
The $3.5 billion figure comes from reports filed directly with the FTC through its Consumer Sentinel Network, the agency’s primary fraud-reporting database. That total reflects only what consumers chose to report, meaning the actual losses are almost certainly higher. Many victims never file a complaint, either because the amount stolen was small or because they did not realize they had been scammed until much later.
Older Americans bear a disproportionate share of the burden. Scammers stole more than $3.4 billion from older adults last year, according to an FBI report covered by the Associated Press. The overlap between those two figures is significant. Seniors are more likely to answer phone calls from unknown numbers and less likely to recognize spoofed caller IDs, making them prime targets for the multi-step impersonation sequences that produce the largest individual losses.
The chain typically works like this: a victim receives an initial contact, whether a toll text, a pop-up warning, or a call claiming to be from their bank. The first impersonator establishes urgency, then either extracts payment directly or hands the victim off to a second caller posing as a law enforcement officer or government agent. That second caller instructs the victim to move money to a “safe” account, which the scammers control. Each handoff adds a layer of false authority that makes the victim less likely to hang up.
In many cases, the callers urge victims not to speak with family members or local bank staff, claiming that doing so could “jeopardize the investigation.” This isolation is intentional. By cutting people off from outside advice, scammers reduce the chances that someone will question the story or recognize common red flags, such as requests to buy gift cards, wire funds overseas, or convert savings into cryptocurrency.
Gaps in enforcement and what consumers face next
Several critical questions remain unanswered by the available data. The FTC’s Consumer Sentinel dashboards track fraud by category and contact method, but the agency has not published a detailed breakdown showing exactly how many of the $3.5 billion in losses began with a text message versus a phone call versus an email. Without that granularity, it is difficult to measure precisely how effective toll-impersonation texts are as an on-ramp compared to other initial contact methods.
The specific spoofing technology behind these campaigns also remains poorly documented in public enforcement records. Scammers can rotate through thousands of phone numbers and domain names in a matter of hours, outpacing tools like the Do Not Call registry and basic spam filters. The FTC has finalized a rule targeting impersonation of government agencies and businesses, giving the agency more authority to pursue civil penalties against companies and individuals who misrepresent themselves. Still, the speed at which new spoofed campaigns appear raises questions about whether enforcement can keep pace with the sheer volume of fraudulent outreach.
No primary-source case filings have yet confirmed the full sequential flow, from toll text to bank impersonation to government impersonation, as a single, documented operation. Investigators have described similar patterns across separate cases, but the public record does not yet show a definitive, end-to-end prosecution of a group that used all three stages together. This gap does not mean the pattern is rare; it may simply reflect the way complaints are logged and investigated, with each phase categorized under different types of fraud.
For consumers, that distinction matters less than the practical reality: the first message or call is rarely the end of the story. Once a person has responded to a fake toll notice or tech support alert, their contact information and behavioral profile can be shared or sold to other scammers who specialize in higher-dollar schemes. A single mistaken tap can therefore lead to weeks or months of follow-up attempts, all framed as urgent efforts to fix a problem that never existed.
How to recognize and respond to imposter scams
Experts who study these fraud patterns emphasize a few simple rules. Government agencies do not demand immediate payment over text message, and they do not threaten arrest over unpaid tolls, taxes, or fees. Legitimate toll agencies send bills by mail or through official apps, not through generic links in unsolicited messages. Banks and credit unions may contact customers about suspicious activity, but they will not ask people to move money to outside “safe” accounts or provide full passwords over the phone.
Consumers who receive an alarming text or call are urged to slow down and verify the claim using a trusted channel. That means hanging up and dialing the number printed on the back of a bank card, typing a known web address into a browser instead of clicking a link, or logging into an official account portal to check for alerts. If a message claims to come from a toll agency, people can look up the agency’s website independently and search for outstanding balances there.
Reporting attempted scams remains a critical part of the response. Even when no money is lost, forwarding suspicious texts to carriers, filing complaints with the FTC, and alerting state attorneys general can help investigators map out new campaigns and identify repeat patterns. Over time, those reports feed back into public warnings, enforcement actions, and the data that shape policy decisions about how to regulate caller ID spoofing, text messaging platforms, and payment intermediaries.
As imposter scams continue to evolve, the most effective defense for individuals may be a combination of skepticism and routine. Treat unexpected requests for payment or personal information as suspect by default, especially when they arrive through text or pop-up windows. Build the habit of confirming any urgent claim through a second, independent channel. The same instincts that keep people from opening the door to a stranger late at night now need to apply to the messages and calls that arrive on their phones every day.
More from Morning Overview
*This article was researched with the help of AI, with human editors creating the final content.
