Share
SCAM VERDICT

Is that bank or government text real? What the FTC's 2025 data says

Short answer: a bank that texts you to "move your money to a safe account" is a scam, and a government agency that calls demanding payment or threatening arrest is a scam. The FTC's 2025 fraud data, released June 2026, show imposter scams were the number one fraud category again, with $3.5 billion lost. Here is how to tell a real bank or government message from a fake one.

SafeBrowz Threat Research Security ResearchJune 28, 20269 min read

Verdict: a bank telling you to "move money to a safe account" is a scam, and a gov agency threatening arrest is a scam

No real bank ever tells you to move your money to a "safe account," and no real government agency, not the SSA, the IRS, or the police, calls to demand payment or threaten arrest. The FTC's 2025 fraud data, released in June 2026, confirm why this matters: imposter scams were the top fraud category for the fifth straight year, with people reporting $3.5 billion in losses. Bank impersonation was the costliest single type, and government imposters cost people about $920 million. If a text or call pressures you to move money, pay a fee, read out a code, or act in the next few minutes, hang up. Then call your bank using the number on the back of your card, or check the agency yourself at ssa.gov, irs.gov, or consumer.ftc.gov. Report it at reportfraud.ftc.gov.

The Brief

On June 26, 2026, the Federal Trade Commission released its 2025 fraud data, and the headline number was blunt: people reported losing $3.5 billion to imposter scams in a single year (FTC press release, ftc.gov, June 2026). Imposter scams led every other fraud category for the fifth year running. Nearly one in three of the more than one million imposter reports the FTC received involved someone pretending to be a person or organization the victim trusts. Two flavors do the most damage, and both are easy to recognize once you know the tells.

The first is business impersonation, which the FTC reported cost people nearly $1 billion, with the highest losses going to bank impersonators. The second is government impersonation, at about $920 million, up from $789 million in 2024, with reports up roughly 40 percent, driven in part by fake overdue-toll messages (FTC press release, ftc.gov, June 2026). The bank version and the government version sound official and urgent. Neither is something a real bank or agency would ever actually do.

The costliest scam: the fake bank "move your money" text or call

The FTC singled out how the costliest impersonation scams begin: a fake security alert, often appearing to come from your bank, warning of a suspicious charge or unauthorized login. The message convinces you to "protect" your money by moving it, and people's losses are often limited only by how much money they can reach (FTC press release, ftc.gov, June 2026).

It usually starts as a text. "We blocked a $2,400 charge on your account. If this was not you, reply NO." You reply, and the phone rings seconds later. A calm "fraud department" agent already knows your name and maybe your last transaction, which feels like proof, but it proves nothing. That information is widely available or guessed. The agent says your account is compromised and the only way to keep your money safe is to transfer it to a "secure" or "safe" account they will help you set up, or to read out a verification code, or to move funds while they "watch the account." Every one of those steps hands your money or access straight to the scammer. This is the same machinery behind the broader fake bank fraud-department phone scam, where the caller poses as your bank's security team.

Here is the single rule that defeats it: a real bank will never ask you to move your money to another account to keep it safe. Your money is already safe where it is. If a bank truly detects fraud, it freezes the card or the transaction, it does not coach you through a transfer. The instant a "bank" tells you to move money, you are talking to a scammer.

The threat-and-payment scam: fake SSA, IRS, and police calls

Government imposters work a different lever: fear. A recorded or live caller claims to be the Social Security Administration, the IRS, or local police, and says there is a problem only an immediate payment can fix. Your Social Security number has been "suspended" over suspicious activity. You owe back taxes and a warrant is being issued. You missed jury duty and an officer is on the way. Pay now, by gift card, wire, payment app, or even cash or cryptocurrency through a kiosk, or you will be arrested.

None of it is how these agencies operate. The SSA does not suspend Social Security numbers, and it does not call to threaten arrest. The IRS contacts people about taxes owed by mail first, and it never demands payment by gift card, wire, or cryptocurrency, nor does it threaten to send police. Real police do not call to collect a fine or a "bond" over the phone. We cover the arrest-threat version in depth in the fake police and court "digital arrest" call guide, and the Social Security angle in the Social Security impersonation scam breakdown.

The FTC also flagged a fast-growing entry point this year: fake overdue-toll texts, which helped push government-imposter reports up about 40 percent. If you get a text about an unpaid toll with a link to pay, treat it as a scam and check directly with your real toll operator. We break that exact campaign down in the unpaid-toll text scam guide.

๐Ÿ›ก LIVE CHECK

Got a link in a "bank alert" or "government" text? Check it before you tap

The safest move is to ignore the link and reach the bank or agency yourself. But if a message has a link and you want to see what it really is, paste it below first. Our 3-layer engine (Local + APIs + AI) returns a verdict in about 3 seconds. Free, no signup.

Full scan with deep AI analysis โ†’ ยท No URL is logged to your identity.

Real bank or agency vs. the scam: the deciding factors

The topic is not the giveaway, because a real bank fraud alert and a fake one can name the same thing. What separates them is the behavior of the message.

A real bank may alert you to a suspicious charge, but it tells you to call the number on the back of your card or open the official app, and it never asks you to move money to another account, never asks for your full card number, PIN, online-banking password, or a one-time code, and never keeps you on the phone to "stay on the line while we secure it." A genuine fraud team can act on the account without any of that.

A real government agency generally reaches you by mail first, gives you a way to verify through its official site, and never demands payment by gift card, wire, payment app, or cryptocurrency, never threatens immediate arrest, and never insists you stay on the call and tell no one. Those exact behaviors, urgency, secrecy, threats, and untraceable payment, are the fingerprint of the scam, not the agency.

A scam, bank or government, contacts you out of the blue, manufactures a crisis, and pushes you to act in minutes through a channel you cannot reverse. It may spoof a real bank name on caller ID or a real agency name in a text. The moment money movement, a code, a fee, or a threat enters the conversation, it is a scam, full stop.

The 30-second check: hang up and reach them yourself

This works whether the contact is genuine or fake, because it never trusts the message in front of you.

  1. Stop. Do not move money, pay anything, or read out a code. Not to "secure" your account, not to "release" anything, not to avoid arrest. Pressure to act right now is the tell.
  2. Hang up or close the message, then reach them on a number you trust. For your bank, use the number printed on the back of your card or in the official app, never a number from the text or the caller. For a government claim, type ssa.gov, irs.gov, or consumer.ftc.gov yourself.
  3. Verify the claim independently. Your real bank can tell you in seconds whether any fraud alert actually came from them. The agency's official site tells you how it really contacts people, and that it does not threaten arrest by phone.
  4. If it is real, nothing bad happens by waiting five minutes. A genuine alert survives a callback. A scam falls apart the moment you slow down and check.
  5. Report it. File at reportfraud.ftc.gov. This is the channel that feeds the very FTC data this article is built on.

Red flags in bank and government imposter scams

  • "Move your money to a safe account." No real bank ever says this. Your money is safe where it is. This single phrase is the costliest scam in the FTC's data.
  • A request to read out a one-time code, PIN, or full card number. A bank that genuinely detected fraud does not need you to read these to a caller.
  • A threat of arrest, a suspended Social Security number, or a warrant. The SSA, IRS, and police do not work this way. The threat exists only to scare you into paying.
  • Payment by gift card, wire, payment app, or cryptocurrency. No legitimate agency or bank collects money this way. These channels are chosen because they are hard to reverse.
  • Pressure to act in minutes and to keep it secret. "Stay on the line, do not tell anyone, do not hang up." Urgency plus secrecy is the fingerprint of fraud.
  • A link to a "secure" login or payment page in the text. It leads to a lookalike built to steal your banking password or card. Reach your bank or the agency by typing the address yourself.

What to do if you already moved money or shared details

Move fast. The sooner you act, the more you can contain.

  1. Call your bank or card issuer now, using the number on your card. Report it as fraud, ask to stop or recall any transfer, freeze or reissue the card, and watch for unauthorized activity. A wire or app transfer caught early can sometimes be recalled.
  2. If you shared a code, password, or card number, lock it down. Change your online-banking password from a clean device, turn on two-step verification, and call the bank so they can flag the account.
  3. If you paid by gift card, contact the card issuer immediately and keep the cards and receipts. Some funds can be frozen if you act quickly.
  4. If you installed any "support" or remote-access app, remove it. Disconnect from Wi-Fi, uninstall it, run a security scan, and change passwords from a different, clean device. If you sent crypto, see our step-by-step recovery guide.
  5. Report it. File at reportfraud.ftc.gov, and if you lost money, report to the FBI Internet Crime Complaint Center at ic3.gov.

How to report a bank or government imposter scam

  • Report to the FTC at reportfraud.ftc.gov. This is the official channel, and it feeds the annual data behind warnings like this one.
  • For a Social Security claim, verify and report through ssa.gov and the SSA Office of the Inspector General at oig.ssa.gov.
  • For an IRS or tax claim, check irs.gov and never act on a tax demand that arrives first by phone or text. See our IRS tax scam text and email guide.
  • In the US, report financial loss to the FBI at ic3.gov. Delete the message after reporting, and do not call any number it gave you.

How SafeBrowz blocks this threat

Be honest about scope. When the trap is a phone call telling you to move money or pay a fine, the human rule is the first defense: a real bank never tells you to move money, and a real agency never threatens arrest, so hang up and call back yourself. SafeBrowz scans links and pages, not the words a caller says. Where it does protect you is the moment the scam tries to send you somewhere. Most of these texts carry a link, to a fake bank login, a fake "secure your account" form, or a fake toll or tax payment page, designed to harvest your banking password or card. SafeBrowz's 3-layer engine (Local + APIs + AI) flags a fake bank or government login page, a brand name like your bank or an agency sitting on a domain that is not its real one, before you ever type anything, because it checks the domain against a 550+ brand database and 60+ phishing-URL patterns, not just a static blocklist. The same protection runs in the SafeBrowz browser extension and the SafeBrowz Android app, so a lookalike page opened from a text on your phone gets flagged too.

SafeBrowz works from a threat-intelligence methodology and an internal brand database. It does not collect or store your browsing history.

Install SafeBrowz free

Add the browser extension, or the SafeBrowz Android app, that checks every URL before it renders, on every page, against a 550+ brand database. So when a "bank alert" or "government" text sends you to a fake login or payment page, it is flagged before you type anything. Free forever, with optional Premium AI deep scan at $14.99 per year. It runs on Chrome, Firefox, and Edge, plus a live Android app.

Chrome Add to Chrome Firefox Add to Firefox Edge Add to Edge Google Play Get it on Google Play

See pricing and Premium features

Frequently asked questions

Will my bank ever text me to move my money to a safe account?

No. This is the single clearest tell of a scam. A real bank never asks you to move money to another account to keep it safe, because your money is already safe where it is. If a bank genuinely detects fraud, it freezes the card or transaction, it does not coach you through a transfer. The FTC's 2025 data found this exact "move your money to protect it" trick is how the costliest impersonation scams begin (FTC press release, ftc.gov, June 2026). If a message tells you to move money, hang up and call the number on the back of your card.

Does the Social Security Administration or IRS call to threaten arrest?

No. The SSA does not suspend Social Security numbers and does not call to threaten arrest. The IRS contacts people about taxes owed by mail first and never demands payment by gift card, wire, or cryptocurrency, nor does it threaten to send police. A call claiming your Social Security number is suspended, or that a warrant is being issued unless you pay now, is a scam. Government imposters cost people about $920 million in 2025 according to the FTC.

How big is the imposter scam problem according to the FTC?

In its 2025 fraud data released in June 2026, the FTC reported that imposter scams were the number one fraud category for the fifth straight year, with people reporting $3.5 billion in losses across more than one million reports. Business impersonation, led by bank impersonators, was the costliest at nearly $1 billion, and government impersonation reached about $920 million, up from $789 million in 2024, with reports up roughly 40 percent (FTC press release, ftc.gov, June 2026).

The caller knew my name and my last transaction. Doesn't that prove it's my bank?

No. Knowing your name, the last few digits of a card, or a recent transaction does not prove a caller is your bank. That information is widely available, bought from data leaks, or guessed, and scammers use it precisely because it feels like proof. Judge the call by what it asks you to do, not what it knows. If it asks you to move money, share a code, or pay urgently, it is a scam regardless of the details it recites. Hang up and call your bank back on the number on your card.

I got a text about an unpaid toll with a link to pay. Is it real?

Treat it as a scam. Fake overdue-toll texts helped push government-imposter reports up about 40 percent in the FTC's 2025 data. Do not tap the link or enter card details. If you genuinely use a toll service, check your account directly with the real operator by typing its address yourself, not through any link in the text. You can also paste the link into the SafeBrowz URL checker to see what it really is before you act.

What should I do if I already moved money or shared a code?

Act fast. Call your bank or card issuer using the number on your card, report it as fraud, and ask to stop or recall any transfer and freeze or reissue the card. A transfer caught early can sometimes be recalled. If you shared an online-banking password or code, change it from a clean device and turn on two-step verification. If you paid by gift card, contact the issuer immediately and keep the cards. Then report it at reportfraud.ftc.gov, and at ic3.gov if you lost money.

Related SafeBrowz coverage

Bottom line: The FTC's 2025 data make the lesson simple. Imposter scams led all fraud at $3.5 billion, bank impersonation was the costliest, and government imposters took about $920 million, and almost every one of them breaks the same two rules: a real bank never tells you to move money to a "safe account," and a real agency never threatens arrest or demands payment by gift card or wire. If a text or call does either, hang up and reach them yourself. And because these scams nearly always link to a fake bank or government page next, put SafeBrowz on your browser and phone so that fake page is flagged before you ever type a password.