Toll and USPS Text Scams: Stop Smishing in 2026

Fake toll bills and USPS delivery texts are flooding phones in 2026. Learn how smishing works, the red flags, and exactly what to do with the next scam text.

Sam CarterJun 15, 2026 7 min read

Cover image for Toll and USPS Text Scams: Stop Smishing in 2026 — Photo: aag_photos / flickr (BY-SA 2.0)

You owe $6.21 in unpaid tolls. Your package could not be delivered, update your address. Your account is on hold. If a text like that has landed on your phone recently, you are not alone: the FTC, FBI, and U.S. Postal Inspection Service have all warned that smishing, phishing delivered by text message, has become one of the most reported scams in the country. The lures are tiny dollar amounts and fake urgency, and the goal is your card number, login, or a quick install of malware.

Quick answer

Toll and USPS "you owe money" or "package held" texts are smishing: phishing over SMS that impersonates real agencies with cloned payment pages. The single best defense is to never tap links in unexpected texts; if you might genuinely owe a toll or have a package, open the official site or app yourself by typing the address. Government agencies, toll authorities, and USPS do not text unsolicited payment links. When you get one, forward it to 7726 (SPAM) so your carrier can block the campaign, then delete it. If you already paid, treat your card as compromised and call your bank.

Key takeaways

Smishing is phishing over SMS or messaging apps. Scammers impersonate USPS, toll agencies, banks, and big retailers using real names and cloned websites.
The fastest-growing variant is the fake unpaid-toll text, demanding small amounts like $3.95 or $6.21 and threatening late fees, suspended registration, or legal action.
The single best habit: never tap links in unexpected texts. Go to the official site yourself by typing the address.
In the U.S., forward scam texts to 7726 (SPAM) so carriers can block the campaign, then delete the message.
USPS and toll agencies do not send unsolicited texts demanding payment with a link.

Why smishing exploded

Text messages cut through. People read nearly every SMS within minutes, links are hard to inspect on a small screen, and a phone number feels more personal than an email. Attackers buy phone lists cheaply, spin up convincing fake sites in minutes, and rotate domains faster than blocklists can keep up. Cybersecurity researchers note 2026's campaigns are more sophisticated than ever, using genuine company branding, real agency names, and pixel-perfect cloned payment pages.

The toll scam works because it is plausible and cheap to comply with. Few people remember every toll they have driven through, and $6.21 is small enough that paying feels easier than disputing. But the page that collects your "payment" is harvesting your card details, and often asking for enough personal data to attempt identity theft on top.

A smartphone displaying a suspicious text message claiming an unpaid toll, illustrating a smishing attempt — Photo: Ed Yourdon / flickr (BY-NC-SA 2.0)

The red flags in every smishing text

Warning

Government agencies, toll authorities, and the Postal Service do not text you a payment link out of the blue. Treat any unsolicited "you owe money / your package is held" text with a link as a scam until you prove otherwise.

Watch for these signals:

An unexpected link, often a shortened URL or a lookalike domain (think usps-tracking-help.com rather than usps.com).
Manufactured urgency, late fees, suspended registration, account closure, or "final notice."
A tiny, oddly specific amount designed to feel legitimate and easy to pay.
Requests for personal or payment details through the link.
Wrong-number openers ("Hi, are we still on for lunch?") that try to start a conversation and warm you up for a later pitch.

Here is how the common lures map to the trick and the tell:

The text claims	The real goal	The dead giveaway
Unpaid toll of a few dollars	Harvest your card details	Toll agencies don't text pay-now links
USPS/UPS package "held," update address	Steal personal info and card	You didn't sign up for the alert
Bank account "locked" or "on hold"	Capture your login	Real banks send you to the app, not a link
"Wrong number" friendly chat	Warm you up for a later scam	Stranger keeps the conversation going
Refund or prize waiting	Get your bank or card number	You never entered any contest

What to do with a smishing text

Do not tap the link and do not reply, even "STOP" confirms your number is live to a scammer.
Verify independently. If you genuinely might owe a toll or have a package, open a browser and type the official website yourself, or use the agency's official app. Never use contact details from the text.
Report it. In the U.S., forward the message to 7726 (SPAM) so your carrier can act. You can also report to the FTC at reportfraud.ftc.gov and, for USPS impersonation, to the Postal Inspection Service.
Delete the message.
If you already tapped and entered details, treat your card as compromised: call your bank, freeze or replace the card, and watch statements. If you entered a password, change it everywhere you reused it.

This response mirrors what to do after any exposure. If you entered credentials, our guide on checking whether your data was breached and responding covers the cleanup, and switching high-value accounts to phishing-resistant sign-in via passkeys means a stolen password is far less useful to anyone.

Lock down the channel

A few settings reduce how many of these reach you and how much damage they can do:

Enable spam filtering for messages. iPhone (Filter Unknown Senders) and Android Messages both have built-in spam protection, turn it on.
Never enable call forwarding from a "support" instruction, and never dial codes starting with * or # at a stranger's request.
Use phishing-resistant MFA on banking and email so a phished password alone cannot complete a login.
Talk to family, especially older relatives, who are heavily targeted. The QR-code cousin of this scam is covered in our piece on QR-code phishing, or "quishing".

Frequently asked questions

Does USPS ever text me?

Only if you specifically signed up for tracking alerts, and those messages never demand payment or personal information through a link. The Postal Inspection Service is explicit: an unsolicited USPS text with a link is a scam.

What does forwarding to 7726 actually do?

7726 spells "SPAM" on a keypad. Forwarding a scam text there reports it to your mobile carrier, which uses the data to identify and block malicious campaigns across its network. It is free and does not subscribe you to anything.

I paid a fake toll. What now?

Treat your payment card as compromised. Contact your bank to dispute the charge and replace the card, watch your statements for further fraud, and consider a credit freeze if you handed over personal details like your address or date of birth.

Are these texts ever real?

Real toll and delivery notices exist, but they direct you to log in to the official site or app, they do not send a pay-now link with threats. When unsure, ignore the text entirely and check your account directly through the official channel.

The bottom line

Smishing wins on speed and plausibility: a small bill, a tight deadline, a link that is one tap away. Break the pattern by refusing to act on inbound texts. Verify through the official site or app you navigate to yourself, forward the scam to 7726, and delete it. The message wants you to hurry, slowing down is the whole defense.

#security#smishing#phishing#scams