You're stopped at a red light. Your phone buzzes. It's a text from "FasTrak Notice" saying you owe $6.99 and your vehicle registration will be suspended in 24 hours unless you pay now. There's a link. The light turns green. Your finger hovers.

Don't tap.

The Federal Trade Commission released its 2025 fraud numbers this month, and government imposter reports are up 40 percent over the year before, with toll texts leading the charge. Americans lost $3.5 billion to imposter scams last year, the most of any category for the ninth year running.

The scam works because real toll programs (EZ-Pass, SunPass, FasTrak, TxTag) do send notices, just never by text and never with a payment link. The fake page looks identical to the real agency's site. You enter your card to clear "the $6.99 fee," and within hours the same card has charges from a different country.

What's new in 2026 is the volume. The FTC says scammers are now spoofing the exact name of whichever toll program operates in your state, pulled from your area code. If your number is from Florida, you get "SunPass." From Texas, "TxTag." That state-targeted accuracy is why so many people are tapping.

The rule: No legitimate toll agency or DMV will ever text you a link to pay. If you think you might owe a toll, type the agency's website into your browser yourself, or call the number printed on a previous bill.

Source: FTC Consumer Alerts: New trends in reports of imposter scams (May 2026)

Reading scam reports is depressing. Reading them in bulk is illuminating. The FTC just dumped a year's worth of data, and once you see the patterns, you can spot a fake from across the room.

Pattern one: a brand that has authority over you. Government agencies (IRS, SSA, USPS, FTC), banks, utility companies, employers. The scammer needs you to feel like ignoring the message has consequences. That's why romance scams (up 22 percent last year) work on a different lever, but every other imposter category rides on borrowed authority.

Pattern two: an artificial deadline. "Pay within 24 hours." "Your account will be suspended today." "Final notice." Real institutions move slowly. Late fees pile up over weeks, not minutes. If a message gives you minutes, that's the tell.

Pattern three: a payment method that's hard to reverse. Gift cards, wire transfers, cryptocurrency, or peer-to-peer apps like Zelle and Cash App. No real government agency takes payment in Apple Gift Cards. Ever.

When you stack the three together, every confirmed imposter scam in the FTC dataset has all three. Pull any one out and the scam stops working. That's why your goal isn't to memorize every brand a scammer might impersonate. It's to catch the combination.

The rule: Brand + deadline + irreversible payment = scam. All three together, every time, no exceptions.

Source: FTC Consumer Alerts: New trends in reports of imposter scams (May 2026)

You need a copy of your birth certificate for a passport renewal. You search "order birth certificate [your state]." The first result looks official. Government seal in the corner. A simple form. You pay a "processing fee" and move on with your day.

A week later, your bank shows a $9.99 charge from "usa-vrexprs." You don't recognize it. You ignore it. Next month, there it is again. You call your bank. They cancel the card. Then $9.99 charges start appearing on the new card.

The Better Business Bureau's Scam Tracker logged a wave of these reports in May, all tied to lookalike government-document sites that bury a recurring-subscription disclosure in fine print after collecting your payment info. Cancelling the card doesn't end the charges, because the merchant rebinds to the replacement card through your card network. Your bank can stop it only if you dispute the original transaction and request a "stop on recurring authorization" for that merchant.

These sites also exist for Social Security cards, marriage certificates, EIN applications, and passport renewals. The fee is real. The certificate sometimes arrives. The recurring subscription is the actual product.

The rule: For any government document, start at the .gov site. Type your state's name plus "vital records" into your browser, or go to vitalrec.com to find the right office. If you've already been charged, dispute the transaction with your bank and explicitly ask them to block "recurring authorization" with that merchant ID.

Sources: BBB Scam Tracker (May 2026 reports) and FTC: How To Avoid Imposter Scams

It lands in your inbox on a Tuesday morning. The subject line reads:

"Your 2026 Social Security Statement is now available."

The body says:

"Dear Customer, your annual Social Security statement is ready for review. Please click below to view your earnings record, estimated retirement benefits, and verify your information on file. [DOWNLOAD MY STATEMENT] This document expires in 48 hours."

It looks right. The blue header. An SSA seal in the upper-left corner. A footer reading "Social Security Administration, Baltimore, MD." But four things give it away.

One, the sender address ends in .com or .net, not .gov. The real SSA only emails from a .gov address. Two, the SSA does not email your statement, ever. It lives inside your "my Social Security" account at ssa.gov, where you log in to view it. Three, the 48-hour expiration is fake urgency, copied straight from pattern two above. Four, "Dear Customer." The real SSA already has your name on file.

The Office of the Inspector General logged a "significant increase" in these phishing emails this spring. Then in late April, OIG warned about a new wrinkle: when you click, the follow-up scammers now use real SSA employee names and fake badge images on the phone call that comes next. They scrape LinkedIn for actual SSA staff, then impersonate them by name and "credential."

The rule: Your Social Security statement lives behind a login at ssa.gov. If you want to check it, type ssa.gov in your browser. If anyone emails or calls offering to send it, delete the email, hang up the call, and block both.

Sources: SSA OIG: Surge in fraudulent Social Security statement emails and SSA OIG: New wave of imposter scams using real employee names