High riskText Message Scams

Data Breach Alert Text Scam

This scam texts that your data or account was exposed in a breach and urges you to 'secure' or 'verify' it through a link, leading to a fake login page that steals the very credentials it claims to protect.

Quick verdict

Risk level

High risk

Scam type

Security-alert phishing (smishing)

Main red flag

A breach-alert text pushing you to log in or verify through a link to 'secure' your account.

What to do first

Do not use the link. Secure accounts only through the official app or website.

What this scam usually looks like

Example message pattern

Example pattern — not a real report

Example pattern: 'Security notice: your account was found in a data breach. Verify and secure it now to prevent unauthorised access: [suspicious link]'

This is a fictional, anonymised example used to illustrate the pattern. It is not a verified real message, and any names are used only to show how the scam typically reads.

Red flags to watch for

A breach alert that pressures you to act through a link
A request to log in or 'verify' to secure your account
A login page that is not the real service
A vague reference to 'your account' with no specifics
Urgency about imminent unauthorised access

What to do

Secure accounts only through the official app or website you type yourself
Change passwords and enable two-factor authentication directly
Check breach status through reputable, official tools
Report and delete the text

If you already clicked or replied

If you entered a login, change that password immediately from a trusted device
Enable two-factor authentication and review login activity
Update the password anywhere you reused it
Watch for further targeted phishing

What not to do

Do not log in through links in breach-alert texts
Do not reuse passwords across accounts
Do not ignore a genuine breach; act through official channels

Similar scams

High risk Text Message

Account Suspended Text Scam

This scam texts that an account has been suspended, limited, or locked for 'security reasons' and links to a fake login page that captures your username, password, and other details.

Medium risk Text Message

New Login Alert Scam

This scam sends a fake security warning claiming a new device or unfamiliar location signed into your account, urging you to 'secure' it through a link that leads to a fake login page built to steal your password.

Medium risk Text Message

Compensation Claim Text Scam

This scam texts that you are owed compensation for an accident, a mis-sold product, or a data breach, and asks you to claim through a link that harvests your personal and bank details or sets up bogus claims in your name.

Frequently asked questions

How do I know if a breach alert is genuine?

Real breach notices let you act within the official app or website. A text pushing you to log in through a link is itself the attack, so verify independently.

Should I click to check if I'm affected?

No. Use reputable, official breach-checking tools or your provider's site directly rather than the link in the text.

I logged in on the page. What first?

Change that password right away from a trusted device, enable two-factor authentication, and update any account using the same password.

Why target me with a breach text?

Breach fear makes people act fast. The message is sent in bulk to pressure you into entering your login on a fake page.

Last reviewed: June 2026

Disclaimer: This page provides educational information only to help you recognise common scam patterns. It is not legal, financial, cybersecurity, or law enforcement advice, and it does not confirm whether any specific message, company, or person is genuine or fraudulent. When in doubt, contact the official organisation directly and report concerns to your local authorities.