The fake job offer that starts with a text
The text comes through cold. It’s a recruiter from a company you’ve half-heard of—a staffing firm, a marketing agency, sometimes a name lifted from a real platform like Indeed or ZipRecruiter—and they say your profile caught their eye. The pay is good. The hours are flexible. Reply “YES” and they’ll send details.
You weren’t actively looking, but the timing is generous, so you reply. What follows is a slow, friendly conversation that drifts to WhatsApp or Telegram. You’re given small “tasks”—rate products, optimize listings, click through pages on a polished-looking dashboard. You get paid. You watch a balance grow. Then, at some point, you’re told you need to deposit your own money to “unlock” the next batch of tasks, or to release a withdrawal. The balance you can see is fictional. The money you put in is gone the moment it lands.
This is the task scam, and the FTC has flagged it as one of the fastest-growing fraud categories of 2026, with losses now running into the billions. The unsolicited text is the front door.
What to watch for
- The opener is a text, WhatsApp, or DM—not an email through a job platform you actually applied on
- They want a one-word reply—“YES,” “INTERESTED,” “1”—before sending any details
- The job is described as “remote, flexible, no experience needed” and pays $30–$200 a day for “simple tasks”
- The conversation moves off SMS quickly, usually to WhatsApp or Telegram
- The platform you’re asked to log into looks polished, but the URL is a brand-new domain you’ve never heard of
- At some point, you have to “deposit” or “recharge” to keep working—a real employer never asks for this
What to do if you’ve engaged with it
If you’ve replied but no money has moved yet, the safest thing you can do is stop responding. You don’t owe them an explanation, and silence is a clean exit.
- Don’t click any links they sent, even out of curiosity
- Take screenshots of the conversation before blocking—profile, number, full thread
- Forward the original text to 7726 (SPAM) so your carrier can act on it
- If it came through a job site, report the message inside that platform too
- Then block the number
What not to do
The instinct, once you suspect something is off, is to confront the person or string them along to “see how the scam works.” That tells them you’re awake and pushes them to disappear with whatever information they already have. Don’t share photos of your ID, even if they call it onboarding. Don’t accept a “test deposit” into your bank account—those are usually stolen funds being routed through you, and you become part of the chain. And in a few weeks, when a “recovery agent” texts offering to get your money back for a fee, ignore that too. It is the same operation, or one of its neighbors.
If money or data already moved
Move quickly, in this order:
- Call your bank or card issuer and report it as fraud. Ask whether the transfer can be reversed or the card frozen
- If you used a payment app—Zelle, Cash App, Venmo, PayPal—file a dispute inside the app and screenshot the confirmation
- If you sent crypto, save the transaction ID and the exchange name. The transaction record matters even when recovery doesn’t look likely
- Report to the FTC at reportfraud.ftc.gov and to the FBI’s IC3 at ic3.gov
- If you shared your driver’s license or Social Security number, place a free fraud alert with one of the credit bureaus
The patterns inside these scams are recognizable, but the people behind them are usually overseas, and self-help has limits once large sums or sensitive identity data are in motion. If your case has reached that point, Investigation Help is a starting point for smaller matters, and complex cases route to Rexxfield for court-grade attribution work.
If you’re not sure where to start, the resource page walks you through each option by what happened.
— GCCI