What is Metro TMO Fake Text Message Scam (2023)

The Metro TMO phony text message is a new active fraud campaign that spreads via text messages. It contains a link to a phishing website created to steal sensitive user information.

Being aware that a large number of users have T-Mobile as their mobile service provider. Many people are likely to fall for this phony text message.

Phishing is the name for this kind of fraud. It is a form of phishing that uses a text message or phone number. Usually, victims will get a misleading text message that tries to get them to give out their financial or personal information.

To give weight to their claims, these scammers frequently try to pose as a bank, government institution, or other business. In rare cases, the texts may even include your name to give you the impression that they are authentic.

We strongly advise against entertaining any messages you receive from the aforementioned telephone numbers, and even worse, engaging with any links they may contain.

How does the Metro TMO text scam work?

  • These scammers text users that their private information has been leaked alongside a link to resolve it.
  • Once the link has been clicked, the user will be directed to a website that looks like the original Metro TMO site.
  • Users that fill out the phony form will make their information visible to the scammers who made the website.
  • Finally, they will have access to your information and use it for their gain.

Here is an image of the Metro TMO text message scam that many people receive:

Image of the Metro TMO Fake Text Message
Screenshot of the Metro TMO Fake Text Message

Transcript of the text message:

IMPORTANT: Some of your information was obtained without authorization. Passwords, SSN, payment methods were NOT affected. Your name, # of lines, contact details and other account information may have been.

Since the fake Metro TMO scam has not yet seen a fall, there are many more variations of these texts and there will be more in the future.

However, you should exercise caution and pay attention to any messages from unknown senders that contain a dubious link.

What should I do after receiving the fake IPS text message?

Report the sender’s phone number to the cybercrime enforcement agencies in your nation so that the number can eventually be blocked and the offender can be located by investigation.

For United States Citizens: You may email spam@uspis.gov or mail the Federal Trade Commission (FTC) at their official website.

For United Kingdom Citizens: You may visit Actionfraud.police.uk and file a report or call their number via 0300 123 2040.

For France Citizens: You may file your report via the Service-Public.fr website.

For Australian Citizens: You can use ReportCyber to file a report or call the Australian Cyber Security Hotline at 1300 292 371.

For Canadian Citizens: Contact the Canadian Anti-Fraud Centre or call their number 1-888-495-8501.

After that, you should block the sender’s number to ensure that you don’t continue to receive texts from them. Any further interactions with the scammer may get your number spoofed or even worse.

What should I do if I clicked the link?

When you click the link, you will be taken to a phishing website that imitates the Metro TMO website, as we previously mentioned. You are generally secure if you merely clicked the link and did not do anything further on the website.

However, further action should be done if you had provided the information requested by the text field boxes, such as your home address and credit card information.

The most concerning aspect is the financial information you have shared because they won’t do anything with your home location.

To prevent losing data to the scammers, get in touch with T-Mobile right away Request that they look into the matter and safeguard your account. For extra security, you should set up two-factor authentication and change the passwords on every one of your accounts.

In addition to that, you should conduct a malware check on your computer if you believe malware may have already been installed on it before/after clicking the link. Since it can also possibly be the cause of the text you received.

We recommend using Malwarebytes Anti-malware because we have determined that it can remove most types of malicious threats when we conducted malware tests.

Malwarebytes Setup

Malwarebytes also offers a free 14-day trial when you download it for the first time, so you might want to use the remaining time of the trial to test out the premium features.

Download Malwarebytes

1 Click the button above to download the latest version of Malwarebytes Anti-malware.

Malwarebytes Website Image

2 Open the installation file after the download and follow the procedure shown.


3 After following the software setup instructions, wait for the application to finish installing.

malwarerbytes install

4 Once the application is installed, you may now run your first computer scan and wait for it to finish.


5 All discovered malware on the computer will be displayed on the screen, and you can eliminate them by pressing the “quarantine” button.


Any malware that might have been lurking on your system has been removed, and any changes it made to the system have been reversed. You could ensure that your device is virus-free once more.

Final Thoughts

Even after taking the necessary precautions to secure your accounts, it can be very unsettling to have received a bogus text message and shared your financial information with scammers.

This is why we advise that two-factor authentication be enabled on all accounts, making every activity subject to the requirement of a specific pin code that can only be provided to your mobile device.