Fake An Post & Revenue Texts in Ireland

The short answer

Smishing — scam text messages — is now the most common fraud Irish consumers meet. The three dominant scripts impersonate An Post (a small unpaid "delivery fee"), Revenue (a tax "refund" or "verification"), and your bank (an account "frozen" or a payment to "approve"). The common move is the same: a link to a lookalike page that harvests your card or banking details. FraudSMART reports that 78% of Irish adults are targeted by a scam message at least monthly. The defence is one rule — never click a link in an unexpected text — and the report path is: forward it to 7726, tell your bank if you entered anything, and report to An Garda Síochána (112/999 if money is moving now) and the GNECB for serious fraud.

"Banks will never include phone numbers for customers to ring within a text message… The most important thing to remember is to be very cautious of unexpected texts or phone calls and, if in any doubt, ignore the text message or hang up the call, and phone your bank immediately using the number on the back of your bank card."
— Niamh Davenport, Head of Financial Crime, Banking & Payments Federation Ireland (FraudSMART), warning Irish consumers, 23 October 2024. It is the cleanest single test there is: the real bank's number lives on your card, never inside the message.

Most scam advice hands you a list of red flags and wishes you luck. That misses the point of smishing, which is a numbers game built on volume and a single psychological trick. So let's look at the actual texts Irish people receive, why the cleverest one costs only €1.99, and the exact steps that turn a moment of panic into a two-minute report.

If you are reading this because you already tapped a link or typed in your card, skip to if you already clicked. The first hour is the one that counts.

The three texts you'll actually get

Smishing in Ireland is not random. The same handful of scripts run again and again because they map onto things almost everyone is genuinely waiting for — a parcel, a tax refund, a message from the bank.

—The An Post 'delivery fee'. A text says a parcel can't be delivered until you pay a small outstanding charge — usually €1.90, €1.95 or €1.99 — with a link to 'reschedule' or 'release' it. The page is a near-perfect copy of An Post's site. An Post has stated plainly that it does not send texts asking for delivery payments this way.

—The Revenue 'refund' or 'verification'. A message claims you are owed a tax refund, or that you must 'verify' or 'reactivate' your Revenue account, with a link. Revenue's position is unambiguous: it never asks for personal or card details by text or email, and never issues refunds through links in messages.

—The bank 'frozen account' or 'approve this payment'. A text appears to come from your bank — often slotted into the same thread as genuine bank texts — saying your account is frozen, a new payee was added, or a payment needs approval, with a link or a number to call. The link harvests your login; the number connects you to the fraudster, not the bank.

There are seasonal variants — fake toll and motor-tax texts, fake delivery texts spiking before Christmas, fake 'speeding fine' and 'missed court date' messages — but they are the same machine with a different costume. The US version of the toll-and-parcel text is dissected in our toll-text teardown; the mechanics travel.

A recreated example of a fake An Post smishing text on an iPhone lock screen: a message claiming a parcel is held pending a €1.99 redelivery fee with a lookalike link, shown beside three red-flag tells — the fee that real An Post never charges by text, the lookalike web address that is not anpost.ie, and the manufactured urgency — with advice to forward it to 7726 and never tap the link. — What a fake An Post 'delivery fee' text looks like, recreated. The €1.99 is the bait; the card details you enter on the linked page are the prize. Example only, not a real message — the link is inert.

Why the €1.99 one is the clever one

The delivery-fee text is the most successful smishing script in Ireland for a reason worth understanding, because the same logic sits under most scams that work.

The genius of the An Post text is that it asks for almost nothing. €1.99 is too small to argue with — you'd lose more down the back of the couch. That tiny, reasonable-sounding request lowers your guard just long enough to get you onto a page where you type your full card number, expiry and CVV. The money was never the point. The €1.99 is the doorman, not the robbery.

This is also why "I wasn't expecting a parcel" is weaker protection than it feels. Plenty of people who weren't expecting anything still pay, because the fee is trivial and a forgotten online order is plausible. And the damage isn't €1.99 — once a working card number is captured, it is tested, sold, and used for far larger fraud. One organised An Post smishing operation laundered around €500,000; in March 2026 a key money-laundering figure in it was jailed for seven and a half years, the Irish Times reported.

The tells that never change

Costumes change; the structure doesn't. Four tells are present in almost every smishing text, and spotting one is enough.

—A link that isn't the real address. The visible text might say An Post or Revenue, but the actual domain is a lookalike — anpost-ie.com, an-post.delivery, a random string, or a shortened link. Real organisations use their own domain (anpost.ie, revenue.ie). When in doubt, don't tap — go to the site yourself.

—A small, specific, urgent request. A tiny fee, a short deadline, a 'final notice', an account 'suspended in 24 hours'. Manufactured urgency is designed to push you past the pause where you'd normally check.

—A request for details no real org asks for by text. Card number, PIN, online-banking password, one-time codes, your PPS number. No bank, An Post or Revenue will ever ask for these through a link in a message.

—It arrived unexpectedly. The whole model depends on catching you off guard. An unsolicited text that wants you to click or pay is suspect by default, even if it lands in a thread with genuine messages — sender IDs are trivially spoofed.

If you already clicked — the first 24 hours

Clicking a link or entering details is not the end of the story, but speed decides how it ends. This is the maximum-protection order:

1Don't panic, and don't tap the link again. Take a screenshot of the message for your records, then stop interacting with it.

2If you entered card or banking details, call your bank's 24/7 fraud line immediately — the number on the back of your card, never a number from the text. Ask them to freeze the card and watch for or recall any transaction. Minutes matter.

3Forward the text to 7726, the free spam-reporting shortcode the main Irish operators run, then delete it so you don't tap it later by accident.

4Report the fraud to An Garda Síochána at your local station — 112 or 999 if money is moving right now. For serious or organised fraud, the Garda National Economic Crime Bureau (GNECB) is the specialist unit.

5Tell the organisation that was impersonated — An Post, Revenue (via its fraudulent-emails reporting route on revenue.ie), or your bank — so they can warn others and take the fake page down. For the full Irish reporting and refund map, see where to report a scam in Ireland.

6Block and ignore anyone who then offers to 'recover' your money for a fee — that's the second scam. We took the pattern apart in the recovery-scams piece.

7If it was a transfer you authorised, ask your bank about reimbursement in writing, and escalate to the Financial Services and Pensions Ombudsman if it refuses unfairly. See the honest recovery odds by payment method for what realistically works.

8Call the Crime Victims Helpline on 116 006 for free, confidential support. A good first human call if it all feels like too much.

Within days of any loss, "recovery" contacts will find you. They pose as a fund-recovery agent, a "cyber unit", a solicitor, or even An Garda Síochána, and ask for an upfront fee or your banking details to "get your money back". No real bank, Garda, Revenue or ombudsman in Ireland ever charges upfront to recover funds, and authorities never cold-contact you demanding payment. See the recovery-scams piece for the full pattern.

Will your Irish bank refund you?

This is the question that decides how the loss actually lands, and the answer turns on a single distinction.

If the payment was unauthorised — your stolen card was used, or someone got into your account without permission — your bank must refund it under the EU Payment Services Directive, with your own liability generally capped at €50. If the payment was authorised — you entered your card on the fake page, or you moved money yourself because you were deceived — it is legally a valid instruction, and Ireland has no UK-style rule compelling banks to reimburse this kind of authorised-push-payment fraud.

So Irish banks refund the hack, not the con. That is exactly why the prevention rule below is worth more than the entire reporting machinery downstream of it — and why a captured card number (refundable) and a transfer you were talked into (often not) lead to very different outcomes. The full Irish refund landscape, the GNECB, the Central Bank's unauthorised-firms list and the FSPO route are mapped in our Ireland reporting guide.

The habits that keep you off the hook

Reporting is downstream. Three habits stop almost every Irish smishing text before it costs you anything:

—Never click a link in an unexpected text — go to the source yourself. If a message claims to be An Post, Revenue or your bank, open a browser or the official app and check directly. A real parcel, refund or alert will be there too. The link in the text is the one thing you never need.

—Treat any request for card details, codes or passwords as proof of fraud. Real organisations don't collect these through message links. The moment a page asks for your full card number or a one-time code after a text, you have your answer.

—Phone the bank back on the number from your card. As FraudSMART puts it, the real number is on the back of your card, never inside the message. The same call-back rule defuses the bank-officer and family-emergency scripts we cover in the family-impersonation piece.

If you're unsure whether a specific message is a scam before anything moves, the fastest second opinion is the Scam Checker on this site, or our free case review. Both are read by a human and answered within 24 hours.

From the field. The texts that do the most damage in Ireland aren't the obviously broken ones with mangled English — those get deleted. It's the clean, plausible An Post and bank messages that slide into an existing thread of genuine alerts, arriving the same week you actually ordered something. The lesson victims repeat is always the same: it wasn't that they couldn't spot a scam in general, it's that this one arrived at the exact moment it made sense. That's why the rule has to be mechanical, not situational — you don't decide whether a text feels trustworthy, you simply never act on a link inside one. Go to the source yourself, every time, and the timing coincidence stops being a weapon.

One rule, end to end

If you take one habit from this piece, take this: never tap a link or pay a "fee" from an unexpected text — open the company's real app or website yourself, or ring your bank on the number printed on your card. An Post, Revenue and your bank will never need you to click to sort it out, and that single pause is worth more than every reporting line that comes after it.

Got a text you're not sure about? Let's look at it together.

Paste the message, the link, the sender. A real expert reviews every case and replies within 24 hours. Free, confidential, no pressure.

Submit a free case review →Where to report a scam in Ireland

Common questions about scam texts in Ireland

How do I report a scam text in Ireland?

Do four things, in order. First, forward the text to 7726 — the free spam-reporting shortcode the main Irish mobile operators run, which feeds the number into network-level blocking. Second, if the message impersonated your bank, An Post or Revenue, tell the real organisation through its official website or app (Revenue lists a reporting route on its 'fraudulent emails' page). Third, report it to An Garda Síochána at your local station — call 112 or 999 if money is moving right now — and to the Garda National Economic Crime Bureau (GNECB) for serious fraud. Fourth, take a screenshot first, then delete the text. Never click the link to 'check' it.

Does An Post ever send texts asking for a delivery fee?

No — and this is the single most useful fact to remember. An Post has repeatedly warned that it does not send text messages asking customers to pay a small outstanding delivery charge (the fake ones typically ask for €1.90, €1.95 or €1.99) by clicking a link and entering card details. The amount is deliberately tiny so it feels trivial to clear; the real prize is the card number, expiry and CVV you type into the lookalike An Post page. If a 'delivery fee' text arrives, it is a scam regardless of whether you are expecting a parcel.

Will my Irish bank refund money I lost to a scam?

It depends on one distinction. If the transaction was unauthorised — someone used your stolen card or got into your account without permission — your bank must refund it under the EU Payment Services Directive, and your own liability is generally capped at €50. But if you authorised the payment yourself because you were deceived — you entered your card on a fake page, or you transferred money on a fraudster's instruction — that is treated as a valid instruction, and Ireland has no UK-style rule forcing banks to reimburse authorised-push-payment fraud. Report it fast anyway: a same-day recall is sometimes the only thing that works. The full Irish refund and reporting map is in our Ireland reporting guide.

What is 7726 and does it work in Ireland?

7726 (it spells SPAM on a keypad) is a free shortcode supported by the major mobile operators for forwarding suspected scam texts. When you forward a smishing message to it, your operator can use the sender and link data to identify the campaign, update filters, and in some cases block the originating number across the network. It does not open a criminal case on its own — for that you still report to An Garda Síochána — but it is the fastest single action that helps stop the same text reaching other people, and it costs nothing.

I clicked the link and entered my card details — what should I do now?

Treat it as an emergency and move in minutes, not hours. Call your bank's 24/7 fraud line immediately — use the number on the back of your card, not any number from the text — and ask them to freeze the card and watch for or recall any transactions. Change the password for any account whose login you entered. Forward the text to 7726, screenshot it, then report it to An Garda Síochána. Then watch for the second wave: within days, 'recovery' contacts may appear promising to get your money back for a fee. They are the follow-on scam. No real bank, Garda or agency ever charges an upfront fee to recover funds.

Sources & further reading

Every figure in this piece is drawn from these authorities and reporting. Click any to verify.

The fake An Post and Revenue texts hitting Irish phones — and exactly how to spot, stop, and report them.