Memorial Day 2026 is shaping up to be one of the busiest travel weekends in years, and scammers know it. Federal agencies say a wave of fraudulent text messages is hitting phones right now, disguised as urgent alerts from airlines and hotels. The texts warn of canceled flights, failed payments, or changed reservations. They look convincing. And they are completely fake.
The messages are a form of smishing (SMS phishing) designed to steal credit card numbers, login credentials, and personal data from travelers too rushed to question a notification. You might be standing in a TSA line, juggling a boarding pass and a carry-on, when a text arrives: “Your flight reservation has been canceled. Tap here to rebook.” It may even reference your destination city. But tapping that link does not connect you to your airline. It sends you to a page built to harvest everything a thief needs to drain your account.
The FTC has warned that scammers are actively impersonating airline customer-service representatives, timing their messages to coincide with real disruptions like delays and cancellations. The FBI, through its Internet Crime Complaint Center (IC3), has broadly cautioned consumers about phishing and smishing schemes, including those that target travelers; the agency recommends verifying any unexpected contact through an independent channel before sharing payment details. Reported losses to fraud across all categories reached $12.5 billion in 2024, according to the FTC, and holiday travel weekends create exactly the kind of stress and distraction that make these schemes work.
How the fake booking texts work
The playbook is straightforward. A traveler receives an unsolicited text or email that appears to come from an airline or hotel chain. The message warns of a schedule change, a payment failure, or a canceled reservation. It creates urgency and provides a link or phone number to “fix” the problem. Anyone who taps the link lands on a convincing replica of a real booking portal, where they are prompted to enter a credit card number, account password, or other sensitive information.
If the setup sounds familiar, it should. The U.S. Postal Inspection Service has documented the same mechanics in fake package-tracking texts: an unexpected message, a jolt of panic, and a link that harvests data. Swap “your package is delayed” for “your hotel reservation couldn’t be processed,” and the scheme is identical. Scammers count on the fact that travelers expect to receive updates by text and may not pause to scrutinize a message that looks like every other notification on their phone.
How do scammers know where you are headed? In some cases, they do not. Mass-blast messages referencing popular holiday destinations (Cancún, Orlando, Las Vegas) cast a wide net and inevitably reach people with matching plans. In other cases, personal details may come from data breaches involving airlines, hotels, or third-party booking platforms, information that circulates on dark-web marketplaces for pennies per record.
The confusion between official and third-party booking channels is not new. In 2017, the FTC settled charges against hotel room resellers that misled consumers into believing they were dealing directly with a hotel. That case involved misleading ads and call centers rather than text messages, but it exposed a vulnerability that persists today: travelers often cannot tell whether the entity contacting them is legitimate, especially when they have booked through aggregators like Expedia or Booking.com.
Why holiday weekends are prime hunting season
Scammers look for moments when people are distracted, anxious, and expecting legitimate updates, then slip fraudulent messages into that stream. Memorial Day weekend checks every box. Airports are packed, itineraries are tight, and a text about a canceled flight triggers an immediate emotional response that overrides caution.
The FTC’s guidance on avoiding travel scams notes that criminals routinely pose as customer-service staff, pressure people to act quickly, and route them to fake websites or call centers where payment information is harvested. The pattern repeats around every major travel period: summer vacations, Thanksgiving, winter holidays.
No federal agency has published complaint counts or dollar-loss figures specific to travel-booking smishing during any single holiday weekend, so claims circulating on social media about specific loss totals tied to Memorial Day cannot be independently verified. What regulators have documented over several years is the trend: the volume of scam texts rises around events that generate high consumer anxiety, and travel disruptions are among the most reliable triggers.
Red flags that give the scam away
The FTC’s guidance on recognizing spam texts outlines warning signs that apply directly to fake booking messages. Here is what to watch for:
- An unknown or spoofed sender number. The text arrives from a number you do not recognize, or it mimics a short code used by a real airline or hotel.
- Urgent or threatening language. Phrases like “act now,” “your reservation will be canceled in 30 minutes,” or “payment declined” are engineered to short-circuit your judgment.
- A link you did not expect. Legitimate airlines and hotels may text flight updates, but they rarely ask you to click a link to re-enter payment information.
- Requests for sensitive data. No real airline or hotel will ask for your full credit card number, Social Security number, or account password via text message.
- Slight misspellings or odd URLs. Look closely at the web address. Scam sites often swap a letter or add a word (for example, “delta-abordsupport.com”) to mimic a trusted brand.
What to do if you get one of these texts
Do not tap the link or call the number in the message. That is the single most important step. Instead, open your airline’s or hotel’s official app, or type the company’s web address directly into your browser. Log into your account and check your reservation. If something is genuinely wrong, it will show up in your booking.
Call the number on your original confirmation email or the company’s website. CISA advises verifying any suspicious contact by reaching the organization through a phone number or website you already trust, never the contact details inside the suspicious text itself.
Turn on your phone’s built-in spam filter. Both iPhone (Settings > Messages > Filter Unknown Senders) and Android (Google Messages spam protection) can flag suspicious texts before you even read them. These filters are not perfect, but they add a useful first layer of defense.
Report the text. Forward the message to 7726 (SPAM), the reporting shortcode supported by most U.S. wireless carriers. You can also file a report with the FTC at ReportFraud.ftc.gov. Reporting helps carriers and regulators identify and block scam numbers faster.
Delete the message. Once you have reported it, remove it from your phone so you are not tempted to revisit the link later.
If you already clicked or shared information
Act fast. Contact your bank or credit card issuer and let them know your card details may have been compromised. Ask about freezing the card and issuing a replacement. Change the password on any account where you used the same login credentials. If you entered personal information like your date of birth or Social Security number, consider placing a fraud alert or credit freeze through the three major credit bureaus (Equifax, Experian, and TransUnion). The FTC’s IdentityTheft.gov walks you through a personalized recovery plan based on what was exposed.
Sixty seconds of skepticism beats a stolen identity
These scams are not going away after this weekend. The same tactics will resurface around the Fourth of July, Labor Day, Thanksgiving, and every other peak travel period. But the defense stays the same every time: treat any unsolicited text about a booking problem as suspicious until you verify it yourself. Open the app. Call the number on your confirmation. That takes about 60 seconds, and it is the cheapest travel insurance you will ever buy.
Warren Cohen is a finance writer based in Phoenix, Arizona, covering personal finance topics including credit, banking, and beginner investing. He earned his degree in business administration from Arizona State University and began his career working in consumer finance, where he gained direct experience with lending and credit systems. He now writes for personal finance websites and fintech platforms, focusing on clear, practical content that helps readers make informed financial decisions.
