Ireland's 'Hi Mam, Hi Dad' Text Scam Targets Parents via Fake Child Messages
In April 2026, fraudsters sent SMS messages to Irish parents posing as their children, claiming a new phone number and asking for urgent money transfers. The campaign ran alongside bank impersonation texts designed to harvest financial credentials, with both exploiting SMS as a channel people tend to trust without much scrutiny.
Originally reported by TechBuzz Ireland · Read the original article
Timeline of Events
The Setup
Scammers obtained mobile numbers belonging to parents and guardians, likely through data breaches or purchased contact lists. They wrote messages that mimicked the informal tone of a child texting a parent, opening with 'Hi Mam' or 'Hi Dad' to establish immediate familiarity.
The Attack
Fraudsters sent unsolicited SMS messages claiming to be a recipient's child contacting them from a new phone number. The messages created urgency by stating the child needed money quickly, often citing an emergency, and asked parents to save the new number and send funds via bank transfer.
The Impact
An undisclosed number of Irish families received the messages. Some parents, believing they were communicating with their own child, transferred money to scammer-controlled accounts before realising the contact was fraudulent.
The Discovery
TechBuzz Ireland identified and reported the scam wave in early April 2026 after multiple consumer reports. Warnings spread through consumer protection channels and media coverage across Ireland.
The Fallout
Irish consumers were advised to contact their banks immediately if they had transferred funds and to report the messages to relevant authorities. The scam continued to circulate alongside parallel bank impersonation texts targeting the same population.
Attack Details
The 'Hi Mam, Hi Dad' scam is a social engineering attack delivered entirely via SMS. A fraudster texts a parent or guardian with a familiar greeting, typically 'Hi Mam' or 'Hi Dad', followed by a claim that the sender is their child reaching out from a new or temporary phone number. The recipient is asked to delete or ignore the old number and save the new one.
Once the parent replies, the scammer maintains the persona and quickly introduces an urgent financial need. Common pretexts include a broken phone requiring replacement, an unpaid bill, or an emergency requiring immediate funds. The target is asked to transfer money via bank transfer, often to an account the scammer controls under a plausible alias.
The attack works by exploiting a parent's instinct to help their child without delay. Because the message arrives via SMS, a channel many families associate with direct personal communication, recipients are less likely to apply the same skepticism they might to an email or social media message. The scammer does not need to know the child's name in advance. Many variants go out in bulk with generic openers, relying on volume to find parents whose children have recently changed phones or who are simply caught off guard.
This campaign ran alongside bank impersonation texts circulating in Ireland at the same time. Those messages mimicked notifications from financial institutions to harvest login credentials or card details. Together, the two attack types targeted both emotional and financial vulnerabilities in the same population through the same channel.
How Trust Onion Helps
The 'Hi Mam, Hi Dad' scam depends entirely on a parent being unable to confirm in the moment whether they are speaking with their real child. A shared family codeword changes that immediately. When a message arrives claiming to be from a child with a new number, the parent can reply with a single question: 'What's the word?' A real child who uses Trust Onion knows the current codeword and can answer instantly. A scammer cannot. The conversation ends there, before any money changes hands.
Trust Onion codewords rotate every few hours and are calculated locally on each device, so there is no central database a scammer could breach to obtain the current word. Even if a fraudster knew a family used the app, they would have no way to retrieve or guess the active codeword. The system works entirely offline, meaning it functions even when a child is abroad or on a new device, which is exactly the scenario these scammers fabricate to explain why they are contacting from an unfamiliar number.
For families who want an additional layer of assurance, Proofies allow a family member to send a verified selfie with the current codeword overlaid and cryptographically signed. A parent who receives a suspicious 'Hi Mam' text could ask the sender to provide a Proofie before taking any action. No scammer can produce one. Trust Onion is free, and setting up a shared family codeword takes minutes. A one-word challenge would have stopped this scam before it cost a single family anything.
Impact Assessment
Aggregate financial losses from this scam wave were not publicly disclosed, but individual victims who transferred funds before spotting the fraud faced immediate monetary loss with limited recovery options. Bank transfers to scammer-controlled accounts are difficult to reverse, particularly when the receiving account is quickly emptied after the transfer.
Beyond financial harm, the scam causes real emotional distress. Parents who believed they were helping a child in crisis and later discovered the deception reported embarrassment, anxiety, and a lasting wariness of SMS communications. Some victims became reluctant to respond quickly to genuine urgent messages from their children, which strained normal family communication.
The broader harm extends to eroding trust in SMS as a channel. With both family impersonation and bank impersonation texts circulating at the same time, Irish consumers faced heightened uncertainty around any unexpected message, affecting legitimate communications from banks, services, and family members alike.
Lessons Learned
SMS messages claiming to be from a family member with a new number should always be verified through a second channel or a pre-agreed family codeword before any money is transferred.
Scammers use generic, high-volume text blasts that do not require knowledge of the child's name or personal details. Any parent can receive these messages.
Running family impersonation scams alongside bank impersonation texts in the same campaign increases the likelihood that at least one attack type will succeed against a given target.
Key Takeaways
Irish families were targeted in April 2026 by SMS scams in which fraudsters posed as their children claiming a new phone number and requesting urgent money transfers.
The 'Hi Mam, Hi Dad' scam does not require the fraudster to know the child's name. Generic openers sent at volume are enough to deceive a percentage of recipients.
Bank impersonation texts circulated alongside family impersonation texts in the same campaign, targeting both emotional and financial vulnerabilities via SMS.
SMS transfers to scammer-controlled accounts are difficult to reverse once completed, making prevention more effective than recovery.
A pre-agreed family codeword or verification question can expose a fake child impersonation message before any financial harm occurs.
Frequently Asked Questions
What is the 'Hi Mam, Hi Dad' scam?
It is an SMS-based fraud in which scammers text parents claiming to be their child contacting them from a new phone number. After a brief exchange, the scammer claims to need money urgently and asks for a bank transfer. The messages go out in bulk and do not require the fraudster to know the child's actual name.
How much money was lost in this scam wave?
Aggregate financial losses from this specific April 2026 wave were not publicly disclosed. Individual victims who transferred funds before identifying the fraud faced immediate losses that are typically difficult to recover through bank reversal processes.
How could this scam have been prevented?
A pre-agreed family codeword would have stopped this scam. When the message arrived claiming to be from a child with a new number, the parent could have asked: 'What's the word?' A real child using Trust Onion knows the rotating codeword and can answer immediately. A scammer cannot. Trust Onion codewords rotate every few hours, work offline, and are calculated locally on each device, so there is no way for a fraudster to obtain or guess the current word.
Why do these scams work if they use generic greetings?
The scams succeed because they go out at very high volume. Only a small percentage of recipients need to respond for the campaign to be profitable. The greeting 'Hi Mam' or 'Hi Dad' is emotionally resonant, and the urgency of a child claiming to be in trouble overrides the skepticism many people would otherwise apply to an unsolicited message.
What should I do if I receive one of these texts?
Do not transfer any money or click any links. Contact your child directly using a phone number you already have saved for them, not the number provided in the suspicious message. If you have already transferred funds, contact your bank immediately to report the transaction. Report the message to your national consumer protection authority.
More case studies
AI Scammers Clone Daughter's Voice to Extort Vancouver Man
Scammers used AI-generated voice cloning to impersonate the daughter of a Vancouver, Washington man, staging a fake kidn...
Missouri Mom Loses Thousands to AI Voice Clone Kidnapping Hoax
A Missouri woman named Rachel received a call that appeared to come from her college-age daughter's actual phone number,...
AI Voice Cloning Scams Fool Families With Fake Relatives
Criminals using AI voice cloning tools began impersonating family members over phone calls, needing only a short audio c...