Tax time is high season for scammers, who target taxpayers with fraud campaigns ranging from IRS impersonation to "ghost" preparers that take your money and run. In fact, the IRS publishes its annual "Dirty Dozen," a list of the tax scams consumers should be especially aware of. And this year's list reveals that, as with romance scams and scams targeting travelers, AI is making tax scams appear more sophisticated—and harder to spot.

AI is facilitating tax scams

One of the IRS' top scams for 2026 is AI-powered impersonation by phone: fraudsters are using AI tools for voice cloning and caller ID spoofing so recipients believe they are talking to a legitimate IRS representative. These forms of impersonation are so good that it's difficult to distinguish between what's fake and what's real. Scammers may call you about your tax bill and demand payment, or tell you that your information is being used in a crime and ask you to verify sensitive details.

Of course, AI facilitates other forms of impersonation, spoofing, and phishing. It's easy to set up an AI-generated fake website (such as for the IRS or other organizations that provide tax prep or support services) that looks nearly identical to the real thing, and which scammers can use to harvest personally identifiable information and login credentials. The same goes for other communication, such as text messages and notices sent via email or snail mail.

AI isn't just an external threat. Researchers at McAfee found that 30% of taxpayers plan to use an AI tool like ChatGPT to help them prepare their taxes. Not only will a chatbot potentially provide incorrect (if relatively harmless) information to users, it could also put personal data at risk in the event of a data breach.

How to spot AI-powered tax scams

Taxpayers may be particularly vulnerable to these scams because the possibility of getting into trouble with the IRS is especially scary, and fraudsters capitalize on this fear. People may be more likely to act on an urgent message that comes with the threat of financial penalties, wage garnishment, or a lien being placed on their home. And since AI can make communication sound more human—and both believable and trustworthy—than an actual human, the typical scam red flags like poor grammar and odd language aren't reliable indicators.

First and foremost, remember that the IRS almost always initiates contact by mail and will not call taxpayers to demand payment or threaten arrest. The agency also does not leave prerecorded messages. Legitimate notices sent by mail are informational and should contain specific references to your tax return rather than vague demands for money. It is possible you will receive a call or even an-person visit from the IRS, but these occur in specific cases and only after multiple mailed notices.

Because AI scams can be so difficult to spot, you should be wary of all communication related to taxes. You can set up an online IRS account through ID.me and view any notices and letters you've been sent to verify they are legitimate. As always, never comply with any demand for money or information without confirming who you are talking to—because it's almost certainly not the IRS.

If you are planning spring or summer travel, you may want to slow down and pay close attention to the process. Scammers have a lot to gain by targeting travelers: The Federal Trade Commission tracked more than 58,000 reports of travel, vacation, and timeshare plan fraud in 2024 totaling $274 million in losses. And AI is helping them get away with it.

How scammers are targeting travelers

Some of the most common travel scams involve impersonation: of people, brands, and listings. For example, fraudsters will post fake vacation rental listings and collect payment (sometimes by pressuring you to use wire transfers or peer-to-peer apps) and leave you stranded with no place to stay or stuck in accommodations way worse than what you booked and paid for. On the back end of a trip, a dishonest host may try to make fraudulent damage claims and pressure you into paying hundreds or thousands of dollars for something you didn't do.

Scammers will also impersonate travel agents and booking platforms, allowing them to collect sensitive personal information and money before you clock the fraud. Booking.com is a common target for scams. Multiple campaigns have used a spoofed version of the site to spread malware—another known as "I Paid Twice" targeted both Booking.com and Expedia.

Other travel scams involve fake flight cancellation notifications (which direct you to rebook on a phishing website), fake customer service numbers promoted via both sponsored ads and legitimate business listings, and deals that are too good to be true.

AI facilitates travel scams

These days, even savvy consumers can fall victim to these travel scams. As travel expert and consumer advocate Christopher Elliott writes for The Seattle Times, AI has rendered traditional scam red flags practically obsolete. We can no longer rely on obvious grammar and spelling errors to differentiate between what's real and what isn't, as tools like ChatGPT and Gemini are capable of nearly flawless replication of human speech and generating authentic-looking content—like photos, rental listings, and entire websites—in almost no time.

According to McAfee, one of the most common ways AI has changed the travel scam landscape is via voice cloning. Threat actors can make deepfake calls using just a few seconds of voice samples pulled from promotional material or customer service recordings. You may not be able to differentiate between a fake airline representative, hotel staff, or travel agent and a real one, and fraudsters use this to get everything from passport information to credit card numbers.

AI also makes phishing attempts far harder to spot, as scammers can craft booking confirmations and other communication using authentic branding and perfect text. And fake booking sites (as described above), rental listings, and tour pages are nearly indistinguishable from real ones, thanks to AI-generated photos, videos, and reviews.

How to identify AI-powered travel scams

Thankfully, AI hasn't eliminated every scam indicator. Urgency should always raise alarms, as scammers count on targets responding to demands before having time to think. If you're being pressured to provide information or pay money or book before a deal expires, it might be a scam. Slow down and verify before taking action.

If you're asked to send money via crypto, wire transfers, gift cards, or apps like Venmo and Zelle, it's almost certainly a scam. Always book travel over trusted platforms using credit cards, which have fraud protection and can be tracked or disputed.

If a customer service rep contacts you about your trip, ask them to verify your booking details before providing any additional information. If they cannot confirm things like your reservation number or card on file, they are likely not legitimate. If you're unsure, hang up and call the hotel, airline, or travel agent using contact information obtained from an official source.

Finally, check travel websites carefully for subtle signs of a scam. Be wary of URL tricks like homograph attacks and typosquatting, which are used to spread malware. Legitimate businesses will also have contact information and privacy policies on their websites. Avoid getting to websites through search results and unsolicited emails and social media messages—instead, go directly through trusted communication or type the correct URL into the address bar.

Most of us believe that we would never, ever fall for a scam. We think we know the "tells," like poorly formulated communication that sounds urgent. Unfortunately, social engineering—tactics that prey on human emotions and instincts to get us to act against our own interests—can work on anyone.

Romance scams are a textbook example of emotional manipulation in which the perpetrator exploits a victim's feelings of loneliness, love, or desire for connection to build trust over the long term. Beyond the emotional toll, the financial consequences are significant: The FBI's Internet Crime Complaint Center (IC3) reported $672 million in romance scam losses in 2024, and this number is almost certainly only a fraction of the real total.

Scammers are increasingly employing AI tools in romance scams, making these campaigns even harder to detect and therefore even more dangerous for targets. Experian predicts that AI-powered romance scams will be among the top fraud threats in 2026.

How a romance scam works

As McAfee describes in a recent report on the state of romance scams, this type of fraud is a long con. A romance scam typically starts with a "hook," like a DM, follow request, "wrong number" text, or match on a dating app. Once a scammer gets a response, they'll move into love bombing in an attempt to quickly build intimacy and trust while encouraging you to keep the relationship a secret. They'll take time to build credibility around their persona, which likely includes a job or lifestyle that prevents them from meeting you.

Next comes a minor request for financial support, which may escalate into opening an account, "investing" in a business venture, or co-signing a loan. Increasingly, these schemes involve fraudulent investments in cryptocurrency. (Another term for this is "pig butchering.") Once they've got what they want, scammers disappear, leaving victims to deal with the consequences.

Romance scams work because they don't start with obvious exploitation. Fraudsters build up trust over weeks and months, so it's more likely to feel like a real relationship than a scam until victims are already in too deep.

AI is making romance scams worse

AI is making romance scams even easier for fraudsters to run. In a review of recent research, Bitdefender notes that in order to build trust, scammers have traditionally had to devote significant time and attention to each individual target. While playing the long game in this way is often worth the effort—as the payoff is often significant—it limits the number of potential victims any one scammer could reach.

AI removes these barriers. Large language models (LLMs) are capable of maintaining natural conversations without the red flags of a scam, such as poor grammar and misspellings. AI can mirror personality, reflect emotion, and match tone, and it's less likely than a human to come off as pressured or rushed. Chatbots can retain and integrate personal details from earlier conversations, and it requires very little effort to sustain for a very large number of victims.

Automated chatbots are especially adept at handling the early stages of a romance scam, and humans are required to step in only at critical moments to offer reassurance or initiate a financial request. Because scammers can maintain many conversations at once, they can also test out different tactics and quickly refine based on what works best to keep victims engaged. As the Global Cyber Alliance puts it, AI adds "speed, scale, and consistency" to the traditional romance scam.

Research suggests that victims may actually find AI more trustworthy than a human. McAfee found that a third of American adults believe it's possible to develop romantic feelings toward an AI bot. Deepfake audio and video make these AI-powered scams even more credible, as victims can no longer rely on a scammer's refusal to actually speak with them as a red flag.

How to catch a romance scam

Even a well-trained chatbot has limitations. According to McAfee, the most common clues that you're interacting with a bot or fake profile include scripted or repetitive responses, instant (and perfectly crafted) replies, and photos that are obviously generated by AI. Other red flags include a contact who avoids voice and video calls as well as unusual requests early in the relationship.

To avoid getting wrapped up in an AI-powered romance scam, slow down. Be wary of perfectly crafted responses, which may indicate automation. Try asking unexpected questions or creating friction, which can throw a chatbot off. Remember that relationships shouldn't rely on secrecy or be contingent on financial support. Social media and dating sites are full of fake profiles, so seeing is not always believing.

If you order a new smartphone to be delivered to your home, you may be a target for scammers. Fraudsters are impersonating representatives from mobile carriers, calling customers and claiming that they've been sent the wrong device and need to return it.

Obviously, if you follow through, scammers get to keep your phone—they may either to sell it or activate it using your information to perpetrate identity fraud.

Scams centered on stealing high-value tech aren't anything new. In addition to regular porch pirating, thieves have been known to knock on doors, posing as couriers or company representatives attempting to recover a "wrongly delivered" item. Fraudsters have also used fake Find My alerts to gain access to lost or stolen iPhones.

How the phone return scam works

As an editor at ZDNET experienced, the scam begins shortly after your new phone is delivered. You may receive a call from a spoofed number, and someone claiming to represent your carrier will have specific information like your name, address, and device model. They'll tell you that there's been a mix-up and you need to send your phone back so you can receive a replacement. They may give you instructions to scan a QR code, print a label, and take the package to a shipping drop-off point. In some cases, targets have been promised gift cards for the inconvenience.

If you hesitate, scammers may employ a number of pressure tactics to get you to act. They'll tell you that delaying the return could cause issues with your device activation, billing, or warranty. They may continue to call with threats.

Like many scams, this one relies on social engineering: it manipulates emotions and instincts to get you to act against your best interest. Fraudsters impersonate a trusted brand and use detailed information about you to make their story more believable. They use timing to their advantage and promote a sense of urgency.

The phone return scam also has similarities to the brushing scam, in which victims receive a package containing merchandise they didn't order so that scammers can write a verified review or boost sales numbers or collect personally identifiable information once you scan a QR code (an added component known as quishing) to learn more about the item.

What to do if you get a call about your new phone

The solution here is to simply hang up. If you are concerned about your account or device, call your carrier directly (use the customer service number from a previous bill or go through the official app) and confirm the mix-up. Don't engage with QR codes or any instructions provided on unsolicited calls.

It may be alarming that a scammer has specific details about your order and calls right after your new phone is delivered. Unfortunately, a lot of your personal information is out in the open and available to bad actors, whether as the result of a data breach or some other form of compromise (such as malware that can read notifications). This is a good reason to keep an eye out for other indicators of identity theft and act quickly if you find anything suspicious.

If you receive a text from a random number offering you a job, it's almost certainly a scam, and you likely know to ignore and delete the message and move on with your life. But a message from a recruiter with a link to an employment application may give you pause—and fraudsters are hoping that you'll believe it just enough to hand over your personal information. Malwarebytes recently identified a phishing scam that uses fake Google Forms posing as job applications to harvest user account credentials.

How the Google Forms job scam works

This specific campaign involves a fake Google Forms site that impersonates the real thing. Links sent to scam targets—likely via email or LinkedIn—direct to forms.google.ss-o[.]com, which looks like a subdomain of the legitimate forms.google.com. (It isn't.) The "ss-o" may be a trust signal for "single sign-on" and fail to raise red flags for many users. Each target receives a personalized URL, which leads to a (fake) Google Form inviting the user to apply for a job.

As Malwarebytes found, the fake page uses the standard Google Forms colors, header, and disclaimers. The form itself is greyed out behind a pop-up prompting users to "sign in to continue." Again, this doesn't look particularly suspicious for a typical Google flow. But the sign-in button redirects to another domain that has been used in multiple phishing attacks to harvest credentials.

Fraudsters have long used Google apps to perpetuate phishing schemes. A 2025 campaign targeting students, faculty, and staff at U.S. colleges and universities used Google Forms that mimicked legitimate school communications to collect login credentials entered directly into the form itself. (Google warns you to never, ever do this.) And numerous attacks on Gmail users have leveraged shared Google Docs to direct victims to a fake sign-in page.

How to avoid phishing attempts on your Google credentials

As always, your first red flag for a scam is a link sent via an unsolicited job offer—even if that link goes to a seemingly legitimate site. Scammers have all kinds of tricks for spoofing URLs and using recognizable domains to gain your trust. Always hover over hyperlinks to see the actual destination before clicking, and look carefully for additions or misspellings in the URL.

Plus, you should probably be wary of any job application submitted via Google Forms. Do your due diligence in speaking with an actual human, and do not send sensitive personal information through Google Forms.

This is also a good reason to use a password manager, which won't allow you to fill login credentials on a fake site. If your password manager gives you a warning or prevents you from using autofill, don't override it.

A new phishing campaign identified by Malwarebytes Labs targets AT&T customers with text messages about expiring rewards points. Users are urged to claim their rewards ASAP by clicking the included link, which is actually designed to harvest sensitive personal information.

AT&T rewards scam phishes personal information

Targets for this scam have received texts containing a "Rewards Expiration Notice" urging them to redeem points in their AT&T account before they are scheduled to expire. The message includes a specific points balance and expiration date along with two "recommended redemption methods":

• AT&T Rewards Center: [shorturl link]

• AT&T Mobile App: Rewards section

As Malwarebytes discovered, the short link sends users to a https://att.hgfxp[.]cc/pay/, a spoofed website with AT&T branding, headers, menus, and links out to the real AT&T domain. Users are directed to enter their phone number to verify their account, which leads to a screen warning that their points are set to expire. Further down, you can see redemption options, including an Apple Watch Series 9, Sony WH-1000XM4 Wireless Headphones, and Amazon gift cards.

In order to claim a reward and arrange delivery, victims are then prompted to enter more personal information—which is transmitted directly to the scammers. Malwarebytes notes that the forms have real-time validation and error highlighting so users are less likely to suspect the fraud.

Rewards scam red flags

This scam relies on social engineering tactics—like a sense of urgency and the fear of missing out—to trick targets into engaging. And while it does have a somewhat believable look and feel as well as a multi-step approach to build user trust, it also has some clear red flags. The text originates from a regular phone number rather than a short code, which is often used for automated messages, and the sender doesn't appear as a recognized AT&T contact. The thread also includes multiple recipients and a generic greeting. (A legitimate message from AT&T will be sent directly to you.)

Then there's the shortened URL that leads to a website not owned by AT&T. While the page has some realistic branding and working links, it also has a number of typos and grammatical and formatting errors. Malwarebytes found that if you click the link on different days, the expiration date on the site changes.

As always, don't click links in unsolicited texts. AT&T does have a rewards program, but you should go directly to that portal via the web or app to manage your rewards.

Identity thieves are now using college enrollment to take out student loans in victims' names. This so-called "ghost student" scam capitalizes on limited verification for online class sign-ups and the federal aid application process to steal millions in funds while assigning the debt to unsuspecting targets.

I personally have been a victim of this scam, which I discovered only after an outstanding student loan debt landed on my credit report in 2024. Here's how the scheme works.

'Ghost student' scam relies on stolen identities

To run this scam, fraudsters use stolen or fake identities to enroll "ghost students" in online classes while also applying for federal student aid, including Pell grants and loans. Of course, they never actually attend those classes, instead disappearing with the money and placing the resulting financial burden on the individuals and schools they've conned.

In my case, scammers had used just enough accurate personal information to "enroll" at a community college in southern California and take out a Pell grant in my name. However, because the enrollment was fraudulent, the grant was considered overpaid and sent to collections via the U.S. Department of Education—which is how it landed on my credit record.

According to the U.S. Department of Education's Office of Inspector General (OIG), this type of fraud blew up with the shift to online and remote learning, particularly at community colleges that offer open enrollment (and generally engage in limited verification of applicant information). Increasingly, AI tools also likely help scammers to expand their reach with enrollment and loan applications and get past identity verification checks.

The scheme has affected schools across the country. In California alone, nearly a third of all applicants to community colleges in 2024 were identified as fake. A handful of individuals have been sent to prison after stealing millions in "ghost student" financial aid, but the OIG still has 200 investigations open.

For individuals targeted by the ghost student scam, the consequences are essentially the fallout of identity theft, such as debt falsely assigned to you that negatively affects your credit or the inability to get legitimate student loans (or any other type of credit) when you actually need them.

It also forces you into a long and arduous process of disputing the fraud: I spent several months going back and forth between the Department of Education, the community college, the credit bureaus, and an attorney to track down the fraudulent applications, file identity theft reports, provide extensive documentation proving that I wasn't responsible for the debt, and get the information removed from my record.

How to protect your identity from student loan fraud

Unfortunately, the ghost student scam circumvents a standard anti-fraud safeguard because most federal student aid doesn't require a credit check. (My credit record had been frozen for years, and still was at the time that this fraud took place.) While you should absolutely freeze your credit and thaw it temporarily only when needed, this step may not prevent bad actors from using your information to apply for grants and loans.

Because this scam is a form of identity theft, you should take every precaution to safeguard your personal information. Given the ubiquity of data breaches and hacks, you can assume a lot of it is already out in the open, but that doesn't mean you can't lock accounts down and practice good digital hygiene. Credit fraud alerts and a regular review of your credit reports will help you catch any suspicious activity quickly.

Some Grubhub users have received a tempting email offer from the food delivery service: Send $1,000 in bitcoin to a specified wallet, and get 10 times that amount back. Unfortunately, this is very much a scam.

As BleepingComputer reports, these promo emails were sent from addresses on b.grubhub.com, a legitimate Grubhub subdomain, so they appear verified in recipients' inboxes. Two examples of senders include merry-christmast@b.grubhub.com and crypto-promotion@b.grubhub.com.

Beyond that, there are some pretty clear red flags. The subject line reads "30 minutes left - We'll 10x your Bitcoin!" to promote a sense of urgency and an offer too good to be true (but also too good to ignore). The body includes the recipient's name and instructions on how to participate in Grubhub's "Holiday Crypto Promotion" with a bitcoin wallet address.

While Grubhub has acknowledged the problem, they haven't released any details as to what facilitated attackers sending emails using a company address. The company did suffer a major security breach earlier this year, resulting in the leak of some user data (including names and email addresses).

There are several varieties of the crypto reward scam

The Grubhub email promotion is a pretty typical example of a cryptocurrency scam. The Federal Trade Commission outlines several variants, including get-rich-quick schemes guaranteeing big returns on your investment and celebrity-promoted "giveaways" that claim to multiply any funds you send.

If you fall for crypto fraud, there's no way to track or get your money back, and even if victims are few and far between, scammers can score big paydays. That's why you should be especially wary of anything and everything requiring a crypto transaction, especially if the offer sounds urgent or provokes a sense of either excitement or fear. And remember that no legitimate organization—government agency, law enforcement official, utility company, or prize promoter—will ever ask for payments in cryptocurrency.

If you received gift cards over the holidays, don't throw them in a drawer and forget about them. While many gift card scams involve thieves demanding payments—for everything from taxes and fines owed to outstanding utility bills—via prepaid cards, there's a less obvious type of fraud known as gift card draining.

How gift card draining scams work

If you forget how much money is on a gift card you received a while ago, you're likely to check the balance online. You'll typically need to enter your card number and PIN or security code, but some websites that claim to provide gift card balances are actually collecting that information to use it later. Always use the official site listed on the back of your card, or better yet, call or visit the retailer directly to confirm the balance.

In another version of this scam, fraudsters have set up sites offering to pay you for gift cards you don't want or won't use. They may claim to purchase your $100 card for $90—which sounds better than no money at all—but are simply out to steal the card information and drain the funds, and you'll never actually see that cash. Sites promoting that type of deal are typically not legitimate.

When you purchase or receive a gift card, keep the receipt, note the starting balance, and register it with the retailer or transfer the funds from the gift card to your existing account if those options are available. If possible, change the PIN, and spend the funds sooner rather than later.

Gift card scams begin in the store

If you're considering buying physical gift cards in the future, be sure to check for signs of a scam. Fraudsters will tamper with cards in stores by adding stickers over the barcode, so when you check out, the funds you pay go to their account rather than the card itself, which means the balance will be zero when the recipient goes to spend it. Scammers can also record the card number and activation PIN or security code, then reseal the packaging and replace the card on the rack—once the card is paid for or activated, they use the information to spend the funds.

Inspect gift cards purchased in-store carefully for added stickers, damage to the packaging, or scratch-off coating that has been removed. You can avoid some risk by purchasing gift cards online directly from the merchant's website (as gift cards sold at steep discounts on social media or deal sites are often scams).

And if you do end up with a scam card, you can file a report with the gift card issuer, though your mileage may vary in terms of recovering funds. The Federal Trade Commission (FTC) has a list of fraud contacts for some of the most popular card retailers, including American Express, Visa, and Amazon.

Another PayPal phishing scam is circulating, this time with email notifications about recurring or automatic payments. The messages originate from a legitimate PayPal address, allowing them to evade some security filters and leave recipients worried that their accounts have been compromised—perhaps just enough to ignore the obvious red flags and call or email scammers back.

I personally have been targeted by this scam with at least five separate emails, though all have gone straight to my spam folder. Here's how scammers are exploiting PayPal settings to land in your inbox.

How the PayPal scam works

If you're targeted by this campaign, you may receive an email with the subject line "Your automatic payment status has changed" or "Recurring Payment Reactivated." The layout imitates a real PayPal notification and includes a message about a high-dollar payment being "successfully processed" along with a customer service email and phone number to contact PayPal support.

The email is full of red flags: It is addressed to a random name (or, in one of the messages I received, "Hello Update Invoice"), has poor spelling and wonky formatting, and simply doesn't make sense. You can easily spot oddities like bold text and Unicode characters, which BleepingComputer notes is a trick used to bypass spam filters and keyword detection.

Credit: Emily Long

Where the trick lies is in the sender field, as the email comes from service[at]paypal[dot]com, a legitimate PayPal address, and paypal.com is in the signed-by field. As Malwarebytes Labs describes, this is likely an abuse of PayPal's subscription billing feature. If a merchant pauses a customer subscription, the user will receive an automatic email from PayPal notifying them that their payment is no longer active. Scammers are likely setting up fake subscriber accounts using Google Workspace mailing lists, so automatic emails being generated are sent to everyone on those lists. If you look at the "To:" field, you'll see that the message isn't actually addressed to your email.

Exploiting these types of loopholes to make phishing emails seem legit is a common tactic, and I've covered several similar PayPal phishing campaigns already this year. According to a statement provided to BleepingComputer, PayPal is working on mitigating this specific flaw.

Ignore PayPal payment notifications

If one of these PayPal messages lands in your inbox, don't engage with it. Scammers frequently use emails, texts, and calls about account security and financial transactions to scare you into action, and the impersonation of trusted institutions is often pretty convincing.

If you are concerned about activity on your PayPal account, go directly to the app or website and log in to view alerts and check transactions. Do not use contact information or click any links in the original notification, as this increases the chances of compromising your information or downloading malware to your device.

Many Americans are in the middle of making hard decisions about their health insurance, in part because open enrollment, the period in which consumers can change their plan, is happening now. That means scammers are also busy contacting people, impersonating insurance providers in an effort to collect personal, financial, and medical information.

Common health insurance scams

Fraudsters especially love to impersonate representatives from Medicare, targeting older adults and others who qualify for the federal program with unexpected calls. As the Federal Trade Commission warns, scammers may have some of your personal information already and will ask you to confirm your Medicare, bank account, and/or credit card number under the guise of sending you a new Medicare card. In reality, Medicare cards are free and sent automatically, so you should never need to provide payment.

Scammers may also target consumers on Marketplace, Medicaid, and Children's Health Insurance Program (CHIP) plans with a similar tactic, claiming that you may lose or be disqualified from health coverage unless you make a payment.

In addition to impersonating government officials, bad actors will pretend to represent a legitimate insurer, promising discounted plans (that are available only for a limited time) or enrollment assistance (for a fee). Plans that seem too good to be true probably aren't health insurance at all and may not provide the coverage promised. And you shouldn't have to pay anyone to sign up for a plan.

Note that while scammers may ramp up efforts during open enrollment, health insurance scams can happen year-round. A Federal Communications Commission (FCC) advisory warns consumers about common tactics like calls and texts in which scammers—impersonating government agencies or insurance companies—offer health screening, free gifts, or other promotional benefits in exchange for your personal information.

Bad actors can pretty easily spoof phone numbers (so it looks like you're getting a call from a reputable insurance provider like Medicare or Blue Cross Blue Shield) as well as set up phishing websites designed to steal your credentials and financial information.

Insurance scam red flags

As always, unsolicited communication that pressures you to take action is almost always a scam. Medicare representatives will never call, email, or text you to verify information or demand payment, nor will legitimate government officials try to sell you anything or threaten you unless you pay up. If someone claims they represent an insurer and asks for money or sensitive personal information, or if they threaten you with legal action, hang up.

Don't share any data, including your social security number, bank account number, or medical history with anyone—that is, unless you have contacted the Medicare office or other legitimate agency directly and first and need to verify your identity. (The number for Medicare is 1-800-MEDICARE, and you can reach a Marketplace representative through HealthCare.gov).

Always verify a representative's identity using official contact information found on a .gov website, legitimate company page, or an account statement, and never send money via gift card, prepaid debit, or crytocurrency in exchange for anything. You should also ensure your credentials for your insurance accounts (like HealthCare.gov and Medicare.gov) are strong and secure, and enable multi-factor authentication wherever possible.

Impersonation scams have come for something many of us dread both attending and missing: jury duty. Fraudsters pretending to be law enforcement officers are contacting people claiming that they've missed a summons and need to pay up or risk arrest.

The Federal Trade Commission first warned of this scheme back in March, when bad actors were simply calling or emailing targets with threats and requesting personal information or payment over the phone. Scammers have since moved on to a new tactic directing victims to phishing websites, where they attempt to collect identifying data like birth dates and Social Security numbers as well as cryptocurrency payments.

None of this is real. In all likelihood, you didn't miss jury duty, and even if you did, you don't owe the government a fine in exchange for not getting arrested. Here's how to spot the fraud.

Jury duty scam red flags

A jury duty scam typically begins with an unsolicited call (or email) from someone claiming to be a police officer or U.S. Marshal. They'll tell you that you missed jury duty and need to pay a fine in order to avoid arrest. They may direct you to an official-sounding URL to pay said fine, where you'll see official-looking seals. You'll be prompted to enter personal information to "look up how much you owe" and go to a "government kiosk" to complete the transaction of up to $10,000 (probably in cryptocurrency). At the end of all this, scammers have data that allows them to steal your identity and possibly some of your money that you can't get back.

This scam has all the hallmarks of the many others we've covered. Fraudsters stoke emotions like doubt and fear, as you think maybe it's possible that you actually did miss jury duty, and no-showing a legitimate summons does have very real consequences. There's an urgent call to action—providing information and money—to fix the problem. The next steps involve a suspicious link and unrecoverable payment options, like wire transfers and crypto.

Know that the courts won't call and demand money with a threat of arrest, nor will law enforcement or any other government entity. Don't provide any information or payment over the phone, and don't go to any URLs they give you. Phone numbers and email addresses are easily spoofed, so don't engage any further. Instead, go directly to the court's website (look for a .gov address) and use the contact listed there to confirm jury duty information.

Scammers love impersonating Amazon. Just last month, the company alerted Prime members to an email phishing campaign involving (fake) subscription renewals, and customers have been targeted by similar messages related to various account issues as well as mystery packages containing "free" stuff that turn out to be brushing scams.

According to a new warning from the Federal Trade Commission, bad actors are at it again with a new phishing scheme that offers (fake) refunds on recalled purchases.

How the Amazon refund text scam works

As the FTC notice describes, the current scam starts with a text sent to potential targets impersonating Amazon. The message states that through a "routine quality inspection," the company determined that your recent purchase doesn't meet standards or has been recalled. You can get your money back without needing to return the item, but you have to click the included link and provide some information to request a refund.

This is a malicious link that leads to a phishing website, and instead of receiving a refund, you're handing your personal and/or financial information over to the scammers if you click through and apply.

How to spot the Amazon text scam

Like many scams, this one isn't all that sophisticated, but the promise of an easy refund may be enough to convince some recipients to act without thinking. Common red flags include poorly written text with odd formatting, urgent calls to action, and senders with foreign numbers or email addresses. As a general rule, you should never click links received via text—or in unsolicited emails or social media messages, for that matter. These are popular vectors for phishing. Also, never respond directly, as doing so may invite further targeting from scammers.

If you're concerned about something you bought on Amazon, log into your account by going directly to the website or app and review your order history. You can also verify which messages are legitimately from Amazon via Accounts & Lists > Account > Your Messages.

If you do receive an unwanted text you believe is a scam, you can forward it to 7726 (SPAM) and report it as junk through your phone's message app. Then delete it.

While many financial institutions have a presence on social media, not all content that appears to be legitimate and trustworthy actually is. Scammers are posting ads on Instagram impersonating Canadian banks, including Bank of Montreal and EQ Bank, in phishing campaigns.

An investigation from Bleeping Computer found a series of fake ad posts on Instagram that directed users to phishing websites that collect login credentials as well as stories impersonating a well-known bank strategist that harvests contact information.

How scammers are impersonating banks on Instagram

These Instagram phishing scams have taken a couple of forms. In one, fraudsters are using what looks like official bank branding in static ad posts with promises of high interest yields on savings accounts. If users click through to learn more or apply, they are directed to a fake website and prompted to enter their account credentials. While the page looks legit, the URL clearly is not linked to EQ Bank's actual domain.

Another version of this scam involves fake ads and AI deepfake videos impersonating Brian Belski, Bank of Montreal's chief investment strategist. The "BMO Belski" ads show up in Instagram stories with screening questions like "How long have you been investing in stocks?" Upon answering, the user is prompted to submit their contact information to the advertiser. The videos direct users to private "investment groups" on WhatsApp.

The latter is an iteration of a fraud campaign I covered recently: Ads on Facebook that appear to be affiliated with prominent investors like ARK Investment Management's Cathie Wood, CNBC's Joe Kernan, and Fundstrat's Tom Lee and lead users to group chats on WhatsApp, where they get sucked into pump-and-dump schemes. Obviously, the investors shown aren't actually endorsing the ads or the advice, but an unsuspecting user may believe they are getting credible information from trusted sources.

As Bleeping Computer points out, the accounts behind the BMO Belski ads exist only on Facebook—Meta Business Manager allows Facebook pages to run Instagram ads without having an Instagram account. If you click through to the BMO Belski Facebook page, there are signs that the account is repurposing an existing page with an older creation date and established following (albeit only two posts), potentially giving it more credibility to the casual observer.

How to avoid bank impersonation scams

These fraudulent ads may be increasingly difficult to suss out thanks to the use of stolen brand assets and AI-generated videos that, as we've covered, are as believable as we want them to be.

Always have a critical eye on social media content that appears to come from a legitimate entity or well-known individual. Investors (trustworthy ones, anyway) and celebrities are typically not giving too-good-to-be-true finance tips on Instagram and Facebook or in WhatsApp chats.

Credible Instagram accounts have a "verified" badge, but you should still be wary of entering credentials on a site you've clicked to from an ad. You're better off going directly to an organization's official account page or website and logging in from there to verify any online promotions. Ads on social media are used for spreading malware—another reason not to engage with them.

Investment scams aren't anything new: Bad actors have long used pump-and-dump tactics to hype stocks or cryptocurrencies, preying on emotions like fear and greed. And who wouldn't want big—or even steady—returns on their money, especially amidst tariffs and other economic turmoil?

Scammers are currently capitalizing on this with fraudulent Facebook ads to lure users into handing over large sums of money. Here's how to spot these schemes and avoid falling victim.

Investment scams on Meta platforms

According to a group of 42 state attorneys general, the current fraudulent investment campaigns also happen to have elements of impersonation scams.

The scheme begins with ads on Facebook that feature prominent investors, including ARK Investment Management's Cathie Wood, CNBC's Joe Kernan, and Fundstrat's Tom Lee, along with other wealthy individuals like Warren Buffet and Elon Musk (none of whom have any actual affiliation with the ad). If you click the ad, you'll be prompted to download or open WhatsApp to join an investment group.

This is where the pump-and-dump kicks off. "Experts" in the group advise members to purchase specific stocks, inflating the price, which they in turn sell and profit from. The AG letter to Meta detailing the scam includes reports of individuals losing anywhere from $40,000 to $100,000 or more after clicking on a fraudulent ad on Facebook.

Other investment scams originating on Facebook involve cyber criminals harvesting sensitive personal information via fraudulent investing platforms (also by spoofing celebrity endorsements).

Investment scam red flags to watch for

For many people, it seems obvious that you shouldn't get your investment advice from a Facebook ad or WhatsApp group. But fear and greed are powerful emotions, and scammers are counting on these social engineering tactics working at least some of the time.

That's why you should be wary of any advice that promises an unrealistic rate of return in a short period of time with no risk of loss as well as endorsements from celebrities, political figures, and well-known investors (who are almost certainly not endorsing anything). It's also just good practice not to click ads on Facebook, which are easy vectors for spreading scams and malware.

Another sign of a scam is content or communication that appears to be generated by AI. After joining a WhatsApp group, an investigator from the New York Office of the Attorney General was called by a scammer who used AI to translate her speech into English. Unfortunately, emotions can cloud our ability to identify AI-generated content if we want to believe what we're seeing.

Social media is rife with content that captures animal lovers' attention, and scammers are capitalizing on this with campaigns that solicit donations to fake charitable causes. The Better Business Bureau (BBB) is alerting users to a new scam on TikTok that purports to sell handmade crafts in order to raise funds for animal shelters.

Here's how to spot this donation scam (and others like it).

What the TikTok donation scam looks like

According to the BBB, this TikTok campaign involves videos of older adults making crafts, such as cat toys, with background music and a message that goes something like, “Please don’t scroll for 12 seconds to help my failing animal shelter.” The video further explains that they are selling these items to help fund a shelter for cats or other animals (which may also be shown).

The video description includes a link to donate to the cause or purchase the item—which, of course, you'll never receive, nor will the funds actually be used to help animals in need. The BBB cites a report from its Scam Tracker of a TikTok account run by user FlappyBirdUS, though there are likely plenty of other scammers employing similar tactics on TikTok and other social media platforms. Note that these videos may be AI-generated or use content stolen from other accounts.

How to spot donation scams

Scams of all kinds play on emotions—fear, greed, sympathy—to get victims to act, whether that involves handing over personal information or donating money to "charitable" causes. If you see content on TikTok or elsewhere that makes you feel something and urges you to act now, resist that urge.

Instead, do some research about the person or organization: Look up the name, contact information, and website, and type the information into a search with the term "scam" to see if anyone has identified it as fraudulent. You can also search for charitable organizations on sites like Charity Navigator, GuideStar, and Give.org and look for their verified social media accounts. If an organization isn't listed, that doesn't mean it isn't legit, but you should dig further before donating or making a purchase. Alternatively, consider seeking out local organizations or mutual aid groups engaged in causes or action you care about in your area.

You should also look out for signs of AI-generated videos, which are used in numerous types of scams. As we've noted, though, we are easily swayed by things we want to believe, such as videos of cute animals in need, making AI content particularly difficult to spot.

Finally, there are of course other iterations of the donation scam out there, some of which use social media posts to solicit Venmo donations to fraudulent accounts in the name of legitimate individuals or organizations. The same rules for avoiding these scams apply.

The newest text scam making the rounds is a message that (poorly) impersonates your state DMV with a threat to rescind your license unless you pay outstanding fees. NPR reports that departments of motor vehicles in New York, Florida, and California have alerted residents to the scam, but it has been spotted in other places too (including Utah, where I live).

How the DMV text scam works

This scam purports to be from the DMV or transportation department in your state and warns of unpaid fees for traffic violations or tolls. The message directs recipients to a link to pay these supposed penalties or risk losing their license (or "driving privileges") or face legal action. It also references a state statute that may actually be legitimate (albeit unrelated to the warning), but that doesn't mean the text itself is.

The DMV scam currently circulating is similar to the unpaid tolls scam and the unpaid parking fee scam, both of which are examples of smishing, or SMS phishing. This type of attack relies on text messages to try to convince targets to click malicious links and disclose personal or financial information or download malware to their device in the process. Scammers engaging in smishing often attempt to impersonate legitimate institutions, such as banks and government agencies.

According to data from Robokiller, Americans received 19.2 billion spam texts, of which smishing is an example, in April 2025. That's an average of 63 messages per person.

Text scam red flags to watch for

The DMV scam may seem obvious, but bad actors hope that some recipients will be swayed by an official-looking text that threatens real-life consequences and act without investigating further. That's why you should be wary of any message, text or otherwise, that demands urgent action or invokes an emotional response.

Once you read more carefully, you'll notice additional red flags. The sender may be an email address or non-local (even international) phone number— official texts from government agencies typically come from five-digit numbers. The name of the department may be incorrect, such as the Florida State Department of Motor Vehicles (fake) instead of Florida Highway Safety and Motor Vehicles (real). The URL to pay the supposed fine is not an official state website (https://utah[dot]gov-etcwirs[dot]cc, for example), and it may not be clickable, so it skirts your device's security features. And, of course, there may be minor spelling and grammar errors and odd formatting.

After the celebration ends, college graduates typically face numerous transitions, from moving to a new city and/or starting a new job to taking on student loan payments and other financial responsibilities. College students are often targeted for job scams, but the Better Business Bureau is alerting recent grads about schemes being employed specifically to steal their personal information and money during this transition period.

Unpaid tuition scam

Imagine getting a call after graduation that you have an outstanding tuition payment, and unless you pay the bill immediately, your diploma will be rescinded. Scammers are using this threat to con recent grads—who have, in fact, paid their full tuition—into sending money via wire transfer or prepaid debit card, which cannot be tracked or recovered. Another version of this scam attempts to convince college students (and/or their parents) that they owe tuition and need to pay immediately to ensure they remain enrolled.

If you receive an email, text, or call about an unpaid bill, do not engage—instead, contact your school's bursar or financial services office directly. You will typically receive communication from higher education institutions by mail or via a secure student portal—not as an urgent message demanding money.

Student loan scams

Student loans have been targets for scammers for years—made easier by the starting and stopping of loan forgiveness programs—and recent college grads who are getting ready to make their first payments are common victims. You may get an unsolicited call, text, or email from a company offering debt relief or debt forgiveness services for a fee. In some cases, the company is legit but making false claims, and in others, the whole thing is a scam. They may ask for upfront payment, usually via gift card or wire transfer, and never deliver, or gather a bunch of personal information that can be used to steal your identity.

While the status of loan forgiveness can be difficult to follow, you should know the details of your loan, including when payments are due to begin, and look for official sources regarding loan forgiveness options.

Job scams

Employment scams range from fake job listings to unsolicited texts from "recruiters" offering a position while demanding personal information and payment for "training." Recent grads may be promised an entry-level remote role at a completely unrealistic salary, and scammers collect everything from your Social Security number to your bank account information in exchange for the offer. Other schemes have you pay upfront for training or equipment you never receive (because the job isn't real) or pay you too much with a fake check and ask for reimbursement via app or wire transfer.

No one is getting too-good-to-be-true jobs in this market. Always do your due diligence on companies before applying for a position or accepting an offer: Review the official website for contact information and job postings, and consider reaching out to HR or employees you locate independently to confirm that a position is legit. Don't ever pay for anything up front.

Moving scams

The moving industry seems to be rife with scams, and recent grads who need to move across town or out of state are not immune. Moving companies may charge more money than was quoted and, in the worst cases, hold your stuff hostage unless you pay. Or they may simply not show after you've paid a deposit for the move.

Red flags for moving companies include estimates delivered quickly and with little information collected about your move, full payments demanded before the move, and non-refundable deposits paid via peer-to-peer apps and bank transfers (negating the protection of credit cards). Thoroughly research the company to understand how moving brokers operate, and make sure you get everything in writing.

Rental scams

If you make it through the actual move unscathed, you could still encounter a rental scam. As with job scams, these involve listings that sound too good to be true, with lots of amenities in a desired location at an affordable price. (Like job scams, most renters aren't getting these deals in this market.) Fraudsters may even use real properties in their listings to lure you in. Once they have you, they collect a deposit, first month's rent, and a bunch of personal information while leaving you with nowhere to live.

While you may pay your actual rent via Zelle, PayPal, or Venmo, you shouldn't use these services to send a deposit for a rental you haven't seen to a landlord you haven't met. Search the listing on Zillow, Redfin, and other rental sites to look for inconsistencies that could indicate a scam. Verify the address, look at Google street view, and visit (or send someone you trust in your place) before paying any money if you can.

It's always storm season somewhere, and recent disasters in the South and Midwest have left significant damage in their wake. Unfortunately, scammers strike when people are vulnerable. Some seemingly helpful individuals and organizations may be what the Better Business Bureau calls "storm chasers"—fraudsters who target homeowners impacted by severe weather or a natural disaster that causes damage and necessitates major repairs.

How storm recovery scams work

Post-storm home improvement scams can play out in a number of ways, but they usually start with an unsolicited phone call or knock on your door from a "contractor" offering to repair your home quickly and on the cheap. They may say that they are doing work for your neighbors and have leftover materials and extra time and can offer you a deal. They may pressure you to pay upfront so they can begin immediately. They may tell you that you can submit the bill to your homeowners insurance for reimbursement or persuade you to sign over your claim payment to them.

More than likely, none of this is true. These fake contractors will take your money and run, sometimes without doing any work at all. Or they'll do such shoddy repairs that you'll end up paying again to have it done right.

This isn't the only way in which people attempt to take advantage of post-storm recovery efforts. Scammers will set up fake donation sites and collect money that'll never be distributed to the cause or community they claim to represent. Some bad actors may even impersonate FEMA personnel or other first responders to gain unchecked access to disaster areas and, as a result, your property and any belongings (including documents containing personal information) left behind.

Watch out for storm recovery scam red flags

When you're trying to rebuild your home and your life after a storm, it may be hard to turn down help that's offered—but as always, if it sounds too good to be true, it probably is. There are a number of red flags that you might be dealing with a scam contractor:

• They demand cash or prepaid debit cards or payment via peer-to-peer apps.

• They promise a huge discount but are vague about the final price.

• They pressure you to make a decision on the spot.

• They request payment up front.

• They claim to have leftover materials to offer for cheap.

• They refuse to provide a contract.

• They say you're responsible for pulling permits.

• They try to avoid inspections.

The best way to avoid this scam is to not act out of urgency or emotion. Take the time to do your due diligence: Check the contractor's license and insurance, and request a written estimate and contract. Get several estimates for the job, even if it takes time. Don't pay the full fee until the work is finished to the contract specs.

If damage is the result of a storm or weather event, do not pass go until you've contacted your homeowners insurance company. You should begin the claims process as soon as you can and document everything as thoroughly as possible. Taking any other action before making this call could compromise what your policy covers.

Finally, you should take steps to secure high-value belongings and sensitive documents so they're not easily exposed in the event of a disaster, and always research organizations before you donate.