Frustrated by fragmented war news, Anghami’s Elie Habib built World Monitor, a platform that fuses global data, like aircraft signals and satellite detections, to track conflicts as they unfold.
A pair of US lawmakers are calling for an investigation into how easily spies can steal information based on devices’ electromagnetic and acoustic leaks—a spying trick the NSA once codenamed TEMPEST.
A highly sophisticated set of iPhone hijacking techniques has likely infected tens of thousands of phones or more. Clues suggest it was originally built for the US government.
John C. isn’t the person you picture getting scammed.
He’s 36. He’s tech-savvy. He’s a mechanical engineer leading a team at a national energy lab in Denver. And he told us his story for one reason: “Scammers will target anyone.”
It began with a phone call from someone claiming to be the IRS. They said John had underpaid his taxes and needed to resolve it quickly. The caller sounded polished and convincing, so convincing that John didn’t stop to question it.
“I thought maybe they sent back too much money [in my refund], and they needed it back,” he said. “I was just so busy and overwhelmed that I never really stopped to think about the situation.”
A follow-up email arrived with IRS logos, clean formatting, and a big payment button. John was trying to move fast between classes as he finished up his PhD, and he wanted to correct the situation as quickly as possible.
“I was like, let me just hurry up and do this, get it over with.”
He clicked. He paid. But later, when he checked his statement, he saw the charge didn’t look like an IRS payment at all. In fact, it was an international charge. The whole thing was a scam.
John said the scammer on the phone had appealed to his emotions and been incredibly convincing.
“It was absolutely masterful,” John said. “I would give him an Oscar for it.
And new McAfee research shows John isn’t alone, with nearly 1 in 4 (23%) US adults surveyed revealing they’ve lost money to a tax scam.
Example of a tax scam text message
Key findings from McAfee’s 2026 Tax Season Survey
Here’s what our January 2026 survey of 3,008 U.S. adults found:
The big picture: lots of worry, not enough confidence
82% of Americans say they’re concerned about tax fraud this season.
67% say they’re seeing the same or more tax scam messages than last year.
40% say tax scam messages are more sophisticated than last year.
84% are concerned about AI making tax scams more realistic.
Only 29% say they’re very confident they could spot a deepfake tax scam.
How often scams are reaching people
34% say they’ve been contacted by someone claiming to be the IRS or another tax authority (phone, text, or email).
38% say they’ve been asked to click a link or send payment related to a “tax issue.”
Common asks include SSNs (15%), birth dates (11%), addresses (10%), “you owe back taxes” pressure (9%), and banking details (8%).
Who is getting hit hardest
Nearly 1 in 4 Americans (23%) say they’ve fallen for a tax scam.
Young adults report the highest exposure: 42% of 18–24-year-olds say they’ve fallen for at least one tax scam.
11% of Americans report tax-related identity theft, rising to 17% among ages 25–34.
The money is real
Among people who say they’ve fallen for a tax scam, the average loss is $1,020.
Separately, nearly 1 in 5 Americans say they’ve lost money to a tax scam.
Tax filing is increasingly digital (and that changes the risk)
55% say they file taxes online (software or IRS Free File).
75% say they receive refunds or pay taxes electronically (direct deposit, cards, apps, EFTPS, etc.).
30% say they plan to use an AI tool (like ChatGPT) to help prepare taxes, especially younger adults. This is highly dangerous, even with platform security protections. For example, if an AI tool were compromised in a data breach, user messages with personal tax information (like social security numbers, home address, and more) could be made public.
Tax Scams Now Hit Year-Round, McAfee Labs Finds
In addition to our consumer survey findings, McAfee Labs analyzed malicious URLs, apps, texts, and emails in the months leading up to filing season.
The major takeaway: tax scams don’t wait for April.
Scam activity began climbing as early as November and has again continued building steadily into 2026.
Between September 1, 2025, and February 19, 2026, McAfee Labs identified 1,468 malicious or suspicious tax-themed unique domains, an average of 43 new fake tax websites every day.
In early November 2025 alone, the average number of new tax-themed malicious domains nearly doubled in just over a week. After a brief dip in late December, activity resumed climbing into February, a pattern we expect to intensify as the April filing deadline approaches.
A chart showing the unique, malicious domains detected by McAfee’s Web Advisor
Fake IRS Websites Are A Major Threat
Scammers are rapidly creating lookalike IRS domains that mimic official government URLs.
They use small changes, extra letters, added words, subtle misspellings, to trick taxpayers into believing they’re on a legitimate IRS site.
Examples include domains that insert additional text around “irs.gov” or add misleading subdomains designed to pass a quick glance.
These fake portals are used to:
Steal login credentials
Harvest Social Security numbers and tax IDs
Capture payment details
Charge bogus “processing fees”
In some cases, these sites don’t just steal, they overcharge.
McAfee Labs observed scam services offering to file for an EIN (Employer Identification Number), something the IRS provides for free, and charging as much as $319 for it.
Example of a scam website we found charging for an EIN.
The official IRS website explicitly warns: you never have to pay a fee to obtain an EIN.
Other scam sites misuse legitimate policy terms, like the “Fresh Start Initiative,” to harvest personal data and enroll victims in aggressive robocall and marketing campaigns.
Tax scams don’t always steal outright. Sometimes they monetize confusion.
Here it shows them charging $319 for an EIN, and collecting their personal information.
How a Typical Tax Scam Unfolds
Most tax scams aren’t one single message. They’re a sequence, designed to make you panic, click, and comply.
Below is the common playbook, plus the red flags that show up repeatedly.
*Note: Scammers may swap the details like AI voice, fake IRS videos, cloned websites, or impersonating tax software, but the pattern stays familiar.
Step
What happens
Red flags you’ll see at this step
Red flags that are true every time
What to do instead
1) The hook
You get a call, text, or email claiming there’s a tax issue (refund problem, underpayment, verification needed).
Message arrives out of nowhere, often during busy hours; “final notice” language; spoofed caller ID.
Unexpected contact + urgency.
Don’t engage. Pause. Go directly to IRS.gov or your tax provider’s official site (type it in).
2) The authority move
They lean hard on being “the IRS” or “state tax authority,” sometimes with personal details.
They sound polished; may use AI voice cloning; may cite a “case number.” Fake or meaningless case numbers are very common.
They want you to trust the title, not verify the source.
Ask for written notice and time. Real tax issues can be verified through official channels.
3) The link
They send a link to a “secure portal” or “refund page.”
Never click the link. Navigate to the real site yourself. If unsure, delete it.
4) The data grab
The site (or “agent”) asks for SSN, banking info, login credentials, or details from a prior return.
Requests that are broader than needed; “verify identity” prompts; form fields that feel too invasive.
They want sensitive info fast.
Stop. Don’t type anything. If you already did, assume it’s compromised and act quickly (see next section).
5) The payment push
They demand payment to “avoid penalties,” “release your refund,” or “resolve a mistake.”
Gift cards, crypto, wire transfers, payment apps; pressure to pay today; threats.
Urgency + unusual payment method.
The IRS does not demand immediate payment via text/social, and doesn’t require gift cards or crypto. Verify independently.
6) The escalation
If you hesitate, they intensify: threats, “law enforcement,” or AI video/audio that “proves” it’s real.
Deepfake IRS video, intimidating language, “you’ll be arrested,” “your license will be revoked.”
Fear is the product.
Hang up. Save evidence. Talk to a trusted person. Contact official support through verified numbers.
7) The aftermath
You realize it was a scam—often after noticing a strange charge or login activity.
Charges from odd merchants; new accounts; IRS account alerts; failed tax filing due to “duplicate return.”
Shame keeps people quiet—scammers count on that.
Report it and protect your identity right away. You’re not alone, and it’s not your fault.
Key point: A message can look “official” and still be fake. AI is making scam language smoother and scams more believable. The safest habit is simple: slow down, and verify using official sources you navigate to yourself.
What to do if you’ve been involved in a tax scam
First: take a breath. Scams are designed to trick you, especially when you’re overwhelmed, rushed, or just trying to fix a problem quickly.
John said it plainly: “Don’t be embarrassed. It does happen. It’s common… they will target anyone.”
And he’s right. The most important thing is what you do next.
1) Stop the bleeding: cut off contact
Stop replying
Don’t click anything else
Don’t send more information or money
2) Capture proof (before it disappears)
Take screenshots and save:
Phone numbers, email addresses, usernames
The message content
Links (don’t click them, just copy)
Payment receipts and transaction IDs
3) Lock down your accounts (especially email)
If a scammer gets into your email, they can reset passwords for everything else.
Do this today:
Change your email password first, then banking/tax accounts
Turn on two-factor authentication (2FA)
If you reused passwords anywhere, change those too
Important: If you clicked a suspicious link, downloaded a file, or gave someone remote access to your computer, make sure you use a different, trusted device (like your phone or another computer) to change passwords. Why? If a scammer installed malware or has access to your computer, they may be able to see all of your brand-new passwords as you’re making them.
Tip: A password manager like McAfee’s can help you create strong, unique passwords quickly, without having to memorize them all.
4) Check for identity theft signals
Tax scams often turn into identity theft. Watch for:
IRS notices about a return you didn’t file
Trouble e-filing because a return was already submitted
Alerts about a new IRS online account you didn’t create
If you suspect tax-related identity theft:
Consider filing an IRS identity theft report (commonly done with IRS Form 14039, Identity Theft Affidavit).
Create or log into your IRS account periodically to review account activity (John now does this every few months).
IRS phishing email: If you received a scam email posing as the IRS, you can forward it to phishing@irs.gov.
Your bank or card provider: If you paid, contact them immediately. Even if recovery isn’t guaranteed, speed matters.
6) Clean up your digital footprint
Scammers don’t just use what you give them. They also use what they can look up.
Removing your personal details from risky data broker sites can reduce how easily scammers can target you again. Tools like Personal Data Cleanup can help you identify where your information is exposed and guide removal.
7) Add protection for the next attempt
Tax season scams often come in waves, especially if scammers think your info is “good.”
Helpful layers include:
Web protection to warn you about risky links and lookalike sites before you enter info – get our free WebAdvisor download here
Scam detection that can flag suspicious messages
Identity monitoring to alert you if key personal info shows up in risky places
Run a free antivirus scan to check your device for malware or unwanted programs (especially if you clicked a link or downloaded anything)
The key takeaway
Tax season creates the perfect storm: time pressure, sensitive data, and a lot of official-looking communication.
Our research shows most people are worried, and for good reason. Scammers are getting more convincing, and AI is raising the bar on what “real” looks and sounds like.
“Tell your friends, tell your family,” John said. “Everyone I know at some point has heard this story, and it might just prevent someone from losing… thousands of dollars.”
If you remember just three things this season, make them these:
Pause before you click.
Verify through official channels you navigate to yourself.
If something happens, act quickly, and don’t blame yourself.
After strikes killed senior Iranian officials, Iran cut off internet access. Journalists are relying on satellite links, encrypted apps, and smuggled footage to report from inside the country.
New analysis shows that attacks on satellite navigation systems have impacted some 1,100 ships in the Middle East since the US and Israel attacked Iran on February 28.
This week in scams, we’re looking at three very different stories with the same underlying theme: trust is being exploited at scale.
A massive government contractor data breach has quietly grown to affect more than 25 million people. Meanwhile, a viral AI-generated image of Mary-Kate and Ashley Olsen posing in a fake luxury campaign is spreading across social media, fooling some users and alarming others.
And in a new threat report, OpenAI detailed how its own tools are being misused for dating scams, impersonation, and influence operations.
Let’s break it down.
The Conduent Data Breach Now Impacts 25+ Million People
The fallout from a ransomware attack on Conduent, one of the largest government contractors in the U.S., continues to expand.
According to reporting from TechCrunch, updated state-level breach notifications now indicate that more than 25 million people across the U.S. have had personal data exposed.
Conduent provides services tied to state benefit programs, including food assistance, unemployment systems, and other government payment processing operations. The company has said its services reach over 100 million people.
Data reportedly exposed in the breach includes:
Names
Dates of birth
Addresses
Social Security numbers
Health insurance and medical information
TechCrunch noted that the majority of affected individuals appear to be in Oregon and Texas, based on state breach disclosures. Other states have also reported an impact.
The attack has been described as one of the largest government-contractor-related data breaches in recent memory.
Why this matters: When companies that process government benefits are hit, the exposed data often includes highly sensitive identity information. Social Security numbers combined with medical or insurance details can significantly increase the risk of identity theft and fraud.
How to Protect Yourself After a Major Data Breach
If you believe your data may have been exposed:
Monitor your credit reports for unfamiliar activity
Consider placing a free credit freeze
Be wary of phishing emails or texts referencing benefits or account verification
Never share personal information in response to unexpected outreach
Breaches like this often lead to secondary scams months later. The breach itself is only phase one. Phishing campaigns usually follow.
That Viral Olsen Twins “Louis Vuitton” Image? It’s AI.
A supposed luxury campaign featuring Mary-Kate and Ashley Olsen began circulating widely on X and Facebook this week, racking up millions of views.
The images show the twins styled in what appears to be a high-end fashion shoot, drawing numerous comments over their styling. But social media users quickly pointed out visual irregularities and inconsistencies commonly associated with AI-generated imagery.
A screenshot of one of the AI images making thr rounds across social media.
While this doesn’t fall into our typical “scam” roundup, the normalization of AI-generated visuals that look close enough to real to confuse people are a growing issue that can lead to real confusion and distrust.
We have entered a phase where:
Fake ads look legitimate
Public figures appear in campaigns they never participated in
Synthetic images spread faster than corrections
Today it’s a fashion ad. Tomorrow it could be a fake political endorsement, financial announcement, or emergency alert.
The takeaway: If you see a surprising campaign or announcement, verify it through official brand websites or verified accounts before assuming it’s real.
OpenAI Details How ChatGPT Is Being Misused
In a newly released threat report, OpenAI outlined several ways its tools have been abused by bad actors.
A cluster of accounts used ChatGPT to run a dating scam targeting Indonesian men, allegedly defrauding hundreds of victims per month.
Some accounts used the tool to generate promotional copy and ads for a fake dating platform that pressured users into completing costly “tasks.”
Other accounts posed as law firms, impersonating real attorneys and U.S. law enforcement to target fraud victims.
OpenAI also banned accounts linked to activity believed to be part of influence operations, including efforts targeting Japanese political figures.
OpenAI stated that the activity was detected and accounts were removed.
Why this matters: AI tools themselves are not inherently scams. But they dramatically lower the cost and increase the scale of fraud operations. Writing persuasive emails, generating fake legal letters, building scam ads… these now require fewer technical skills than ever before.
The technology doesn’t create the criminal intent. It just accelerates it.
McAfee’s Safety Tips This Week
Assume viral images could be AI-generated until verified
Verify unexpected announcements through official websites
Treat post-breach emails as suspicious by default
Be skeptical of online “consultation” invites that promise payment
Never send money to someone you’ve only met online
We’ll Be Back Next Week
From ransomware breaches to AI-generated impersonations, the pattern is clear: scammers are scaling trust manipulation with technology.
Stay skeptical. Verify before you click. And we’ll be back next week with another breakdown of what’s making headlines, and what it actually means for your security.
A report copublished by WIRED sparked a probe into opt-out pages hidden by data brokers. Now congressional Democrats say breaches tied to the industry have cost people tens of billions of dollars.
The new open source project IronCurtain uses a unique method to secure and constrain AI assistant agents before they flip your digital life upside down.
Drug kingpin Nemesio “El Mencho” Oseguera Cervantes may be dead, but the Jalisco cartel he ran for years will likely outlive him—thanks, in part, to the criminal group’s embrace of technology.
Plus: The cybersecurity community grapples with Epstein files revelations, the US State Department plans an online anti-censorship “portal” for the world, and more.
Following increased surveillance and patrols of routes used by transnational drug-trafficking networks, Mexican authorities have seized approximately 10 tons of cocaine in the past week alone.
Homeland Security aims to combine its face and fingerprint systems into one big biometric platform—after dismantling centralized privacy reviews and key limits on face recognition.
Comments and other data left on a PDF detailing Homeland Security’s proposal to build “mega” detention and processing centers reveal the personnel involved in its creation.
AI is supposed to make the internet easier. But right now, it’s also making scams easier.
Every week, we round up the biggest scam and cybersecurity stories of the moment so you can recognize red flags, protect your accounts, and avoid the most common traps scammers are using.
This week in scams, we’re talking AI-powered search scams, a major fintech data breach, and an unexpected ticket fraud scheme that allegedly cost the Louvre millions.
Let’s jump in:
Google AI Overviews Are Being Used to Scam People Out of Money
Google Search doesn’t just show links anymore. Now, it often shows AI-generated summaries at the top of the page called AI Overviews, quick answers designed to save you time.
But according to reporting from WIRED, scammers are finding ways to exploit these AI summaries by planting fake customer support phone numbers into search results.
Here’s how the scam works: Someone searches for a bank, airline, or service provider, usually something like “Company name customer support number.” Then Google’s AI Overview pulls a phone number from somewhere online and displays it as if it’s legitimate.
The problem? Sometimes that number doesn’t connect you to the company at all.
Instead, it connects you to a scammer impersonating customer service, someone trained to sound helpful, calm, and official, while quietly steering you toward sharing payment information, account details, or verification codes.
This isn’t just misinformation. It’s a direct path into fraud.
Google told WIRED it’s working to strengthen anti-spam protections in AI Overviews, but also recommends users double-check customer support numbers through additional searches.
Key red flags to watch for
The AI Overview provides a phone number without clearly showing where it came from
The “support agent” asks for payment information immediately
The person asks for your login credentials, bank info, or verification codes
The caller pressures you to act quickly (“your account will be frozen”)
The number doesn’t match what’s listed on the company’s official website
How to protect yourself
If you’re looking for a customer support number, don’t rely on an AI summary.
Go directly to the company’s official website and find their contact page
Verify the phone number through multiple sources
If the person on the phone asks for passwords or MFA codes, hang up immediately
Treat any urgency or threats (“you must act now”) as a scam signal
The big lesson: AI can summarize the internet, but it can’t always verify the truth.
Data Breach Watch: Fintech Firm Figure Exposes Nearly 1 Million Accounts
If you’ve applied for a loan, worked with a fintech service, or interacted with a home equity platform recently, this one is worth paying attention to.
According to BleepingComputer, fintech company Figure Technology Solutions was breached in a social engineering attack, with hackers reportedly stealing personal data tied to nearly 967,200 accounts.
The exposed data reportedly included names, email addresses, phone numbers, physical addresses, and dates of birth. And that’s exactly what scammers use to build believable impersonation attempts.
Why this matters
Even if you’ve never heard of Figure, data breaches like this can ripple outward fast.Once scammers have your email, phone number, and date of birth, they can launch more convincing scams like:
Fake “account verification” calls
Fraudulent loan or credit applications
Phishing emails pretending to be financial institutions
Identity theft attempts using your personal details
And because this breach was reportedly caused by social engineering, it’s also a reminder that the weakest link in security isn’t always technology, it’s human trust.
Key red flags to watch for after a breach
Calls claiming your loan account needs immediate verification
Emails asking you to “confirm your identity” using a link
Messages that include personal details to sound legitimate
Fake financial support agents asking for payment or login credentials
What to do right now
Change passwords (especially if you reuse them across accounts)
Turn on multi-factor authentication where possible
Monitor your credit report for unusual activity
Be skeptical of unexpected financial messages, even if they seem personalized
After breaches like this, scammers often wait weeks or months before striking, because they know people stop paying attention.
A Scam at the Louvre Allegedly Cost $12 Million
Not every scam story is about malware or phishing links. Some are about old-fashioned fraud, executed at a scale that feels almost unbelievable.
According to reporting from The New York Times, French investigators uncovered a ticket fraud scheme that may have cost the Louvre in Paris nearly $12 million over a decade.
Officials say the suspected scam involved tour guides allegedly reusing tickets multiple times, bribes paid to museum employees, and tourist groups being split up to avoid additional fees.
Last week, police reportedly arrested nine people in the case, including two museum employees.
Investigators also believe similar fraud may have taken place at Versailles.
The Takeaway
This wasn’t a one-time trick. Investigators believe the network may have been running for years, allegedly bringing in multiple tour groups per day.
It’s a reminder that scammers don’t always need to “hack” a system.
Sometimes, they just find a weak point, then repeat it until it becomes a business model.
The bottom line: the Louvre story is dramatic, but the lesson is familiar. Scams thrive anywhere oversight is stretched thin, systems are overwhelmed, and people assume someone else is double-checking.
Whether it’s a museum ticket scanner or an AI-generated search result, scammers will always look for the fastest path through the cracks.
McAfee’s Safety Tips for This Week
This week’s scam pattern is all about one theme: trust shortcuts.
AI summaries that feel official. Phone numbers that look real. Support agents who sound convincing. Breach data that makes phishing more believable.
The best defense is slowing down and verifying before you act.
Here are the smartest moves to make right now:
Don’t trust AI Overviews (or search snippets) for customer support phone numbers. Always verify through the company’s official website.
Treat “customer service” calls with caution, especially if they ask for payment info, passwords, or MFA codes.
Never share verification codes, even if someone claims they’re just “confirming your identity.”
Watch for phishing attempts after major breaches. Scammers often use stolen data to make messages feel personal and urgent.
Be suspicious of pressure tactics like “your account will be frozen” or “you must act immediately.”
If you think your personal data may be exposed, monitor your credit and update your passwords now, not later.
Use tools like McAfee Web Protectionto avoid dangerous links, bad downloads, malicious websites, and more.
We’ll be back next week with another roundup of the scams making headlines, and what you can do to stay ahead of them.
Login
.jpg)
