These are the most common scenarios we hear about from seniors and their families. Each guide gives you a direct verdict — not a hedge — along with exactly what to do and what the scammer is trying to accomplish.
The IRS contacts taxpayers by mail first — never by phone to demand immediate payment. Threats of arrest, deportation, or legal action are hallmarks of this scam.
Social Security numbers cannot be suspended. Any call claiming your SSN is being deactivated due to suspicious activity is fraud — the SSA will never threaten you by phone.
Microsoft does not monitor individual computers for viruses and will never call you unsolicited. No verification needed — any such call is a scam, every time.
Medicare contacts beneficiaries by mail, not by phone. Any call asking for your Medicare number, bank details, or payment is fraud — Medicare never calls for that information.
Amazon is the #1 most-impersonated business in America. They do not call customers about unauthorized charges. If they want computer access or gift card payment, it's a scam.
Friendly wrong-number texts that quickly become personal conversations are a known setup for romance and investment scams. The relationship is real; the investment platform is fraud.
"Your package can't be delivered — incomplete address. Click here." USPS doesn't send unsolicited texts or emails with links about delivery problems. The link is a fake site that steals your information.
"You owe an unpaid toll — pay now or lose your license." E-ZPass, SunPass, FasTrak and the DMV don't text payment links. The link leads to a fake site that steals your card and personal details.
No scenarios match your search. Try a different word, or clear the search.
How to Tell If Something Is a Scam
Scams come in through a phone call, a text, an email, or a website, but almost all of them share the same handful of warning signs. If you spot any of these, treat it as a scam until you've proven otherwise:
- Urgency. You're told to act right now — your account will be closed, you'll be arrested, the deal expires in minutes.
- A trusted name. The contact claims to be a government agency, your bank, a delivery service, a tech company, or even a relative.
- Pressure to pay a certain way. Gift cards, wire transfers, cryptocurrency, or payment apps like Zelle, Venmo, or Cash App are favored by scammers because the money is nearly impossible to get back.
- A request for information. Passwords, Social Security numbers, card numbers, or one-time verification codes.
- Secrecy. You're told not to tell anyone, or not to hang up and check.
The single most reliable defense is simple: stop and verify independently. Hang up or close the message, then reach the company or agency yourself using a number or website you look up on your own — never the contact details the message gave you. Below is how to do that for a phone number, a website or link, and an email.
Is This Phone Number a Scam? How to Check
The most important thing to know: the number and name on your caller ID can be faked. Scammers use "spoofing" to make a call look like it's from your bank, a government office, or a local number. So a familiar-looking number is not proof the call is real.
Signs the call is a scam: it's unexpected, it pressures you to act immediately, it threatens you, or it asks for payment or personal information. If any of that happens, hang up. To check whether it was really your bank or an agency, call them back at the number on your statement, your card, or their official website — not the number that called you.
Be cautious with "reverse phone lookup" websites. Many are unreliable or are themselves trying to sell you something, and a number that looks "clean" can still be spoofed. A safer habit is to let calls from unknown numbers go to voicemail, and to turn on the free spam-call filtering most carriers offer. If a specific story matches one of these, we have a full breakdown: the IRS "you owe money" call, the Social Security "suspended number" call, a Medicare call, an Amazon "unauthorized charge" call, or a Microsoft tech-support call.
Is This Website or Link a Scam? How to Check
Before you click a link or trust a website, slow down and look at the web address itself:
- Read the domain carefully. Scam sites use lookalike addresses — extra words, hyphens, or odd endings (for example, usps-trackings.com instead of usps.com). The real domain is the part right before the first single slash. If it isn't the company's plain, official address, don't trust it.
- The padlock doesn't mean "safe." A padlock or "https" only means the connection is encrypted — scam sites have those too. It is not proof the site is legitimate.
- Don't click links in unexpected messages. Instead, open a new tab and type the company's known address yourself, or use your own bookmark. On a computer you can hover over a link to preview where it really goes.
- Watch for the usual tells. Prices that are too good to be true, pressure to buy now, requests to pay by gift card or wire, spelling and grammar mistakes, no real contact information, and reviews that all sound the same.
When in doubt, don't enter any information. A "scam website checker" can give a second opinion, but no tool is perfect — the safest move is always to reach the real company through a channel you found yourself.
Is This Email a Scam? How to Check
Phishing emails are designed to look official. Check these before you click or reply:
- The sender's actual address. The display name may say "Amazon" or "Chase," but the real email address behind it is often a string of random characters or an unrelated domain. Look at the full address, not just the name.
- A generic greeting. "Dear customer" or "Dear user" instead of your name is a common sign.
- Urgency or threats. Claims that your account is locked, a payment failed, or you'll lose access unless you act immediately.
- Links and attachments. Don't click them. Go to the company's website directly instead. Unexpected attachments can carry malware.
- Requests for sensitive information. A real company won't email you to ask for your password, full card number, or a verification code.
If an email claims there's a problem with one of your accounts, don't use its links — log in to that account the way you normally do, and check for any real notices there.
What Is Phishing, Smishing, and Vishing?
These are three names for the same trick — impersonating someone you trust to steal information or money — delivered three different ways. Phishing arrives by email. Smishing arrives by text message (the word combines "SMS" and "phishing"); the fake USPS package texts and unpaid-toll texts are classic examples. Vishing is the voice version — a phone call in which a scammer poses as your bank, a government agency, or tech support. In every case the defense is the same: don't act on the message itself, and verify directly with the real organization.