Submitted by Global Scam Watch on

Government agency scamsScammers do not need to invent opportunities - they wait for governments to create them.

Every time a tax authority announces a rebate window, a housing ministry opens a grant application, or a social agency begins distributing cost-of-living payments, criminal networks take note. Within hours, fraudulent websites go live, phishing emails go out, and SMS messages land in the inboxes of people already expecting exactly this kind of correspondence. The timing is not coincidental. It is the entire strategy.

This model works because it exploits anticipation. A person waiting to hear about a benefit payment is already primed to open a message about one. The scammer does not need to build context from scratch. The government already did it for them.

AI Has Industrialized the Problem

What was once a labour-intensive fraud operation has become automated at scale. AI now handles the surveillance work, crawling government websites, news outlets, and official press releases in real time, alerting criminal networks the moment a new program is announced. Fraudulent campaigns can be deployed within minutes of a legitimate government announcement, with AI-generated emails, SMS messages, and spoofed websites ready to go.

Phishing and spoofing scams rose 85.6 percent in 2025 alone, with median losses doubling from $1,000 to $2,060, according to the National Consumers League's annual fraud report. The acceleration is directly tied to AI, which enables criminals to generate highly realistic phishing emails and clone voices at scale, making scams more convincing and allowing them to reach far more targets than before.

The FBI's numbers make the scale undeniable. Government impersonation complaints nearly doubled from roughly 17,300 in 2024 to close to 32,500 in 2025, with documented losses reaching $797 million. For the first time in its nearly 25-year history, the FBI's Internet Crime Complaint Center dedicated a section of its annual report to AI, covering over 22,000 complaints and nearly $893 million in losses.

Some criminal organizations now operate what researchers describe as AI-scam-as-a-service platforms, providing ready-made infrastructure to launch high-volume phishing attacks with minimal technical knowledge required. AI tools can slash what was once 40 hours of manual reconnaissance down to two minutes, producing spoofed emails more advanced and harder to detect than anything created manually.

How the Fraud Operates Across Borders

These operations are not targeted at one country. Scammers monitor administrative cycles internationally and launch coordinated campaigns timed to match each region's program deadlines, tax seasons, and benefit windows.

In the United Kingdom, young adults receive letters and text messages claiming their Child Trust Fund savings are ready to be released, pending verification of their banking details. In North America and Europe, high volumes of fraudulent messages go out during tax filing season, offering fake refunds or threatening penalties for unresolved errors. Families expecting educational bonds or housing payments receive links to spoofed login pages designed to harvest credentials before any legitimate payment is processed.

The fraudulent correspondence uses correct logos, official-sounding language, and accurate references to real programs. Most people receiving these messages have no reason to question them. The scammer's advantage is borrowed authority.

Typosquatting | A Fake Door Built for People Who Do Everything Right

Typosquatting is particularly insidious because it catches people doing the right thing. A person who ignores an unsolicited link and instead types a government web address directly into their browser search bar can still land on a fraudulent page if scammers have registered a near-identical domain.

If the official address is service. gov. ca, scammers may have already claimed service-gov. ca, serivce. gov. ca, or service .gov. com. The difference is invisible to someone glancing quickly at a URL on a mobile screen. Typosquatting targets human behaviour, not software flaws. A single swapped character can bypass filters and deceive attentive people in seconds.

Once a visitor lands on a typosquatted site, the page mirrors the authentic one with copied fonts, matching colour schemes, official logos, and identical navigation. Users are then prompted to log in, verify their identity, or enter banking credentials, believing they arrived there through their own careful navigation.

Typosquatting domains are rarely built for a single use. Criminals reuse them across multiple scams, including credential phishing, fake notices, and fraudulent payment requests. The infrastructure pays for itself many times over.

Postal Quishing | The Digital Blindfold in your Mailbox

Not every scam arrives digitally. One of the fastest-growing fraud methods involves physical mail, and it is catching people off guard precisely because a printed letter feels more credible than a text message.

Postal Quishing, a combination of QR code and phishing, involves sending official-looking letters designed to mirror government mail with near-perfect accuracy. The correct agency letterhead is reproduced. The language matches the tone of authentic government communication. The envelope may carry a legitimate-looking return address. Inside, instead of a clickable link, the recipient finds a QR code with instructions to scan it to confirm eligibility, verify their identity, or claim a payment.

Most people have learned to treat suspicious links in emails with caution. A QR code printed on what appears to be government stationery does not trigger the same alarm; scanning it feels like a reasonable next step. The destination, invisible until the phone processes it, is a credential-harvesting site built to look like the real thing.

Quishing is effective for another reason. Even if delivered via Email, QR codes bypass many email security filters entirely because the attack does not live in a link; it lives in an image. Security tools scanning for malicious URLs do not detect the threat, and the letter itself, arriving in a physical mailbox, never passes through a spam filter.

Tax authorities, benefits administrators, and public health agencies across multiple countries have issued warnings about quishing campaigns impersonating their programs. As a general rule, no government agency anywhere uses QR codes as a standard feature of official correspondence. A QR code in a letter claiming to be from a government body is not a convenience feature, it is a scam.

Deepfakes, Agentic AI and Voice Cloning | Trust as a Weapon

The fraud does not stop at fake websites and letters. Since April 2025, the FBI has documented campaigns in which malicious actors used AI-generated voice messages and text messages to impersonate senior officials, attempting to establish rapport before gaining access to personal accounts or redirecting targets to credential-harvesting sites.

Voice cloning requires as little as three seconds of audio. A scammer pulling clips from a public social media video can reproduce a recognizable voice and deploy it in a phone call within minutes. A 2024 McAfee study found one in four adults had experienced an AI voice scam.

The psychological effect is significant. Hearing a familiar voice, whether one belonging to a government official, a financial institution representative, or a family member, overrides the skepticism most people otherwise apply to unsolicited contact.

Red Flags

Scammers leave consistent tells regardless of how sophisticated their tools become.

  • No legitimate government agency sends unsolicited links through SMS or messaging apps to collect personal or financial information. 
  • No real agency asks for a banking password, a PIN, or a one-time verification code over any channel.
  • Web addresses ending in •com, •net, or •org for services legitimately belonging on a •gov domain are a reliable warning sign.
  • Any message demanding immediate action, threatening loss of a benefit, or promising a payment pending a small processing fee is a scam.
  • Any government letter containing a QR code should be treated as suspicious until verified through an official phone number sourced independently.
  • The urgency is manufactured. Scammers apply time pressure precisely because verification takes time, and verification is what defeats them.

Protecting Yourself

The most reliable defence is also the simplest.

  • Do not click links or scan QR codes in unexpected messages or letters about government programs, tax refunds, or benefit payments; instead navigate directly to the official government website by typing the address into your browser character by character and confirming the domain extension matches what a legitimate agency uses.
  • Bookmark pages you access regularly so you are not retyping addresses from memory under time pressure.
  • Enable two-factor authentication on every account containing financial or personal information. If scammers acquire a password, authentication controls are the next barrier between them and access.
  • When suspicious messages or letters arrive, report them to your country's designated fraud or cybercrime reporting authority. Most countries have a dedicated agency or portal for exactly this purpose.

🇨🇦: Canadian Anti-Fraud Centre at https://www.antifraudcentre-centreantifraude.ca or 1-888-495-8501
🇺🇸: FBI Internet Crime Complaint Center at https://www.ic3.gov
🇬🇧: Action Fraud at https://www.actionfraud.police.uk or 0300 123 2040
🇦🇺: Australian Cyber Security Centre at https://www.cyber.gov.au
🇳🇿: CERT NZ at https://www.cert.govt.nz
🇪🇺: Europol's reporting portal at https://www.europol.europa.eu

If your country is not listed here, search for your national cybercrime or consumer protection agency and file a report directly, be cautious of look-alike agencies, particularly on social media as many of these operate as recovery scammers.

Every report filed contributes to a broader picture of how these operations work and where enforcement resources should be directed.

Scammers move fast. Verification, however brief, is still faster than recovering from fraud.