Technology
How cyberscams are draining Americans wallets by the billions
Cyberscams have reached alarming levels in the U.S., with nearly 30% of Americans falling victim to fraudulent schemes in the past year alone.
The financial toll is staggering — scams cost Americans over $159 billion annually, with average individual losses now exceeding $3,500 per victim. This epidemic is not just a financial crisis but also a human rights issue, as many scams originate from forced labor operations in Southeast Asia.
With nearly 90% of Americans targeted by scam attempts and 40% receiving suspicious messages daily, the question remains: how can we protect ourselves and hold perpetrators accountable in an increasingly digital world?
STAY PROTECTED & INFORMED! GET SECURITY ALERTS & EXPERT TECH TIPS — SIGN UP FOR KURT’S THE CYBERGUY REPORT NOW
The word scam with data in the background (Kurt “CyberGuy” Knutsson)
The mechanics of “pig butchering”
One of the most pervasive scams today is the so-called “pig butchering” scheme. Originating in China and spreading across Southeast Asia, this scam involves criminals building trust with victims through social media or messaging apps. Once trust is established, victims are lured into fraudulent cryptocurrency investment schemes. These scams are meticulously crafted to appear legitimate, often involving fake trading platforms and simulated profits. Victims are encouraged to invest more until they are “slaughtered,” losing their entire savings when the scammers vanish with their funds.
9 WAYS SCAMMERS CAN USE YOUR PHONE NUMBER TO TRY TO TRICK YOU
Forced labor behind these scam centers
What makes these scams even more horrifying is their reliance on human trafficking. Criminal syndicates in countries like Myanmar, Cambodia and Laos force trafficked individuals to run these operations under threat of violence. These “scam centers” operate in lawless regions controlled by rebel groups or corrupt officials, making international intervention challenging. Survivors describe conditions akin to modern slavery, with physical abuse and even torture being common.
Illustration of a scam on a computer key. (Kurt “CyberGuy” Knutsson)
BEST PRESIDENT’S DAY DEALS
Why America is a prime target
Cyberscams have taken hold in the U.S. for several reasons that make it particularly vulnerable. As an American, you’re likely connected to the digital world through social media platforms, messaging apps and other online tools. This high level of connectivity makes it easier for scammers to reach you directly, whether through a text message, email or social media chat. The sheer number of people online in the U.S. creates a vast pool of potential targets for cybercriminals.
Additionally, the growing popularity of cryptocurrency in the U.S. has made it a prime medium for fraud. Cryptocurrency transactions are fast, anonymous and difficult to trace, which makes them ideal for scammers looking to steal funds without leaving a trail. Many scams are designed to exploit this lack of transparency, leaving victims with little chance of recovering their money once it’s gone.
Another major issue is the lack of a centralized reporting system for cyberscams in the U.S. If you’ve ever been scammed or know someone who has, you might have noticed how confusing it can be to figure out where to report the crime — whether to the FBI, the Federal Trade Commission (FTC) or another agency. This fragmented system not only makes it harder for victims to seek help but also prevents authorities from gathering comprehensive data to tackle the problem effectively. These factors combined have made Americans some of the most targeted individuals in the world when it comes to cyberscams.
Illustration of a scammer at work. (Kurt “CyberGuy” Knutsson)
FBI’S NEW WARNING ABOUT AI-DRIVEN SCAMS THAT ARE AFTER YOUR CASH
Global solutions: Lessons from other nations
Several countries have implemented innovative measures to combat cyberscams, offering valuable lessons for the U.S. Singapore, for instance, has introduced a mandatory SMS Sender ID Registry (SSIR) that requires organizations to register their alphanumeric Sender IDs. This system effectively blocks unregistered SMS senders, significantly reducing impersonation scams. In fact, cases involving scam SMSes in Singapore fell by 70% over three months after mandating the SSIR.
Britain has taken a different approach by establishing a dedicated “159” hotline, allowing residents to instantly verify suspicious calls. This simple yet effective system provides a quick way for individuals to check the legitimacy of unexpected communications, potentially preventing many scams before they occur.
WHAT IS ARTIFICIAL INTELLIGENCE (AI)?
Many nations have also implemented stricter authentication measures, such as biometric checks and in-app verifications, which have proven highly effective in reducing fraud. For example, Singapore has required facial verification for higher-risk transactions through Singpass since 2022, resulting in no further reports of malware-enabled scams involving unauthorized CPF withdrawals since its implementation in June 2023.
Some countries are exploring ways to slow down cryptocurrency transactions or cap transfer amounts, which could significantly hinder scammers who rely on quick, anonymous transfers. These measures, combined with a coordinated global response involving major victim nations like the U.S. and China, could prove instrumental in dismantling criminal networks more effectively. By learning from these international examples and adapting them to the American context, the U.S. could significantly strengthen its defenses against the rising tide of cyberscams.
Illustration of scamming techniques. (Kurt “CyberGuy” Knutsson)
Tips to protect yourself and your loved ones
Recognizing red flags is essential to avoid falling victim to scams. Here are some important red flags to be aware of:
- Unsolicited calls or emails: Be wary of anyone asking for personal or financial information. Legitimate organizations will not ask for sensitive information in this manner.
- Urgent requests for payment: Scammers often demand immediate action to avoid scrutiny. Take a moment to verify the request through official channels before responding.
- Unfamiliar contact information: Be cautious if the contact information provided does not match the official contact details of the company or organization.
- Untraceable payment methods: Requests for payment via gift cards, cryptocurrency or wire transfers are major warning signs. Reputable companies will not ask for these types of payments.
- Too good to be true offers: If an offer seems too good to be true, it likely is. Research and verify any claims before proceeding.
10 ways to protect yourself from being scammed
Protecting yourself and your loved ones from scams requires vigilance and awareness. Here are eight effective ways to safeguard against scammers:
1. Verify before you act: Always verify the identity of the person or organization contacting you. Use official contact information to reach out directly and confirm the legitimacy of the request.
2. Limit personal information sharing: Avoid sharing personal or financial information over the phone, email or online unless you are certain of the recipient’s identity and legitimacy.
3. Use strong, unique passwords for all your accounts: A robust password should include a mix of uppercase and lowercase letters, numbers and symbols. Avoid reusing passwords across multiple platforms, and consider using a reputable password manager to store and generate complex passwords securely.
4. Enable two-factor authentication (2FA) wherever possible: 2FA adds an extra layer of security by requiring a secondary verification method, such as a code sent to your phone or biometric authentication. This ensures that even if your password is compromised, unauthorized access remains highly unlikely.
5. Keep your devices and software up to date: By regularly installing the latest updates and security patches, you can ensure your devices are equipped with the latest security features and bug fixes, reducing the risk of becoming a target for cyberattacks. Many cyberattacks exploit unpatched vulnerabilities, so enabling automatic updates for your operating system, apps and antivirus software can significantly reduce your risk.
6. Invest in personal data removal services: Consider using a service that specializes in removing your personal information from the internet to reduce your exposure to potential scammers. While no service promises to remove all your data from the internet, having a removal service is great if you want to constantly monitor and automate the process of removing your information from hundreds of sites continuously over a longer period of time. Check out my top picks for data removal services here.
7. Monitor financial accounts: Regularly check your bank and credit card statements for any unusual or unauthorized transactions. Promptly report any suspicious activity.
8. Be skeptical of unsolicited requests: Treat unexpected requests for money or personal information with caution. Scammers often create a sense of urgency to pressure you into acting quickly.
9. Be vigilant against phishing attempts and use strong antivirus software: Avoid clicking on links or downloading attachments from unsolicited emails or messages. Ensure your devices are protected with strong antivirus software that can detect and block malicious activities. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.
10. Report Suspected Scams: If you suspect you’ve encountered a scam, report it to your local authorities, the Federal Trade Commission (FTC), and any relevant financial institutions.
SUBSCRIBE TO KURT’S YOUTUBE CHANNEL FOR QUICK VIDEO TIPS ON HOW TO WORK ALL OF YOUR TECH DEVICES
Kurt’s key takeaways
The rise of cyberscams is not just an economic issue but a moral one that demands immediate action. With billions lost annually and countless lives disrupted, we cannot afford complacency in addressing this crisis. By learning from global best practices and fostering international collaboration, we can begin to dismantle these criminal networks. Be sure to follow the steps I outlined to keep yourself safe.
What do you think should be done to tackle cyberscams more effectively? Should governments focus on stricter regulations or public education campaigns? Let us know by writing us at Cyberguy.com/Contact
For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter
Ask Kurt a question or let us know what stories you’d like us to cover.
Follow Kurt on his social channels:
Answers to the most-asked CyberGuy questions:
New from Kurt:
Copyright 2025 CyberGuy.com. All rights reserved.
Meta is “temporarily pausing” the ability for teens to chat with its AI characters as it develops a “new version” of the characters that will offer a “better experience.” The company made the announcement in an update to a blog post from October where the company had detailed more parental controls for teen AI use. The change blocking teens from accessing the characters will go into effect “starting in the coming weeks.”
”Since we announced our plans to build parental controls for AI characters in October, we started developing a new iteration of AI characters generally (i.e. for both adults and teens),” spokesperson Sophie Vogel tells The Verge. “Rather than building the parental controls twice (for the current AI characters and the new iteration of AI characters) we’re pausing teen access to the current version while we focus on the new iteration. When that new iteration is available for teens, it will come with parental controls.”
According to TechCrunch, “Meta said that it heard from parents that they wanted more insights and control over their teens’ interactions with AI characters, which is why it decided to make these changes.”
In October, Meta announced that parents would be able to block their teens’ access to one-on-one conversations with its AI characters, block their teens from talking with specific AI characters, and share insights with parents on the topics their teens discuss with Meta’s AI characters and its AI assistant. The original plan was to roll out those controls early this year.
Last year, also in October, Meta changed Instagram teen accounts to allow teens to be able to see content that’s reflective of what might be shown in a movie rated for people that are 13 or older.
Update, January 23rd: Added information from a Meta spokesperson.
NEWYou can now listen to Fox News articles!
Cybercriminals are happy to target almost any industry where data can be stolen. In many cases, less prepared and less security-focused companies are simply easier targets.
A recent ransomware attack on a company tied to dozens of gas stations across Texas shows exactly how this plays out. The incident exposed highly sensitive personal data, including Social Security numbers and driver’s license details, belonging to hundreds of thousands of people.
The breach went undetected for days, giving attackers ample time to move through internal systems and steal sensitive data. If you’ve ever paid at the pump or shopped inside one of these convenience stores, this is the kind of incident that should make you stop and pay attention.
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
What happened in the Gulshan ransomware attack
According to a disclosure filed with the Maine Attorney General’s Office, Gulshan Management Services, Inc. reported a cybersecurity incident that impacted more than 377,000 individuals. Gulshan is linked to Gulshan Enterprises, which operates around 150 Handi Plus and Handi Stop gas stations and convenience stores across Texas.
WINDOWS 10 USERS FACE RANSOMWARE NIGHTMARE AS MICROSOFT SUPPORT ENDS IN 2025 WORLDWIDE
The company says it detected unauthorized access to its IT systems in late September. Investigators later determined that attackers had been inside the network for roughly ten days before anyone noticed. The intrusion began with a phishing attack, a reminder of how a single deceptive email can still open the door to massive breaches.
Ransomware attacks don’t just hit tech companies. Retailers like gas stations store sensitive customer and employee data that criminals actively target. (Kurt “CyberGuy” Knutsson)
During that window, the attackers accessed and stole personal data, then deployed ransomware that encrypted files across Gulshan’s systems. The compromised information includes names, contact details, Social Security numbers and driver’s license numbers. That combination is especially dangerous, since it can be used for identity theft, account takeovers and fraud that may surface months or even years later.
Why the lack of a ransomware claim still matters
So far, no known ransomware group has publicly taken credit for the attack. That might sound like good news, but it does not necessarily change the risk for affected individuals. In many ransomware cases, silence can mean one of two things. Either the attackers have not yet posted stolen data publicly, or the victim company may have resolved the incident privately.
Gulshan’s filing states that it restored its systems using known-safe backups. That detail often suggests a company chose to rebuild rather than negotiate with attackers. Even so, once data has been copied out of a network, there is no way to pull it back. Whether or not the stolen information ever appears online, the exposure alone puts affected people at long-term risk.
This incident also highlights a recurring pattern. Retail and service businesses handle huge volumes of personal data but often rely on legacy systems and frontline employees who are prime phishing targets. Gas stations may not feel like obvious hacking targets, but their payment systems, loyalty programs and HR databases make them valuable all the same.
We reached out to Gulshan Management Services for comment regarding the breach, but did not receive a response before our deadline.
A customer pumps gas at a gas station on Feb. 13, 2025, in Austin, Texas. (Brandon Bell/Getty Images)
10 steps you can take to protect yourself after a breach like this
If your information was exposed in this breach or any similar ransomware incident, there are concrete steps you can take to reduce the fallout.
1) Monitor your credit and identity closely
If the company offers free credit monitoring or identity protection, enroll in it. These services can alert you early if someone tries to open accounts or misuse your identity. If nothing is offered, consider signing up for a reputable identity theft protection service on your own.
Identity Theft companies can monitor personal information like your Social Security Number (SSN), phone number, and email address and alert you if it is being sold on the dark web or being used to open an account. They can also assist you in freezing your bank and credit card accounts to prevent further unauthorized use by criminals.
See my tips and best picks on how to protect yourself from identity theft at Cyberguy.com.
2) Consider a personal data removal service
The less of your information that’s floating around data broker sites, the harder it is for criminals to target you. Data removal services can help reduce your digital footprint over time.
While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.
Even when no ransomware group claims responsibility, stolen data can still fuel identity theft, fraud, and account takeovers long after a breach occurs. (Kurt “CyberGuy” Knutsson)
Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.
Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.
3) Use a password manager
A password manager helps you create and store unique passwords for every account. If attackers try to reuse stolen data to break into your online accounts, strong, unique passwords can stop that attempt cold.
Next, see if your email has been exposed in past breaches. Our No. 1 password manager pick includes a built-in breach scanner that checks whether your email address or passwords have appeared in known leaks. If you discover a match, immediately change any reused passwords and secure those accounts with new, unique credentials.
FIBER BROADBAND GIANT INVESTIGATES BREACH AFFECTING 1M USERS
Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.
4) Turn on two-factor authentication (2FA) everywhere possible
2FA adds an extra barrier, even if someone has your personal details. Prioritize email, banking, cloud storage, and shopping accounts, since those are often targeted first.
5) Install and keep a strong antivirus software running
Strong antivirus software can help detect phishing attempts, malicious downloads, and suspicious activity before it turns into a full compromise. Keep real-time protection enabled and don’t ignore warnings.
The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.
Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.
6) Watch for phishing and follow-up scams
After breaches like this, scammers often send fake emails or texts pretending to be the affected company or a credit monitoring service. Slow down, verify messages independently, and never click links you weren’t expecting.
7) Review your credit reports regularly
Check your reports from all major credit bureaus for unfamiliar accounts or inquiries. You’re entitled to free reports, and catching issues early makes them much easier to fix.
8) Freeze your credit to stop new accounts from being opened
If criminals expose your Social Security number, place a credit freeze as soon as possible. A credit freeze blocks lenders from opening new accounts in your name, even when thieves have your personal details. The credit bureaus offer freezes for free, and you can temporarily lift one when you apply for credit yourself. This step stops identity theft before it starts, instead of alerting you after the damage is done. If you prefer not to freeze your credit, place a fraud alert instead. A fraud alert tells lenders to verify your identity before approving credit, which adds another layer of protection.
To learn more about how to do this, go to Cyberguy.com and search “How to freeze your credit.”
In the Gulshan attack, hackers spent days inside internal systems, stealing personal data before deploying ransomware that locked down files. (Silas Stein/picture alliance via Getty Images)
9) Protect yourself from tax refund fraud with an IRS Identity Protection PIN
When Social Security numbers are stolen, tax fraud often follows. Criminals can file fake tax returns in your name to steal refunds before you ever submit your paperwork. An IRS Identity Protection PIN (IP PIN) helps prevent this by ensuring only you can file a tax return using your SSN. It’s a simple but powerful safeguard that can block a common form of identity theft tied to data breaches.
10) Lock down existing bank and financial accounts
Don’t just watch for new fraud, proactively secure the accounts you already have. Enable alerts on bank and credit card accounts for large transactions, new payees, or changes to contact information. If your SSN or driver’s license number was exposed, consider calling your bank to ask about additional protections or account notes. Acting early can prevent small issues from becoming major financial problems.
Kurt’s key takeaway
Your personal data doesn’t just live with banks and hospitals. Retailers, gas stations, and convenience store operators also hold information that can cause real harm if it falls into the wrong hands. When attackers get in through something as simple as a phishing email and stay undetected for days, the damage can spread fast. You can’t prevent these breaches yourself, but you can limit how much power stolen data gives criminals by locking down your accounts and staying alert.
Do you think everyday businesses like gas stations take cybersecurity seriously enough? Let us know by writing to us at Cyberguy.com.
CLICK HERE TO DOWNLOAD THE FOX NEWS APP
Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CYBERGUY.COM newsletter.
Copyright 2026 CyberGuy.com. All rights reserved.
TikTok USDS Joint Venture’s mandate is to secure U.S. user data, apps and the algorithm through comprehensive data privacy and cybersecurity measures. It will safeguard the U.S. content ecosystem through robust trust and safety policies and content moderation while ensuring continuous accountability through transparency reporting and third-party certifications.
Data Protection: U.S. user data will be protected by USDS Joint Venture in Oracle’s secure U.S. cloud environment. The Joint Venture will operate a comprehensive data privacy and cybersecurity program that is audited and certified by third party cybersecurity experts. The program will adhere to major industry standards, including the National Institute of Standards and Technology (NIST) CSF and 800-53 and ISO 27001 as well as the Cybersecurity & Infrastructure Security Agency (CISA) Security Requirements for Restricted Transactions.
Algorithm Security: The Joint Venture will retrain, test, and update the content recommendation algorithm on U.S. user data. The content recommendation algorithm will be secured in Oracle’s U.S. cloud environment.
Software Assurance: The Joint Venture will secure U.S. apps through software assurance protocols, and review and validate source code on an ongoing basis, assisted by its Trusted Security Partner, Oracle.
Trust & Safety: The Joint Venture will safeguard the U.S. content ecosystem and have decision-making authority for trust and safety policies and content moderation.
TikTok USDS Joint Venture has three managing investors, Silver Lake, Oracle and MGX, each holding 15%. Completing the full consortium of investors are: Dell Family Office, the investment firm of Michael Dell, Founder, Chairman and CEO of Dell Technologies; Vastmere Strategic Investments, LLC, an affiliate of Susquehanna International Group, LLP; Alpha Wave Partners; Revolution; Merritt Way, LLC controlled and managed by partners of Dragoneer; Via Nova, an affiliate of General Atlantic; Virgo LI, Inc., investment arm of a foundation established by Yuri and Julia Milner in support of science; and NJJ Capital, the family office of Xavier Niel, a French entrepreneur and pioneer in telecommunications. ByteDance retains 19.9% of the Joint Venture.
New Jersey’s Traffic Ranking Reveals Challenges And Safety Focus In 2026 Study
NM Legislature day 4 recap: Impending winter storm cancels committee hearing
No. 22 North Carolina is trying to fix mistakes as the ACC schedule gets tougher
Rural hospitals called ‘not optional’ as North Dakota acts to keep one open
Ohio State has answered all the questions — and more — to become real Big Ten threat
Florida High School Football Rankings: Top 25 teams – Oct. 21
Cleary's 21 help Le Moyne down Central Connecticut State 69-64 in OT
How old is Bo Nix? What to know about Oregon quarterback ahead of 2024 NFL Draft
99th annual Pony Swim held in Virginia
Indiana Members Credit Union announced as new anchor tenant at Bottleworks District
Video: President Trump Rescinds Canada’s Invitation to His ‘Board of Peace’
Post-Roe battle over abortion pills reaches Kentucky gas stations as AG opens investigation
‘Electrifying everything’ is key to Europe’s future, says IEA chief
Ryan Wedding arrested: FBI confirms former Olympian turned drug kingpin in custody
Video: Jack Smith Defends His Trump Indictments During House Hearing
-
Sports5 days agoMiami’s Carson Beck turns heads with stunning admission about attending classes as college athlete
-
Illinois1 day agoIllinois school closings tomorrow: How to check if your school is closed due to extreme cold
-
Detroit, MI1 week agoSchool Closings: List of closures across metro Detroit
-
Pittsburg, PA4 days agoSean McDermott Should Be Steelers Next Head Coach
-
Lifestyle1 week agoJulio Iglesias accused of sexual assault as Spanish prosecutors study the allegations
-
Lifestyle5 days agoNick Fuentes & Andrew Tate Party to Kanye’s Banned ‘Heil Hitler’
-
Sports4 days agoMiami star throws punch at Indiana player after national championship loss
-
Technology1 week agoInside the White House shitposting machine