It shows up in your junk folder with a subject line that practically yells at you: “ATTENTION 1!!!” That alone should raise suspicion. Still, the message quickly escalates. It claims to come from the IMF (International Monetary Fund) and says you are approved for a $4.5 million grant.

That is where things start to fall apart. This type of scam is designed to trigger both excitement and urgency. It also pushes you to hand over sensitive information before you stop to think.

Let’s break down exactly what this email says and why each part signals trouble.

Sign up for my FREE CyberGuy Report

• Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
• For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
• Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

NEW EMAIL SCAM USES HIDDEN CHARACTERS TO SLIP PAST FILTERS

The sender behind this IMF scam email

The email claims to be from the IMF. Yet the reply address is a Gmail account. That mismatch matters.

Legitimate financial institutions do not use free email services for official communication. They also do not ask you to reply to a personal inbox for something this serious.

Why the subject line is a warning sign

“ATTENTION 1!!!” is not how a global financial organization communicates. It is how scammers try to grab you fast.

Urgency lowers your guard. When you feel pressure, you are more likely to respond without verifying anything.

The greeting reveals a mass email

The message opens with “Attention: Sir/Madam.” If your name were truly selected for a multimillion-dollar payment, the sender would use it.

Generic greetings often mean the email was blasted out to thousands of people.

How the story tries to hook you

The email mentions debts tied to contracts, inheritance, lottery and loans. That wide net is intentional.

It increases the odds that something in the message feels familiar. Once that happens, the scam starts to feel personal.

The $4.5 million promise is the bait

The promise of $4.5 million is not random. Large numbers create excitement. They also make you more willing to overlook obvious problems.

Real financial grants do not appear out of nowhere like this.

YOUR EMAIL DIDN’T EXPIRE; IT’S JUST ANOTHER SNEAKY SCAM

Why scammers use real names

The email mentions IMF Managing Director Kristalina Georgieva. That sounds official, which is the point.

Scammers often include real names or titles to make fake messages feel credible. It is a shortcut to trust.

The writing and grammar feel off

Phrases like “Kindly reply me directly” and awkward sentence structure stand out. One odd sentence might not mean much. However, repeated issues like this point to a lack of professional communication.

Major institutions have strict standards for how they write.

The most dangerous request in this email

This email requests:

• Full name
• Address and location
• Phone number
• Age and occupation
• A copy of your passport or driver’s license

That is everything needed for identity theft. Once someone has those details, they can open accounts, target you with more scams or impersonate you. 

The payment method adds false legitimacy

The email promises a bank-to-bank wire transfer. That detail adds a layer of realism. It also sets up the next step. Many scams later ask for “fees” to release the funds.

You send money, and the payment never arrives.

Even the spam excuse is part of the scam

At the end, the email tries to explain away the biggest red flag: “If you have received this message in your SPAM/BULK folder, it is simply because your ISP has introduced restrictions. We urge that you treat it as a matter of urgency.” That is not a reassurance. It is a warning sign.

Scammers know their messages look suspicious, so they try to explain it away before you question it.

THE ONE THING SCAMMERS CHECK BEFORE TARGETING YOU ONLINE

How to stay safe from scam emails

Scams like this follow a pattern, and once you know what to look for, you can shut them down quickly before any damage is done.

1) Ignore and delete the message

Do not reply or engage in any way. Even a quick response tells scammers your email is active, which can lead to more targeted attacks. The safest move is to delete it and move on.

2) Do not click links or download attachments

Scam emails often hide malicious links or infected files. One click can take you to a fake login page or install malware on your device. If you were not expecting the message, do not interact with anything inside it.

3) Use strong antivirus software

Strong antivirus software adds another layer of protection. It can flag suspicious emails, block dangerous websites and stop malicious downloads before they cause harm. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

4) Never send personal documents

No legitimate organization will ask for your passport, driver’s license or other sensitive documents through an unsolicited email. Sending that information can open the door to identity theft and financial fraud.

5) Look closely at the sender

Do not rely on the display name alone. Check the full email address carefully for misspellings, random numbers or free domains like Gmail. Small details often reveal a fake. 

6) Go directly to official sources

If the message seems important, verify it on your own. Type the organization’s website into your browser or use a trusted contact method. Do not use the links or contact details provided in the email. 

7) Remove your personal data from the internet

Scammers often rely on publicly available information to make their messages feel convincing. Data removal services can reduce what is out there, making it harder for criminals to target you in the first place. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

8) Turn on two-factor authentication

Add an extra layer of security to your accounts. With 2FA enabled, a stolen password alone is not enough for someone to get in. This simple step can stop many attacks before they start.

9) Monitor your financial accounts and credit

Check your bank statements and credit reports regularly. Look for unfamiliar charges, new accounts or changes you did not make. Catching fraud early can limit the damage.

10) Consider placing a credit freeze

If you think your personal information was exposed, a credit freeze can help protect you. It prevents new credit accounts from being opened in your name without your approval.

11) Add identity theft protection

Because this scam asks for your name, address, phone number, age, occupation and a copy of your passport or driver’s license, identity theft protection can help you spot trouble faster. A good service can monitor your credit files, alert you to new activity and help you recover if someone uses your information to open accounts or commit fraud in your name. See my tips and best picks on Best Identity Theft Protection at Cyberguy.com

12) Report the scam

Mark the email as phishing in your inbox. This helps your email provider block similar messages and protects other people from falling into the same trap.

Join CyberGuy Live: Lock Down Your Phone in 30 Minutes (Saturday, June 13, 10 am ET)

Your phone holds your email, passwords, photos, banking apps and personal data. In this free, live online class, Kurt the CyberGuy will walk you step by step through simple phone security fixes you can do in real time. You’ll learn how to improve your privacy settings, spot the latest phone scams, use trusted security tools and walk away with a simple checklist to stay protected. Register here: CyberGuyLive.com

Kurt’s key takeaways

This email tries hard to look official. It uses a real organization, a real name and a convincing story. Still, the cracks show up quickly once you slow down. A Gmail reply address, a massive payout, a vague greeting and a request for identity documents all point in the same direction. Scams like this rely on one thing: getting you to act before you think. Take a second look, and the whole thing falls apart.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

If a message promises millions and asks for your personal information, would you pause long enough to question it, or would the urgency pull you in? Let us know by writing to us at Cyberguy.com

Sign up for my FREE CyberGuy Report

• Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
• For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
• Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com.  All rights reserved.

While Blue Origin investigates the root cause behind last night’s spectacular explosion of its New Glenn rocket, it’s already clear that this will be a major setback for NASA’s Moon base plans and Amazon’s fledgling Leo space internet constellation.

The incident occurred at about 9pm at Blue Origin’s Florida launch site during a hot-fire test, where seven engines in the booster stage are lit while keeping the 322-foot-tall rocket fixed to the launchpad. The explosion and ensuing fireball severely damaged the only launchpad Blue Origin has for its New Glenn rocket.

“It’s too early to know the root cause but we’re already working to find it,” wrote Blue Origin boss Jeff Bezos on X. “Very rough day, but we’ll rebuild whatever needs rebuilding and get back to flying. It’s worth it.”

According to sources speaking to Ars Technica, the transporter-erector and one of the lightning towers at LC-36A may not be salvageable. “New Glenn almost certainly will not launch again in 2026, and frankly a launch during the first half of 2027 would be heroic given the launch site concerns,” writes Eric Berger, senior space editor at Ars Technica.

Such a delay would affect NASA’s Moon base plans. NASA announced on Tuesday that New Glenn would deliver a robotic lunar lander as soon as fall 2026. In 2027, Blue Origin is also scheduled to participate in the upcoming Artemis III mission, which will see astronauts docking their Orion capsule with lunar landers developed by SpaceX and Blue Origin.

“Spaceflight is unforgiving, and developing new heavy-lift launch capability is extraordinarily difficult,” said NASA administrator Jared Isaacman on X. “We will work with our partners to support a thorough investigation of this anomaly, assess near-term mission impacts, and get back to launching rockets.”

The New Glenn rocket that exploded Thursday night was being prepped to carry 48 Amazon Leo satellites — the largest batch ever slated for a single launch — into low-Earth orbit on an upcoming mission. The satellites were not onboard.

To date Amazon has launched just over 300 of the 1,618 Leo satellites the FCC requires by July 30, 2026. Amazon has applied for an extension to keep its license.

Amazon had been counting on New Glenn’s massive payload capacity and reusable boosters to accelerate a launch schedule that is already behind. Without its primary workhorse, Amazon will be forced to rely more heavily on secondary providers like United Launch Alliance (ULA) and Arianespace — and its chief rival, SpaceX.

“Sorry to see this,” wrote fellow billionaire spaceman Elon Musk on X. “I hope you recover quickly.”

You may stop at 7-Eleven for coffee, gas, snacks or a quick drink. What you probably do not expect is to see the company’s name tied to a data breach involving personal information.

That is what happened after breach notification service Have I Been Pwned added 7-Eleven to its database. The service says the breach exposed about 185,000 unique email addresses. The exposed data also included names, dates of birth, phone numbers and physical addresses.

The company later said the breach involved certain 7-Eleven systems used to store franchisee documents. That detail is important because the exposed data appears tied to franchise-related records, rather than ordinary store purchases. Still, if your information was part of the leak, the risk can feel very personal.

Sign up for my FREE CyberGuy Report

• Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
• For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.

Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

CONDUENT DATA BREACH HITS MILLIONS ACROSS MULTIPLE STATES

7-Eleven data breach: What happened?

According to Have I Been Pwned, 7-Eleven was targeted in April 2026 by a “pay or leak” extortion campaign linked to ShinyHunters. The data was later published that same month.

Hackers claimed they had stolen data and threatened to release it unless they were paid.

7-Eleven’s chief information security officer, Jim Kastle, said an unauthorized third party accessed an internal server that contained franchisee documents. The company said the incident involved certain systems used to store those records.

That makes this breach different from a typical customer checkout breach. Based on the company’s notification language, the affected records appear connected to franchise applications or franchisee documents.

10 SIGNS YOUR PERSONAL DATA IS BEING SOLD ONLINE

What data was exposed in the 7-Eleven breach?

Have I Been Pwned says the breach exposed 185,000 unique email addresses. The exposed information also included:

• Names
• Dates of birth
• Physical addresses
• Phone numbers
• Email addresses

Some breach filings also pointed to more sensitive details in certain records. Those details included Social Security numbers and driver’s license numbers. That extra information raises the stakes. Names and addresses can fuel phishing. Dates of birth can help scammers sound convincing. Social Security numbers and driver’s license numbers can create a higher risk of identity theft.

THINK YOU’RE SAFE? IDENTITY THEFT COULD WIPE OUT YOUR ENTIRE LIFE’S SAVINGS

Why the 7-Eleven breach could still matter to you

You may wonder, “I only buy coffee there. Should I care?” For most everyday 7-Eleven shoppers, this breach may not involve store purchase history. However, anyone who applied to become a franchisee, handled franchise documents or shared personal information through that process should pay close attention.

Even when a breach affects a limited group, the exposed data can still spread. Once hackers publish personal records, scammers can reuse them in many ways.

Fake emails could mention 7-Eleven by name. Phone calls may include your name, number or address to sound legitimate. Scammers could also send messages that pressure you to “verify” your identity after the breach. That is where the real damage often begins.

MICROSOFT ‘IMPORTANT MAIL’ EMAIL IS A SCAM: HOW TO SPOT IT

How scammers may use leaked 7-Eleven data

Hackers do not need every detail about you to cause trouble. A few personal facts can make a scam feel believable.

For example, a scammer might send an email that claims to be from 7-Eleven, an identity theft protection company or a breach response team. The message may say you need to click a link to activate identity protection. It may also ask you to confirm your Social Security number, upload your driver’s license or enter banking details.

That kind of message can feel urgent. Scammers count on that reaction.

They know people act quickly when they feel scared. They may use phrases like “final notice,” “account locked,” or “breach claim pending” to push you into clicking before thinking.

 DIY IDENTITY PROTECTION VS PAID SERVICES: WHAT WORKS IN 2026

What 7-Eleven says about the data breach

7-Eleven reportedly notified affected individuals and arranged identity theft protection for up to 24 months.

If you receive a notice, read it carefully. Use the official instructions in the letter. Avoid clicking links in random emails or text messages that claim to offer breach help.

Instead, type the official website address into your browser yourself. You can also contact 7-Eleven through a verified channel.

We reached out to 7-Eleven for comment, but did not hear back before our deadline.

CHECK IF YOUR PASSWORDS WERE STOLEN IN HUGE LEAK

Ways to stay safe after the 7-Eleven data breach

A breach can feel out of your hands. However, you still have several smart moves available.

1) Check whether your email was exposed

Go to Have I Been Pwned at haveibeenpwned.com and search your email address. The service lets you see whether your email appears in known breach databases, including the 7-Eleven listing. If your email appears, do not panic. Treat it as a signal to tighten your accounts and watch for targeted scams. When done, come back here for Step 2.

2) Change your passwords immediately

Start with your most important accounts, such as email, medical and banking. Use strong, unique passwords with letters, numbers and symbols. Avoid predictable choices like names or birthdays. Never reuse passwords. One stolen password can unlock multiple accounts.  A password manager makes this simple. It stores complex passwords securely and helps you create new ones. Many managers also scan for breaches to see if your current passwords have been exposed.  Check out the best expert-reviewed password managers of 2026 at Cyberguy.com.

3) Watch for fake breach emails

Be careful with emails, texts or calls that mention 7-Eleven. Scammers may use the breach as bait. Do not click links from unexpected messages. Instead, go directly to the company’s official website. Also, avoid opening attachments unless you fully trust the sender. The best way to protect yourself from malicious links is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safer. Get my picks for the best 2026 antivirus protection winners for your Windows, Mac, Android & iOS devices at Cyberguy.com

19 BILLION PASSWORDS HAVE LEAKED ONLINE: HOW TO PROTECT YOURSELF

4) Turn on two-factor authentication

5) Place a fraud alert or credit freeze

If your Social Security number or driver’s license number was exposed, consider a credit freeze with Equifax, Experian and TransUnion. A credit freeze makes it harder for criminals to open new accounts in your name. You can lift it when you need to apply for credit. A fraud alert can also warn lenders to take extra steps before approving new credit.

6) Remove your personal information from data broker sites

Leaked information can become even more dangerous when scammers combine it with details already floating around online. Data brokers may list your home address, phone number, relatives, age and other personal details.

You can remove your information manually from individual data broker sites, though that process takes time. A data removal service can help automate opt-out requests and continue monitoring for your information when it reappears. Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

7) Consider identity theft protection

If your Social Security number or driver’s license number was exposed, identity theft protection may be worth considering. These services can monitor your credit, alert you to suspicious activity and help with recovery if someone tries to open accounts in your name. If you receive an official breach notice from 7-Eleven, review any identity protection offer carefully. Go through the official letter or verified company website rather than clicking links in random emails or texts. See my tips and best picks on Best Identity Theft Protection at Cyberguy.com.

8) Monitor your mail and financial accounts

Watch for unfamiliar bills, credit cards, loans or government notices. Also, review your bank and credit card statements. If you see something suspicious, report it right away. The sooner you act, the easier it can be to limit damage.

INSIDE A SCAMMER’S DAY AND HOW THEY TARGET YOU

9) Be careful with phone calls

If someone calls and claims to help with the breach, slow down. Do not give out your Social Security number, driver’s license number or banking details over the phone. Hang up and call the company back using a verified number.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP 

Kurt’s key takeaways

Data breaches have become so common that it is tempting to shrug them off. That can be risky. Personal details such as your name, address, date of birth and phone number can give scammers a running start. The 7-Eleven data breach may not affect every customer who has ever bought a Slurpee or filled up at one of its stores. However, for the people whose information was exposed, it can create a long tail of fraud risk. The best move now is simple. Verify before you click, strengthen your accounts and assume scammers may try to use this breach as a conversation starter.

Should companies face tougher penalties when personal data tied to job, franchise or business applications ends up in hackers’ hands? Let us know by writing to us at Cyberguy.com.

Sign up for my FREE CyberGuy Report

• Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox.
• For simple, real-world ways to spot scams early and stay protected, visit CyberGuy.com – trusted by millions who watch CyberGuy on TV daily.
• Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Copyright 2026 CyberGuy.com.  All rights reserved.