Artificial intelligence can do a lot for us. Need to draft an email? AI has you covered. Looking for a better job? AI can help with that, too. It can even boost our health and fitness. Some tools, like AI-powered exoskeletons, can lighten heavy loads and improve performance. 

But it’s not all sunshine and progress. Hackers are also turning to AI, and they’re using it to make phishing scams smarter and harder to spot. These scams are designed to trick people into handing over personal details or money. One woman recently lost $850,000 after a scammer, posing as Brad Pitt with the help of AI, convinced her to send money. Scary, right? 

The good news is that you can learn to recognize the warning signs. Before we dive into how to protect yourself, let’s break down what AI phishing scams really are.

HOW AI BROWSERS OPEN THE DOOR TO NEW SCAMS

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter.

What are AI phishing scams?

AI phishing scams are when hackers use AI to make their scams more convincing. AI helps them create super-realistic emails, messages, voices and even videos. This makes it harder for people to tell what’s real and what’s fake. Old-school phishing emails were easy to spot because of typos and bad grammar. However, thanks to AI tools like ChatGPT, hackers can now create flawless, professional-sounding emails that are much harder to detect. AI-generated phishing emails aren’t the only threat. Hackers are also using AI to pull off scams like:

• Voice clone scams: They use AI to copy the voice of someone you know, like a friend or family member, to trick you.
• Deepfake video scams: They create super-realistic videos of someone you trust, like a loved one or a celebrity, to manipulate you.

Here’s how you can spot these AI-driven scams before they fool you.

1) Spot common phishing email red flags

Though hackers can use AI tools to write grammatically perfect email copy, AI phishing emails still have some classical red flags. Here are some telltale signs that it is an AI-driven phishing email:

• Suspicious sender’s address that doesn’t match the company’s domain.
• Generic greetings like “Dear Customer” instead of your name.
• Urgent requests pressuring you to act immediately.
• Unsolicited attachments and links requiring you to take action

The biggest red flag is the sender’s email address. There is often a slight change in the spelling of the email address, or it is an entirely different domain name. For example, a hacker might use an email like xyz@PayPall.com or a personal address from Gmail.com, such as the email below, or Outlook.com while pretending to be from PayPal.

Hackers are using AI to create scams that look frighteningly real. (Kurt “CyberGuy” Knutsson)

2) Analyze the language for AI-generated patterns

It used to be easier to spot phishing emails by noticing silly typos. Thanks to AI, hackers can now craft flawless emails. But you can still sense a phishing email if you analyze the language of the email body copy carefully. The most prominent sign of AI-generated email copy is that it looks highly formal with a dash of failed attempts to be personal. You might not notice it at first, but looking at it closely is likely to give a red flag. The language of such emails is often robotic.

3) Watch for AI voice clone scam warning signs 

With AI, it is possible to clone voices. So, there is no surprise that there is a steep rise in voice phishing, which is also known as vishing. Recently, a father lost $4 billion in Bitcoin to vishing. Though AI voice cloning has improved, it’s still flawed. You can spot inconsistencies by verifying the speaker’s identity. Ask specific questions that only the real person would know. This can reveal gaps in the scammer’s script. The voice, also, at times may sound robotic due to imperfections in voice cloning technology. So the next time, whenever you receive a call that creates a sense of urgency, ask as many questions as you can to verify the identity of the person. You may also consider verifying the claims through the second channel. If the person on the other side of the phone says something, you can get it confirmed by the official email to be on the safer side.

GOOGLE AI EMAIL SUMMARIES CAN BE HACKED TO HIDE PHISHING ATTACKS

4) Identify visual glitches and oddities in video calls

Deepfake videos are getting pretty convincing, but they’re not flawless yet. They have visual inconsistencies and oddities, which can make the voice or video appear fake. So watch the video carefully and try to catch the signs of unnatural eye movements, lip-sync issues, weird lighting, shadows and voice inconsistencies. You can also use a deepfake video detection tool to spot a fake video.

5) Set up and use a shared secret

A shared secret is something only you and your loved ones know. If someone claiming to be a friend or family member contacts you, ask for the shared secret. If they can’t answer, you’ll know it’s a scam.

Hackers are turning to artificial intelligence to make phishing scams smarter and harder to spot. (miniseries/Getty Images)

How to protect yourself from AI phishing scams

AI phishing scams rely on tricking people into trusting what looks and sounds real. By staying alert and practicing safe habits, you can lower your risk. Here’s how to stay ahead of scammers:

1) Stay cautious with unsolicited messages

Never trust unexpected emails, texts or calls that ask for money, personal details or account access. Scammers use urgency to pressure you into acting fast. Slow down and double-check before clicking or responding. If something feels off, it probably is.

2) Use a data removal service

Protect your devices with a trusted data removal service to reduce the amount of personal info exposed online. Fewer exposed details make it harder for scammers to target you. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.

Get a free scan to find out if your personal information is already out on the web: CyberGuy.com.

3) Check links before you click and install strong antivirus software

Hackers often hide malicious links behind convincing text. Hover your cursor over a link to see the actual URL before you click. If the address looks odd, misspelled or unrelated to the company, skip it. Clicking blindly can download malware or expose your login details. Also, install strong antivirus software on all of your devices that blocks phishing links and scans for malware. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com.

4) Turn on two-factor authentication

Even if a scammer steals your password, two-factor authentication (2FA) can keep them locked out. Enable 2FA on your email, banking and social media accounts. Choose app-based codes or a hardware key over text messages for stronger protection.

5) Limit what you share online

The more personal details you share, the easier it is for hackers to make AI scams believable. Avoid posting sensitive information like travel plans, birthdays or financial updates on social media. Scammers piece these details together to build convincing attacks.

6) Verify requests through another channel

If you get a message asking for money or urgent action, confirm it in another way. Call the person directly using a number you know, or reach out through official company channels. Don’t rely on the same email, text or call that raised suspicion in the first place.

Kurt’s key takeaways 

AI is making scams more convincing and harder to detect, but you can stay ahead by recognizing the warning signs. You should watch out for suspicious email addresses, unnatural language, robotic voices and visual glitches in videos, and always verify information through a second channel. You should also establish a shared secret with loved ones to protect yourself from AI-driven voice and video scams.

Have you experienced any AI-driven phishing scams yet, and what do you think is the best way to spot such a scam? Let us know by writing to us at CyberGuy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CyberGuy.com newsletter.

Copyright 2025 CyberGuy.com.  All rights reserved.

Nvidia will start selling its DGX Spark “personal AI supercomputer” this week. The machine is powerful enough to let users work on sophisticated AI models but small enough to fit on a desktop.

Nvidia said Spark can be ordered online at nvidia.com starting Wednesday, October 15th, as well as from select partners and stores in the US. It said units would cost $3,000 when it revealed Spark earlier this year, but it appears the DGX Spark will now cost $3,999, according to an infographic embedded in Nvidia’s press release. Most PC makers have their own customized version, with the Acer Veriton GN100, as one example, also costing $3,999.

Spark boasts the kind of performance that once required access to pricey, energy-hungry data centers. It could help democratize AI and would be particularly useful for researchers. When first announcing Spark earlier this year (then called Digits), Nvidia CEO Jensen Huang said “placing an AI supercomputer on the desks of every data scientist, AI researcher and student empowers them to engage and shape the age of AI.”

Buyers can expect to see a variety of similar models on the market as Nvidia has said third-party manufacturers are welcome to make their own versions. Acer, Asus, Dell, Gigabyte, HP, Lenovo, and MSI are all debuting their own customized versions of Spark, Nvidia confirmed today.

Spark comes with Nvidia’s GB10 Grace Blackwell Superchip, 128GB of unified memory, and up to 4TB of NVMe SSD storage. Nvidia says it can deliver a petaflop of AI performance — meaning it can do a million billion calculations each second — and is capable of handling AI models with up to 200 billion parameters. It’s also small, comfortably fitting on a desk and running from a standard power outlet. Nvidia calls it “the world’s smallest AI supercomputer.”

Correction, October 13th: An earlier version of this story misstated that the DGX Spark was “now available to buy.” It will actually go on sale October 15th.

Sometimes, data breaches result in more than just free credit monitoring. Recently, Facebook began paying out its $725 million settlement, and AT&T is preparing to distribute $177 million. Those payouts caught scammers’ attention.

Now, fake settlement claim emails and websites are flooding inboxes. They look convincing, but behind the plain design and official-sounding language is a trap for your Social Security number, banking info and more. So how can you make sure you get your money without losing even more in the process?

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CyberGuy.com newsletter.

TOP 5 OVERPAYMENT SCAMS TO AVOID

Why fake settlement sites are so convincing

Settlement claim websites rarely look polished. Most have generic layouts, long URLs and simple forms asking for a claim ID from your email or postcard. That makes it easy for scammers to mimic them. To test how simple it is, we created a fake settlement site (below) in minutes using AI tools like ChatGPT.

If we can do it, you can bet criminals are already exploiting the same shortcuts. Facebook has been the target. A fake site once popped up around the Equifax settlement, tricking thousands before it was shut down. The lesson? If the site appears unusual, it doesn’t necessarily mean it’s fake, but it should prompt you to double-check before entering your details or clicking on any links.

Red flags that expose fake settlement sites

Spotting a scam often comes down to noticing the little details. Watch for these common warning signs before you hand over your information.

Requests for too much personal data

If a site asks for your full Social Security number or the names of your children, stop. For example, the official Equifax settlement only requested the last six digits of SSNs. Genuine claim sites may ask for limited info (like the last four digits of your SSN), but they rarely demand complete Social Security or bank details.

Promises of payout estimates upfront

Real administrators calculate payments only after the claim period closes.

Texts or social media messages

Settlements are announced by mail or email, not through random DMs or SMS.

Fraud can be found with red flags like odd URLs, urgent countdowns, or fee requests (Kurt “CyberGuy” Knutsson)

Odd or misspelled URLs

Even one extra letter in the web address is a sign of a spoof site. Legitimate settlements use official or clearly named administrator domains. Be wary of addresses with unusual add-ons, such as “secure-pay” or “claims-pay.”

Urgent language or countdowns

Scammers rely on urgency to pressure you into acting fast. Real settlement sites don’t demand 24-hour turnarounds.

Processing fee checkboxes

A sure giveaway of a fake. Real settlement administrators never require money to file or to receive your payout.

Cheap trust badges

Scam sites often throw in fake “secure” seals. Look for recognized security seals and make sure they’re clickable and verifiable.

Generic contact info tied to the suspicious domain

Official sites list multiple, verifiable contacts. If the email or phone number matches the weird domain, that’s a red flag.

Grammar or spelling mistakes in the fine print

Sloppy errors in legal-sounding text are a classic sign you’re looking at a scam.

Start with official FTC links or mailed notices to file claims safely (Kurt “CyberGuy” Knutsson)

How to safely handle settlement claim notices

Before filing any claim, follow these steps to ensure you’re dealing with a legitimate settlement site and protecting your information.

1) Start at the FTC

The Federal Trade Commission keeps updated lists of approved class action settlements at ftc.gov/enforcement/refunds. The legitimate links always point to a .gov website. If your email sends you elsewhere, treat it with caution. 

2) Cross-check with other resources

Trusted outlets often cover large settlements and include safe links. ClassAction.org is another resource for checking legitimate URLs.

3) Skip the links, use the mail

Your claim notice may include a mailing address. Sending a paper form avoids the digital phishing minefield altogether.

4) Use strong antivirus software

Strong antivirus software can block malicious links, warn you about dangerous websites and prevent malware from taking over your device.

The best way to safeguard yourself from malicious links that install malware and potentially access your private information is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at CyberGuy.com.

HOW RETIREES CAN STOP FAKE DEBT COLLECTOR SCAMS

5) Try a data removal service

Data removal services work to scrub your personal information from broker lists, making it more difficult for criminals to target you.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting CyberGuy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

6) Never pay to file

If a site asks for “administrative fees” or a “processing charge,” close it immediately. Real settlement administrators will never ask for money.

7) Report suspicious sites

Spot a fake? Protect others by reporting it to:

• The FTC Complaint Assistant at reportfraud.ftc.gov/
• The Internet Crime Complaint Center (IC3) at ic3.gov/
• The Consumer Financial Protection Bureau (CFPB) at consumerfinance.gov/about-us/the-bureau/

Quick reporting helps authorities shut down scams before more people fall victim.

Can you tell a real email from a fake?

Take our quick quiz at Cyberguy.com/ScamCheck to learn how to spot phishing scams, protect your inbox, and stay a step ahead of hackers. 

Kurt’s key takeaways

Class action settlements can feel like rare wins for consumers after data breaches. But scammers see them as easy hunting grounds. The best defense is skepticism. Check URLs, avoid clicking direct links and never give away details that don’t match the claim’s purpose. Your payout should help you recover, not put you at greater risk.

Have you ever received a settlement notice that felt suspicious, and how did you handle it? Let us know by writing to us at CyberGuy.com.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide – free when you join my CyberGuy.com newsletter.

Copyright 2025 CyberGuy.com.  All rights reserved.