If you have $400 and want an iPad, your options are usually kind of limited to either just the base iPad, or better yet, the latest iPad Mini — if it happens to be on sale when you’re shopping (it is now, but that’s not always the case). But right now, you should consider getting the 128GB version of Apple’s 11-inch iPad Air with the capable M3 processor. At Target, multiple colors of this model are $399.99, beating the previous low of $449.99 we’ve seen during large-scale deal events. Currently, no other retailer is matching this price. This sale ends Saturday night.

$400 is a sweet price for this model, as it debuted in early 2025 for $600. In terms of how it stacks up to other iPad models, Verge editor-at-large David Pierce said in his impressions that the M3 Air is “exactly what you think it is. Which is fine.” I know, that sounds like a back-handed compliment, but it’s been a while since iPads peaked in terms of utility, design, and fast performance. This one carries the torch in Apple’s tablet dominance, and its M3 processor means it’ll be a fantastic tablet for longer than any other iPad at the $400 price point. Read our in-depth impressions.

Other Verge-approved deals

Millions of Facebook users filed claims in a recent privacy settlement after the platform was accused of mishandling user data. The approved payouts have been rolling out, which means people are watching their inboxes for updates. Scammers know this and are sending look-alike emails that push you to click a “Redeem Virtual Card” button. Arlene B emailed us to share what landed in her inbox.

“I received an email stating that it was from (Facebook User Privacy Settlement Administrator) and that I needed to click on the button below to “Redeem Virtual Card.” Do you know if this is a scam or not?”

Her question shows how convincing these fake messages appear. A real settlement did happen, and people have been getting payments. Still, criminals are now piggybacking on the rollout with messages that look official but lead to dangerous sites that steal your information. Let’s walk through how to tell real emails from fake ones.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

NEW SCAM SENDS FAKE MICROSOFT 365 LOGIN PAGES

How to check if your Facebook settlement email is legitimate

Scammers rely on confusion and urgency. These steps help you confirm the message before you click anything.

Confirm the sender’s address

Real settlement emails come from facebookuserprivacysettlement@notifications.kroll.com. Kroll is the official administrator.

Look for your claimant ID

Real notices include your unique claimant ID and reference the claim you filed last year. Fake emails skip this personalized detail.

Check where the link leads

Real payout links go to DigitalPay / Veritas or domains tied to krollsettlementadministration. If the link points to a strange or shortened URL, it is likely unsafe.

Watch for common red flags

Pressure to act right away. Clumsy wording or spelling mistakes. A button that goes to a suspicious URL. You never filed a claim in the first place. Any sender address that is not the official Kroll domain.

Remember that you are not required to click anything

If your claim was approved, you have already received a legitimate notice. Emails that say you must “redeem” again or “confirm” payment are signs of a scam.

GEEK SQUAD SCAM EMAIL: HOW TO SPOT AND STOP IT

Why scammers target large settlements

Whenever a major payout occurs, criminals blend in with legitimate messages because people expect money and may open emails quickly. When fake notices look similar to real ones, it only takes one careless click for scammers to grab your data.

DON’T FALL FOR FAKE SETTLEMENT SITES THAT STEAL YOUR DATA

Ways to stay safe from settlement scams

Use these simple habits to protect yourself from Facebook settlement scams and any future payout scam.

1) Verify the sender every time

Look at the full address. Scammers often change one character in hopes you will not notice.

2) Hover over links before tapping

Check the destination without clicking. A strange URL is your warning sign.

3) Never share sensitive information through email

Real administrators do not ask for banking info or logins.

4) Use a data removal service

Data brokers often collect your email address, phone number and other personal details that scammers use to target victims. A data removal service can pull you out of those databases, which reduces the amount of scam email that reaches you in the first place.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com.

5) Go directly to the official settlement site

Type in the address yourself instead of using a link from an email.

6) Use strong antivirus software 

Good security software blocks dangerous links and pages. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have strong antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe.

Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices at Cyberguy.com.

7) Delete emails that push urgency

Scammers want fast reactions. Slow down and confirm details. 

Kurt’s key takeaways 

The Facebook settlement payout created the perfect moment for scammers to slip fake messages into inboxes. Once you know the signs, it becomes much easier to separate real notices from dangerous ones. Stay alert, trust your instincts and verify before you click.

Would you open a payout email if you were not expecting money in the first place? Let us know by writing to us at Cyberguy.com.

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report 

Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter. 

Copyright 2025 CyberGuy.com. All rights reserved.

The holiday shopping season should feel exciting, but for scammers, it’s rush hour. And this year, one trick is hitting more inboxes and phones than ever: the fake refund scam. If you’ve ever seen an unexpected “Your refund has been issued,” “Your payment failed” or “We owe you money” email or text during November or December, it wasn’t an accident.

Scammers know you’re buying more, tracking more packages and juggling more receipts than at any other time of year. That chaos makes fake refund scams incredibly effective and incredibly dangerous.

Here’s why these scams are spreading, how to spot them instantly and the one thing you can do today to stop scammers from targeting you in the first place.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter.

FBI WARNS EMAIL USERS AS HOLIDAY SCAMS SURGE

Why refund scams skyrocket during the holidays

Scammers strike when Americans are distracted, rushed and making dozens of purchases. Black Friday, Cyber Monday and holiday gift-buying create the perfect storm:

1) You’re expecting legitimate refunds

Holiday shopping means:

• Items going out of stock
• Orders getting canceled
• Packages arriving late
• Prices changing
• Stores offering “Best Price Guarantee” refunds.

Scammers know this. When you’re already expecting refund emails, their fake ones blend right in.

2) You’re spending more, which means bigger targets

A study shows that this year, Americans will spend 3.6% more than the previous year on holiday shopping. A $200 to $500 purchase is completely normal during this season. Other reports show a decrease in spending, but note that people spend, on average, over $600 during the Black Friday promotions alone.

Expenses stack up, new things arrive, some get returned and a “$249 refund issued” message doesn’t look suspicious—it looks plausible. But it’s crucial you check if that message is real. Never click any links without a thorough look at the email address, name and content of the message.

3) Your inbox is overflowing

Have you been eyeing a new home appliance? Or a present for a loved one? Have you saved anything in your cart just to see if the price drops? Thanks to Black Friday, your inbox is probably filled with:

• Promotional codes
• Offers
• Shipping updates
• Order confirmations
• Receipts
• Return notifications.

It’s easy to lose track of your orders and packages amidst the influx of emails. And when you’re skimming more than 200 promotions, scams become harder to catch.

4) They know exactly what you purchased

Scammers get their information from data brokers, companies that collect, package and sell your personal information. Your profile can include anything from your name, contact information, to your purchase history and even your financial situation.

In general, data brokers and shopping apps sell patterns, including:

• Where you shop
• How much you spend
• What categories you buy
• Recent purchases
• Your email, phone number and address.

And scammers buy that information to craft compelling and personalized attacks. That’s why their fake refund emails often mimic retailers you actually used.

HOW TO STOP IMPOSTOR BANK SCAMS BEFORE THEY DRAIN YOUR WALLET

How the fake refund scam works

Scammers usually follow one of three playbooks:

“Your refund is ready-verify your account.” You click a link, and you’re taken to what looks like Amazon, Walmart, UPS, Target or Best Buy. And when you enter your login, scammers can steal your credentials by manipulating you.

“We overcharged you. Click here for your refund.” It asks for your debit card number, your bank login and your PayPal credentials. Or worse: it installs malware that steals them automatically.

Phone version: “We issued a refund by mistake.” You get a call from someone pretending to be Amazon customer service, PayPal support, or even your bank. They say they “refunded too much money” and need you to send back the difference. Some even screen-share to drain bank accounts in real time.

These scams cost Americans hundreds of millions of dollars every year. The FTC reports that impostor scams (which are related to online shopping) accounted for the second-highest reported losses, resulting in $2.95 billion being lost in 2024.

What these emails look like so you can spot them fast

Scammers are getting more sophisticated. Fake refund messages often include:

• Your correct name
• A real store logo
• A real order amount
• A believable order number
• “Click to view refund” buttons
• Deadline pressure like “respond within 24 hours.”

Here’s the giveaway: No legitimate retailer requires you to enter banking info to receive a refund, ever.

Note that scams often ask you to:

• Confirm a payment
• Verify personal info
• Log in through a link
• Provide banking details
• Download an invoice.

The simplest way to protect yourself before the holiday peak

Deleting your data manually from data broker sites is technically possible, but extremely tedious. Some require government ID uploads, faxed forms, multiple follow-up requests and updates every 30 to 90 days because they relist your data.

This is why most people almost never do it. A data removal service, however, automates the entire process. These services:

• Identify which broker sites have your info
• Send official deletion requests on your behalf
• Force them to remove your data
• Continually monitor and re-request removals
• Block brokers from relisting you

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com

Get a free scan to find out if your personal information is already out on the web: Cyberguy.com

How to protect yourself this season (3 quick steps)

Remember to follow these few simple steps to safeguard yourself against targeted scams.

1) Never click refund links in emails or texts

Go directly to your retailer’s website and check your actual order history. Verify the email address of the sender and only communicate with official representatives of the retailer.

2) Turn on multi-factor authentication

Set up two-factor authentication (2FA) for all of your accounts. With the help of 2FA, you’ll need to authorize logins via email, text message or generated PINs. So, even if you accidentally enter your password somewhere fake, 2FA can stop the breach.

3) Limit how scammers can find you

This is the part most people skip—and it’s why they stay targets. Removing your personal info from data broker sites cuts off scammers’ access to your real details. A data removal service automates and makes the process ongoing, which is why I recommend it to my most privacy-conscious readers.

Check out my top picks for data removal services and get a free scan to find out if your personal information is already out on the web by visiting Cyberguy.com.

Kurt’s key takeaways

Refund scams explode during the holiday shopping season because scammers rely on two things: Chaos in your inbox and your personal data being sold behind your back. You can’t stop scammers from sending fake emails, but you can stop them from targeting you specifically. Before peak holiday shopping hits, take a moment to clean up your data trail. You’ll end up with fewer scams, fewer risks and far more peace of mind.

Have you received a suspicious refund email or text this season? Share your experience so we can help warn others in the comments below. Let us know by writing to us at Cyberguy.com

CLICK HERE TO DOWNLOAD THE FOX NEWS APP

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide — free when you join my CYBERGUY.COM newsletter. 

Copyright 2025 CyberGuy.com.  All rights reserved.