Government and Tech Support Impersonation Scams
Calls from the IRS that aren't. Popups from Microsoft that aren't. Social Security fraud that targets everyone. How these scams work and why they keep working.
Overview
Government and tech support impersonation scams are among the highest-volume and highest-loss fraud categories tracked by the FTC. In 2024, government impersonation scams alone accounted for $789 million in reported consumer losses in the United States. The actual figure is substantially higher: research consistently finds that fewer than 5 percent of fraud victims file formal reports.
These scams share a common structure regardless of the impersonated agency or company: establish false authority, create fear or urgency, and demand immediate payment through a method that cannot be reversed—most commonly gift cards, wire transfers, or peer-to-peer payment apps like CashApp, Venmo, or Zelle. No government agency and no legitimate technology company uses any of these payment methods for any purpose.
IRS Impersonation
IRS impersonation scams peak around tax filing season but run year-round. Victims receive calls, texts, or emails claiming they owe back taxes and that an arrest warrant has been issued or will be issued unless immediate payment is made. The caller may provide a fake "badge number," a spoofed IRS callback number, and the last four digits of the victim's Social Security number (obtained from data breach records) to appear credible.
The IRS does not initiate contact by phone for the purpose of demanding immediate payment. The IRS does not accept payment via gift cards, wire transfers, cryptocurrency, or CashApp. Initial IRS contact regarding a tax balance is made by postal mail. If you owe the IRS money, you will receive a written notice before any collection action begins. Calls claiming otherwise are fraudulent without exception.
The IRS initiates contact by mail, not by phone, for billing and collection matters. A call threatening arrest for unpaid taxes—regardless of how official it sounds or what information the caller has—is a scam. Hang up and, if you are concerned about your tax status, call the IRS directly at 1-800-829-1040 or visit irs.gov.
Social Security Administration Impersonation
SSA impersonation calls claim that the victim's Social Security number has been "suspended" due to suspicious activity, linked to criminal investigations, or used in drug trafficking. Victims are told that their accounts will be frozen and their assets seized unless they verify their identity or pay a fee to "protect" their number. Some versions ask the victim to move their money to a "safe account" while the matter is resolved—the "safe account" is controlled by the scammer.
The Social Security Administration does not suspend Social Security numbers. It does not ask people to move money to protect it from seizure. It does not demand payment via gift card, wire, or CashApp. If you receive such a call, hang up and report it to the SSA Office of Inspector General at 1-800-269-0271 or oig.ssa.gov.
Medicare and Medicaid Impersonation
Medicare impersonation scams most frequently target adults 65 and older. Common scripts offer free medical equipment, genetic testing kits, or COVID-related benefits in exchange for the victim's Medicare number. That number is then used to submit fraudulent billing claims to Medicare for services and equipment never delivered. Victims typically have no idea their number was used until they receive an Explanation of Benefits statement for services they did not receive.
Medicare will never call to sell you anything. Medicare representatives do not ask for your Medicare number over the phone to confirm or "update" benefits. Provide your Medicare number only to your confirmed healthcare providers and to Medicare directly when you initiate contact.
Tech Support Scams
Tech support scams typically begin with a browser pop-up or a full-screen alert claiming the victim's computer is infected with a virus and instructing them to call a toll-free number immediately. The pop-up may play an alarm sound, display a fake "Windows Defender" interface, and list a phone number in large text. The page is often designed to prevent the victim from closing the browser normally.
Callers pose as Microsoft, Apple, or antivirus company technicians. They direct the victim to install remote access software (AnyDesk, TeamViewer, or similar tools) so they can "fix" the problem. Once remote access is granted, the scammer can access banking sites, install keystroke loggers, and transfer funds directly from the victim's accounts. Some variants demand payment for the "repair" via gift cards; the remote access variant extracts far more by going directly to the source.
No legitimate technology company will call you unsolicited and ask you to install remote access software. If someone does, do not install anything. Disconnect from the call. If you have already installed such software and allowed access, disconnect your computer from the internet immediately and contact your bank. Consider the computer compromised until professionally examined.
The Grandparent Scam
The grandparent scam is an impersonation fraud targeting older adults. The victim receives a call from someone claiming to be a grandchild in crisis—arrested, in an accident, stranded overseas. A second caller then joins the call posing as an attorney, bail bondsman, or law enforcement officer confirming the situation and demanding immediate payment to resolve it. Victims are instructed not to tell other family members because it might "make things worse."
AI voice cloning has expanded this scam significantly. A scammer can generate a convincing clone of a grandchild's voice from a few seconds of audio sourced from public social media posts. Victims who hear what sounds like their grandchild crying are considerably harder to talk down from immediate payment. If you receive this type of call, hang up and call your grandchild or their parents directly using a number you already have. Do not use a number provided by the caller.
The Gift Card Payment Demand
The common thread across all government and tech support impersonation scams is the payment method demanded: gift cards. Specifically Google Play, iTunes/Apple, Amazon, eBay, Steam, Target, and Walmart gift cards are all commonly requested. Victims are instructed to purchase cards at a convenience store, pharmacy, or big-box retailer and read the card numbers over the phone.
Gift card payments are favored because they are immediate, irreversible, and anonymous. Once the numbers are read, the funds are drained within seconds and the trail ends. No government agency, court, utility company, bail bondsman, or technology support service accepts gift cards as payment for any legitimate obligation. This demand is, without exception, a fraud indicator.
- Hang up. You do not owe an explanation. Scammers are trained to keep victims on the line; ending the call is the correct response to any unsolicited call demanding urgent payment.
- Do not call back numbers provided by the caller. Verify by looking up the agency or company's number independently through their official website.
- Do not purchase gift cards as payment for any demand made over the phone. No legitimate institution uses gift cards for any payment purpose.
- Do not grant remote access to your computer to anyone who calls you unsolicited, regardless of what they claim to see on your screen.
- If you have already sent money: contact your bank immediately if a wire or ACH transfer is involved. Contact the gift card issuer if gift cards were used—some issuers (Google, Apple, Amazon) can freeze unredeemed card balances if reported quickly. File a report at reportfraud.ftc.gov and oig.ssa.gov if SSA was impersonated.
- Alert family members, particularly older relatives. Discussing these scams with elderly parents and grandparents before they encounter them is the most effective prevention available.