6 People Charged With Stealing $1.3 Million in Tax Refund Checks. Here’s What Happened

Americans lose millions to gift card scams every year. Here’s how to protect yourself.

Last Friday, a federal grand jury indicted six people for stealing over a million dollars in tax refund checks from victims across six states. The alleged scheme required no sophisticated hacking — just some stolen checks, fake IDs and a readiness to walk into financial institutions and lie. It’s a stark reminder that tax fraud doesn’t end when filing season does.

In this week’s scam roundup, we cover how these fraudsters managed to pilfer so much money through tax refunds. We also take a look at a phishing scam hiding as an invitation in your inbox and an AI chatbot fraud scheme that shows up as a mystery charge on your credit card bill.

---

Where People Are Protecting Their Privacy Online Right Now

• NordVPN: Hide Your IP and Location Every Time You Surf the Web
• Surfshark VPN: Bundle All Your Devices Into One Low-Price Plan
• Lifelock by Norton: Identity Theft Protection That Defends Against Scams and More Online Theft Attempts

---

• $1.3 Million in Stolen Refunds: A federal grand jury has indicted six Buffalo residents for stealing U.S. Treasury tax refund checks and cashing them using fake identities. Between August 2023 and May 2024, the defendants allegedly obtained checks made out to other people, opened fraudulent bank accounts in the victims’ names, deposited the checks and withdrew the funds. More than 12 victims across six states lost a combined $1.3 million. The scheme is an example of how identity theft doesn’t always happen online and stolen paper checks remain a meaningful threat. To protect yourself, consider signing up for the IRS’s Identity Protection PIN program, which prevents anyone else from using your social security number to file a return.
• Fake Invitation Emails: Hackers are spoofing digital invitation platforms — including Paperless Post, Evite and Punchbowl — to send phishing emails that appear to come from people you know. Clicking the link on these emails silently installs malware or directs you to a fake login page designed to steal your credentials. One Southern California woman lost over $5,000 after entering her login information on what she believed was a friend’s fundraiser invitation. Evite has reported a significant uptick in these impersonation scams since the start of 2026. If you receive an unexpected invite, contact the sender directly before clicking anything.
• AI Chatbot Exploit: Fraudsters are making unauthorized gift card purchases through victims’ saved payment methods on AI subscription platforms. One user found $400 in unauthorized charges on his credit card, billed as legitimate transactions to Anthropic, the company behind the Claude chatbot. A third charge was blocked only because it required additional confirmation. Similar complaints have surfaced elsewhere online. Anthropic says it’s adding protections against fraudulent purchases and will cancel and refund confirmed scam charges. Even so, check your AI subscription statements regularly, and contact your bank immediately if you spot anything unfamiliar.

---

Where People Are Protecting Their Privacy Online Right Now

• NordVPN: Hide Your IP and Location Every Time You Surf the Web
• Surfshark VPN: Bundle All Your Devices Into One Low-Price Plan
• Lifelock by Norton: Identity Theft Protection That Defends Against Scams and More Online Theft Attempts

---

Protect your digital life: See Lifelock’s current identity theft plans and get your first year of the standard plan for just $7.99 a month

The most common types of scam you should know

Scammers are constantly upping their game, coming up with new and exciting ways (for them) of fooling their targets. AI-powered scams are one example of this; the technology is being used to reach a larger number of people with increasingly more convincing schemes.

But some tricks never run out of style. Most scams fall into a handful of familiar patterns, and many long-standing schemes are still a threat today. They’ve just evolved to better fit today’s digital landscape.

1. Imposter scams: Scammers often pose as trusted figures such as government agencies, banks, employers and even friends or family to pressure victims into sending money or sharing personal information.
2. Phishing and spoofing scams:
These scams use emails, texts or phone calls that look like they’re from legitimate organizations. The goal is to trick you into clicking a malicious link, downloading malware or handing over sensitive information.
3. Online shopping scams: Fraudsters can create fake online stores or listings with hard-to-find items at unusually low prices. After you pay for an article, what you end up getting might be counterfeit — or it may never arrive in the first place.
4. Investment scams: This type of scam often arrives with promises of high returns from crypto, forex or other “exclusive” opportunities. Many involve long-term grooming tactics in which victims are encouraged to invest more over time before losing everything.
5. Romance scams: Some scammers try to get into your pocket through the heart. They build a relationship with you on dating apps or social media, then convince you to give up money and assets by fabricating emergencies or investment opportunities.

Plans for everyone: Check out Aura’s identity theft options for you and your family, starting at $9 a month when you pay annually

What to do if you’re the target — or victim — of a scam

No one is immune to scams or fraud, but a few consistent habits can reduce their danger and the damage they cause.

For starters, be skeptical of unsolicited messages, especially those creating fear or urgency. This might look like an email from your bank threatening to close an account, a text from an online marketplace saying you’ll lose a discount or a call from the IRS claiming they’ll report you to the authorities unless you “act now.”

Scammers love to use this sort of language because it puts you on the spot, which they expect will move you to action.

Always verify any requests from an organization by cross-checking with its official phone numbers, email or website. And don’t click any links, download attachments or respond to messages you suspect may be fraudulent. A legitimate organization will not pressure you for instant action or secrecy.

Now, if you’ve already sent financial information or money to someone you suspect is a scammer, you’ll need to take a few steps to protect your data and possibly get your money reimbursed. Contact your bank, credit card issuer or payment platform immediately and attempt to stop or reverse the transactions. Make sure to change any relevant passwords and enable multi-factor authentication to safeguard your accounts, too.

Reporting a scam might also help protect others. You can file a report with the Federal Trade Commission and with local authorities at your nearby police department or sheriff’s office. Identity theft victims should also consider temporarily freezing their credit.

Lastly, review your financial statements and credit reports regularly, keep your software updated and limit how much personal information you share online. Scammers often rely on publicly available details to make their schemes more convincing.

More from Money

How to Protect Yourself From Card Skimmers at ATMs and Gas Pumps

Best Identity Theft Protection Services

Best Credit Monitoring Services