Protect Yourself From Cybercrime and Financial Abuse

one lock with keyhole

Here's a pro tip this tax season: If you receive email or phone communications from someone claiming to be from the IRS, do one thing: disengage.

During this time of refunds, scammers often use unsolicited emails and phone calls to draw you into their scheme. If the IRS genuinely needs to get in touch, first contact is usually a letter sent through the U.S. Postal Service. 

The IRS grift is one of many scammers use to pilfer funds, personal information and other private data. In general, if it sounds or feels suspicious, don't reply and/or hang up for your own security. 

Defining the Scams

Cybercrimes have come a long way since the “Nigerian prince” email scam in the 1990s, but, in reality, these schemes have been around for more than 200 years. Today’s cybercriminals, however, are more convincing and sophisticated, using voice spoofing, one-time password bots and other AI tools that make their pitches seem scarily legitimate.

Scammers commonly pose as the following to get access to your private information and financial resources:

  • Government officials from the IRS, Social Security Administration and other agencies
  • Tech/computer experts
  • Charitable workers
  • Investors/lottery officials
  • Romantic interests

View the AARP's "Five of the Biggest Scams to Watch For in 2026" for information about current schemes. 

Defining the Scammers

While many scammers are criminal opportunists from anywhere in the world, others are, unfortunately, closer to home. Older adults, in particular, can become victims to their own families, caregivers, appointed fiduciaries, neighbors and others they trust. The “romance scam” is one of the most prevalent and painful, as victims often willingly provide money and financial information to someone who has professed to care for them.

During the past few years, U-M has seen an uptick in scenarios when a romantic partner or family member has tried to access U-M Retirement Savings Plan accounts as part of criminal activity.

Protect Yourself

The best way to protect your finances and private information is to have a healthy skepticism and use extreme care when sharing your personal information.

  • Never provide your credit card, bank card/account number, Social Security, Medicare or other personal information to anyone over the phone. If you receive a call from someone asking for this information, end the call and call the institution back to ensure the request is legitimate. Most will not ask for private information over the phone.
  • Check with a trusted lawyer or family member before signing a document you don’t fully understand.
  • Do not open emails or texts from people/numbers you don’t recognize.
  • Do not click on links in emails, text or online that you aren’t certain are legitimate.
  • Use strong passwords and multi-factor protection on your accounts.

If you receive unsolicited contact about your U-M Retirement Savings Plans, do not respond. Immediately report the contact to Fidelity Investments and/or TIAA, the longtime administrators of U-M’s retirement accounts, for guidance.

Report the Crime

If you or someone in your circle is a victim of cybercrime, report the situation to the FBI’s Internet Crime Complaint Center.

If you or someone in your circle is the victim of financial abuse, call your local police or sheriff’s office. If the victim is an older adult, contact the Adult Protective Services agency in the state/county where the abuse occurred. 

Quick response is crucial to decreasing financial loss and re-fortifying your private data.

For More Info…

For additional tips, view the FDIC’s “Avoiding Scams and Scammers” web page. U-M’s Safe Computing web section also has several pages devoted to cybersecurity and protecting yourself from scams. TIAA also offers specific guidelines to protect older adults from scams.

Published on Tuesday February 24, 2026