January scams surge: Why fraud spikes at the start of the year

Every January, I hear from people who say the same thing: “I just got an email that looked official, and I almost fell for it.” That’s not a coincidence. January is one of the busiest months of the year for scammers. While most of us are focused on taxes, benefits, subscriptions, and getting our finances in order, criminals are doing their own kind of cleanup, refreshing scam lists and going after people with newly updated personal data. If you’ve ever received a message claiming your account needs to be “verified,” your benefits are at risk, or your tax information is incomplete, this article is for you.

Why January is prime time for scammers

January is when scammers have everything they need.  According to YouMail’s Robocall Index, U.S. consumers received just over 4.7 billion robocalls in January 2025, which was about a 9% increase from December 2024. This year, we can expect the same from scammers.

They know:

• People are dealing with taxes and government accounts
• Benefits and subscriptions reset or renew
• Financial stress is higher after the holidays

But the biggest reason scams spike now? Your personal data is easier to find than you think. Data brokers quietly collect and update profiles year after year. By January, those profiles are often more complete than ever, and scammers know it.

The “account verification” scam you’ll see everywhere

One of the most common January scams looks harmless at first. You get a message saying:

• Your Social Security account needs verification
• Your Medicare information has to be updated
• Your benefits could be delayed without action

The message sounds official. Sometimes it even uses your real name or location. That’s where people get tricked. Government agencies don’t ask for sensitive information through random emails or texts. Scammers rely on urgency and familiarity to push you into reacting before thinking.

My rule: If you didn’t initiate the request, don’t respond to it. Always go directly to the agency’s official website or phone number, never through a link sent to you.

Fake tax and benefits notices ramp up in January

Another favorite scam this time of year involves taxes and refunds.

You may see:

• Emails claiming you owe back taxes
• Messages saying you’re due a refund
• Notices asking you to “confirm” banking information.

These scams work because they arrive at exactly the moment people expect to hear from tax agencies or benefits programs.

Scammers don’t need much to sound convincing. A name, an email address, or an old address is often enough. If you get a tax-related message out of the blue, slow down. Real agencies don’t pressure you to act immediately.

Subscription “problems” that aren’t real

January is also when subscription scams explode. Fake messages claim:

• Your streaming service will be canceled
• Your payment didn’t go through
• Your account is suspended.

Scammers know most people have subscriptions, so they play the odds. Instead of clicking, open the app or website directly. If there’s a real problem, you’ll see it there.

Why these scams feel so personal

People often tell me, “But they used my name, how did they know?” Here’s the uncomfortable truth: They probably bought it. Data brokers compile massive profiles that include:

• Address histories
• Phone numbers and emails
• Family connections
• Shopping behavior.

That data is sold, shared, and leaked. Once scammers have it, they can tailor messages that feel real because they’re built on real information.

What you should do right now

Before January gets any busier, take these steps to reduce your exposure to scams and fraud.

1) Remove your personal data from broker sites

Deleting emails or blocking numbers helps, but it does not stop scams at the source. Scammers rely on data broker sites that quietly collect, update, and sell your personal information. Removing your data from those sites reduces scam calls, phishing emails, and targeted texts over time. It also makes it harder for criminals to personalize messages using your real name, address, or family connections. You have two ways to do this:

Do it yourself:

You can visit individual data broker websites, search for your profile, and submit opt-out requests. This method works, but it takes time. Each site has its own rules, identity verification steps, and response timelines. Many brokers also re-add data later, which means you have to repeat the process regularly.

Use a data removal service:

A data removal service automates the opt-out process by contacting hundreds of data brokers on your behalf and monitoring for re-listings. This option saves time and provides ongoing protection, especially if you want long-term results without constant follow-ups.

While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap, and neither is your privacy. These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you.

A service like Incogni can help you remove all this personal information from the internet. It has a very clean interface and will scan 420+ websites for your information and remove it and keep it removed. Plus Incogni has received third-party assurance from Deloitte validating its entire data removal process.

The longer you wait, the more data brokers spread your personal information online. I recommend Incogni to help you remove that data automatically (and they make sure it stays removed) without any effort on your part.

Exclusive Deals for CyberGuy Readers (60% off):  Incogni offers a 30-day money-back guarantee and then charges a special CyberGuy discount for all annual plans only through the links in this article for as low as $6.39/month for one person (billed annually) or $12.79/month for your family (up to 5 people) on their annual plan. This fully automated data removal service provides ongoing protection from 420+ data brokers, and if you choose the Unlimited plan, you can also request removals from specific sites where your personal information appears.

I recommend the family plan because it works out to only $2.56 per person per month (or $3.68 per person per month if you get the Family Unlimited plan) for powerful year-round privacy protection. It’s an excellent service, and well worth trying to see how much of your information is being exposed and how effectively it can be removed.

Get Incogni here

Get Incogni for your family (up to 5 people) here

Is your personal information exposed online?

Run a free scan to see if your personal info is compromised. Results arrive by email in about an hour.

2) Don’t click links in unexpected messages

If you did not initiate the request, do not click. Scam messages are designed to create urgency, especially around taxes, benefits, and account issues. Instead, go directly to the official website by typing the address yourself or using a saved bookmark. This single habit prevents most phishing attacks.

3) Turn on two-factor authentication wherever possible

Two-factor authentication (2FA) adds a critical second layer of protection. Even if someone gets your password, they still cannot access your account without the second verification code. Start with email, financial accounts, social media, and government services.

4) Check accounts only through official apps or websites

If you receive a warning about an account problem, do not trust the message itself. Open the official app or website and check there. If something is wrong, you will see it immediately. If not, you just avoided a scam.

5) Watch for account alerts and login activity

Enable login alerts and security notifications on important accounts. These alerts can warn you if someone tries to sign in from a new device or location. Early warnings give you time to act before real damage occurs.

6) Use strong, unique passwords and a password manager

Reusing passwords makes it easy for scammers to take over multiple accounts at once. If one service is compromised, attackers try the same login on email, banking, and social media accounts. A password manager like Nordpass helps you create and store strong, unique passwords for every account without needing to remember them.

Related Links: 

• Why January is the best time to remove personal data online
• Make 2026 your most private year yet by removing broker data
• How to stop health and fitness apps from using your private data

Kurt’s key takeaways

January scams aren’t random. They’re targeted, timed, and fueled by personal data that shouldn’t be public in the first place. The longer your information stays online, the easier it is for scammers to use it against you. If you want a quieter inbox, fewer scam calls, and less risk this year, take action early, before criminals finish rebuilding their lists. Protect your data now, and you’ll be safer all year long.

Have you noticed more scam emails, texts, or calls since the new year started? Let us know in the comments below. 

FOR MORE OF MY TECH TIPS & SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

This article was created in partnership with Incogni

Copyright 2026 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.