Security experts have issued a stark warning to the public on how to identify sophisticated scams where criminals impersonate officials from the Social Security Administration (SSA). This follows a recent case where an elderly couple in Pennsylvania lost over $1.3 million to a thief posing as an SSA employee.
The Hallmarks of a Social Security Scam
According to cybersecurity professionals, legitimate SSA representatives will never use threats or scare tactics. John Hammond, principal security researcher at Huntress, emphasised that real employees will not suggest a suspension of benefits, threaten legal action, or demand immediate payment over the phone.
"If you are ever asked for your Social Security number or bank details from an unsolicited call or text message, you aren't talking to a legitimate SSA representative," Hammond told The Independent.
The administration itself has warned consumers to stay sceptical of unexpected calls. Scammers often create a false sense of urgency, pressuring victims to act quickly. The Pennsylvania couple, for instance, were told their Social Security number had been stolen and they needed to take rapid action.
Key Red Flags and Protective Steps
Experts point to specific phrases and behaviours as major warning signs. Eric O’Neill, a former FBI operative, noted that claims your account has been "compromised" and instructions not to tell family members are classic red flags.
To simplify the scammer's playbook, the SSA highlights the four Ps they use: Pretend to be from a trusted agency, invent a Problem, apply Pressure to resolve it urgently, and demand Payment.
Ricardo Amper, CEO of Incode Technologies, advocates for a team approach to protection. "Family members can help by having open, ongoing conversations about common scam tactics and setting a simple rule: always verify before acting," he advised.
What To Do If You Suspect a Scam
The advice from multiple experts is unanimous: pause and verify. Brian Long, CEO of Adaptive Security, recommends hanging up immediately if someone claims to be from the SSA.
"Hang up and call SSA back using a number you look up yourself, not the number they gave you," Long stated. He urges the public to normalise scepticism, noting that the biggest security vulnerability is often our own trust.
Strengthening online security with strong passwords and multi-factor authentication can also reduce risk, ensuring that even if information is exposed, the damage is limited.
