Thus far, millions of Social Security recipients across the country have received a new email from the Social Security Administration (SSA) with the subject line: “There’s still time.” Although the email has been deemed legitimate, it was met with both confusion and concern. Much of the concern was due to the known increase in phishing scams that have been mimicking official government messages. For SSSA beneficiaries, there are a few things that you need to take note of in order to differentiate a real email from a fake email from fraudsters who are preying on gullible citizens.
Understanding what the legitimate SSA email is all about
The email that many citizens received from the official .gov email address and was sent to inform all SSA recipients about the transition as to how online SSA accounts can be accessed. For citizens who specifically created their online Social Security accounts before September 2021, the change would mean a migration to using Login.gov or ID.me so that they can continue to access their account online.
The transition is part of the SSA’s initiative to enhance online security, and many recipients are considering whether an online account is required. According to the SSA, it is not mandatory to use these online services to receive their benefits. However, the SSA does advise that all recipients should choose to create an online account for easier and secure access to information. The SSA also notes that without an online account, beneficiaries will have to rely on phone support, or they will have to visit their local SSA office in person for any updates.
Staying alert of the fake SSA emails in circulation
The fact remains that cybercriminals are also exploiting the SSA website and there has been talks of the launch of a widespread phishing campaign to alert beneficiaries of phishing scams targeting SSA recipients. Thus far, a group called Molatori has been sending fraudulent emails pretending to be from the SSA, encouraging beneficiaries to download attachments or click on suspicious links.
Fraudster emails tend to often state: “Your Social Security Statement is now available. Please download the attachment and follow the instructions.”
Although these fraudulent emails look official and legit, the emails are designed to install a remote access tool ScreenConnect (also known as ConnectWise Control) on the user’s computer. Once installed, hackers can gain full control of the user’s device, steal user’s financial information, and carry out identity theft or fraud.
Ways to spot phishing emails
As per Social Security’s official statement on email scams, there are ways to spot fraudulent emails:
- Check the sender’s domain: Real SSA emails will end in .gov.
- Avoid attachments: The SSA will not ask you to download files to view your benefits.
- Watch for strange file names: Phishing emails may use names like SSAstatment11April.exe or ReceiptApirl2025Pdfc.exe.
- Look closely at the formatting: Scam emails often embed images to avoid being flagged by spam filters.
- When in doubt, do a web search: Paste suspicious email phrases into Google to check if these phrases are linked to other reported scams.
Beneficiaries who think they have been targeted or who have clicked on a suspicious link should immediately run a malware scan using trusted antivirus software in order to detect and block these threats. Social Security mistakes must be avoided in the same way as fake Social Security emails should be avoided.
Actions to take
Citizens who received the legitimate SSA email should:
- Visit SSA.gov to confirm their account status.
- If a citizen’s account was created before September 2021, instructions to transition to Login.gov or ID.me. should be followed.
For SSA beneficiaries who haven’t received this email, they need to check their spam folder particularly if they have an existing SSA account.
Citizens who receive suspicious emails or emails they are unsure about should report these emails immediately to the Federal Trade Commission (FTC) at reportfraud.ftc.gov.
Citizens must remember that something like their Social Security information and their Social Security number are important, and they should not let scammers compromise it. Citizens should protect their personal data while staying up to date with real SSA updates.
