Nobody Panic: Scams
How AI quietly erased the one thing that used to give scams away, and what still works in our favor.
This week, an email landed in my wife's inbox that opened with “Dear Amazon Customer.” Which is already a tell, if you think about it for half a second, because Amazon has known her name since roughly the Obama administration and emails her about an abandoned cart with the urgency of a worried parent. The message explained that an item from a recent order had failed a safety review and was being recalled. It included an order number, a brief apology for the inconvenience, and a link to “request your refund.”
The link did not go to Amazon. It went to a domain that, as far as I can tell, exists for exactly one purpose, and that purpose is not selling phone holders.
She forwarded it to me. Not because she fell for it, my wife is sharper than most cybersecurity awareness training. She forwarded it because it was good. Good enough that she wanted a second pair of eyes on it, and that instinct, the pause before you act, is the most useful security feature any of us have. It’s also the one scammers have spent thirty years trying to switch off.
So this week, Nobody Panic is taking a detour into the history of getting scammed: where it started, how it got this convincing, and what’s actually worth doing about it. Stick around for a QR code that would like access to your Amazon account, a section for founders on what this means for anything you’re building, and a story about a scammer who, I’m fairly sure, finished my book before I did.
A Brief History of Being Lied To (I Promise This Part Is Short)
The word “phishing” was coined in the mid-1990s inside America Online, by people who mostly just wanted free internet access. AOL charged by the hour back then, which by current standards sounds like a plot point from a period drama, and a community of early hackers built a tool called AOHell that let them pose as AOL staff in chat rooms and ask new users to “verify” their passwords. It worked because nobody had been burned by it yet. The first phishing email is, in a sense, the only phishing email that ever had the element of surprise.
Around the same time, a much older scam went digital: advance-fee fraud, better known as the “Nigerian prince” email, technically a 419 scam after the section of Nigerian law it violates. This one predates the internet by decades. It worked by postal mail and fax for years before email made distribution effectively free. A wealthy stranger needs help moving a fortune out of the country, you get a generous cut, you just need to cover a small fee first. The fee is never small enough, and the fortune never arrives.
The Nigerian prince email became so famous it stopped working, less because people got sharper and more because the joke turned into cultural shorthand. Everyone’s seen the email. Everyone’s made the joke about it. Which left the people running these operations with an actual business problem: their most reliable material had been retired by sheer overexposure.
That problem has since been solved. Hold that thought, we’re coming back to it.
The Scammer Who Did the Reading
A while back, I made a mistake I’d recommend against: I replied to a scam message, just to see what would happen. Don’t do this. Replying confirms your inbox is active, and an active inbox gets passed around like a good restaurant tip, except the restaurant is you and the tip is “this one answers.”
In the exchange, I asked, almost as a throwaway line, what specifically about my book had caught the scammer’s attention. I expected nothing, or a generic compliment, the kind of thing you’d get from someone who’d read the cover copy and stopped there.
Two days later, I got a reply. Two days happens to be roughly how long it takes a fast reader to get through a standard novel. And the reply wasn’t generic. It referenced specific events in the book. More than one. With detail.
I want to be precise about why that’s unsettling, because “the scammer read my book” sounds almost like a compliment, and that’s exactly the trap. What it actually demonstrates is that the ability to ingest a full-length text, extract its plot points, and build a personalized pitch around them is now cheap, fast, and being run on strangers at volume. The personal touch that used to require a person paying actual attention is now a feature. It scales. It doesn’t get tired. It never runs out of authors to flatter.
I have a lifelong allergy to good news, which I’ve started describing to people as a personality trait instead of the diagnosable condition it probably is. That allergy is the only reason I didn’t write back. The part of me that wanted, very badly, for someone to have actually read the thing, recognized the bait and still wanted to bite. I trusted the part of me that said this doesn’t add up, and I never replied again. They never followed up either, which tells you something. The system doesn’t waste a second message on a contact that didn’t take the first one.
What AI Actually Changed
Here’s what gets lost in headlines about AI and scams: the scams themselves are mostly the same scams. Advance-fee fraud, romance scams, fake recalls, fake invoices, fake executives asking for a wire transfer. The con is old. What changed is the execution.
For thirty years, the tell was the writing. Bad grammar, strange formatting, a greeting that didn’t match how your bank actually talks to you. “Dear Valued Customer” became a punchline because real institutions don’t talk like that, and scam operations, often staffed by people working under enormous pressure in a language that wasn’t their first, couldn’t fully hide it.
Generative AI deleted that tell. Completely. The fake Amazon recall email my wife received was clean: properly punctuated, correctly formatted, a plausible order number, an appropriately apologetic tone. According to the FBI’s 2025 Internet Crime Report, Americans reported close to $21 billion in losses to internet-enabled fraud last year. For the first time, the report included a dedicated section on AI-related scams, totaling close to $900 million in reported losses, and that figure is almost certainly low, because most people who get scammed don’t report it. Embarrassment does a lot of quiet damage.
The fluency problem goes well past text. In 2025, a finance employee at the engineering firm Arup joined a video call with people who looked and sounded exactly like his company’s CFO and several colleagues, after raising concerns about an email request for a large transfer. The call was meant to verify the request. It did the opposite. Every person on that call except him was an AI-generated likeness, built from publicly available footage of real executives. He authorized transfers totaling around $25 million.
That’s the part worth sitting with: AI’s contribution here is speed and reach. The gap between a convincing lie and a convincing lie that reaches everyone, everywhere, at once, for almost nothing, has basically disappeared.
Is That Amazon “Recall” Text Actually a Scam? (Yes.)
Let’s get concrete, because the email my wife received is part of a wave. Fake Amazon “product recall” messages have been surging in 2026, and they follow a near-identical template: a vague description of an item from a recent order, a fabricated order number, an urgent safety claim, and a link to “request your refund.”
The link is the entire scam. It leads to a page built to look exactly like an Amazon login. Enter your credentials there and you’ve handed over your account, and usually whatever payment methods are saved to it. For the record, and worth repeating every few months: Amazon does not send recall notices by text or email. Real recall information lives inside your Amazon account and on recalls.gov.
What Is “Quishing,” and Why Is It Worse?
There’s a second variant making the rounds, the one with the QR code. It’s a twist on an older trick called “brushing,” where sellers used to ship cheap, unordered items to random addresses so they could post fake verified reviews under those names. The 2026 version adds a “Return Summary” card with a QR code, often attached to an item you genuinely don’t remember ordering. Scan it, and you’ve potentially handed over device and account information without typing a single character.
This is called “quishing,” QR code phishing, and it’s uniquely dangerous for one simple reason: you cannot see where a QR code leads before you scan it. A link in an email at least shows you a URL if you hover over it first. A QR code is a black box until your camera opens it, and by then it’s already loading.
The Checklist
A few rules I actually use, in no particular order of importance, because they’re all the same rule wearing different outfits:
• Check the sending address, not the display name. A name field can say “Amazon Customer Service.” It can say anything. The actual address is the tell. No legitimate company emails you from a Gmail account, a Yahoo account, or a domain with nothing to do with their brand.
• If the domain looks right, look again. Scammers buy domains that are almost correct: an extra letter, a swapped number, a hyphen that shouldn’t be there. This works because we skim, and because “almost right” exploits the same instinct that makes a typo in a flattering email feel forgivable. It’s not a typo. It’s a trap, and it’s built for the part of you that wants the good news to be true enough to act on.
• Never scan an unsolicited QR code. Not on a package, not in an email, not on a flyer taped to a gas pump. If you need to check an order or an account, open the app you already trust and go there yourself.
• Urgency is the product. “Act now.” “Stop using this immediately.” “Your refund expires soon.” Real institutions, Amazon included, are not in a hurry. Scammers are, because urgency is the only thing standing between you and the moment you’d normally stop and think.
• Trust the alarm. If something feels too good, too official, or too perfectly timed to be true, that feeling is information. We want validation. We want to be told, publicly and at scale, that our work and our judgment are good, badly enough that we’ll talk ourselves past red flags to get it. Scammers understand this better than most marketers do. If the alarm goes off, you don’t owe the message a reply, and you don’t owe it your curiosity. Close it.
Screenshot This. It Will Come In Handy Later.
For Founders: You’re Building the Same Tools
Everything that made that Amazon email convincing, and everything that let a scammer turn my book into a personalized pitch, is also a feature set. Personalization at scale. Fluent generated text. Fast content ingestion and summarization. These are exactly the capabilities a lot of founders in this space are racing to ship, and for good reason, they’re genuinely useful in legitimate products too.
Which means the line between “helpful AI feature” and “scam infrastructure” is mostly a question of who’s holding it and what they’ve asked it to do, and that line is invisible from the outside. If you’re building anything that personalizes outreach, summarizes a user’s content, or drafts communications on someone’s behalf, you’re building something that works exactly as well for a phishing operation as it does for your actual customers. Treat abuse cases as part of the product spec from day one, not a cleanup task for after the first incident report.
There’s also a verification problem worth sitting with. The Arup call worked because the verification step itself, a video call with recognizable colleagues, was the thing that got faked. If the trust signals your product relies on (a familiar voice, a familiar face, a familiar writing style) can be replicated by the same class of tools your product is built on, “it looked right” stops meaning anything. Out-of-band verification, a second channel the AI can’t touch, isn’t a nice-to-have feature anymore. It’s load-bearing infrastructure, and it belongs in the build, not bolted on after the first incident.
(If you read last week’s piece on the chatbot that told a state investigator it had a medical license, this is the same accountability question wearing a different hat: AI capability is moving faster than the guardrails meant to contain it, and “we didn’t intend for it to be used this way” is a sentence regulators are increasingly unimpressed by.)
Nobody Panic
Here’s the unglamorous conclusion: the scams aren’t smarter. The execution is. The fake Amazon email isn’t trying to outthink you, it’s trying to reach you before you start thinking. The QR code isn’t trying to be clever, it’s trying to be fast. And the message that “read my book” wasn’t trying to prove it understood my writing. It was trying to reach the part of me that wanted, very badly, for that to be true.
The defense is the same one that’s worked for thirty years, mostly because it doesn’t depend on technology at all: slow down, check the actual address, don’t scan the code, and when that quiet alarm goes off, let it win. Every single time.
Nobody panic. Just double-check the email address.
Worst scam email you've ever gotten? Hit reply, I'm collecting these for a follow-up.
Sources
FBI, 2025 Internet Crime Report / Internet Crime Complaint Center (IC3), fbi.gov
AARP, coverage of the FBI and FTC 2025 fraud loss figures, April 2026
Bitdefender HotForSecurity, “How Amazon Recall Scams Work,” 2026
Trend Micro, reporting on QR-code “brushing” variants of the Amazon recall scam, May 2026
Reporting on the Arup deepfake video call fraud, 2025