The Current Threat
Government impersonation fraud has reached 684,045 complaints to the FTC, with 64% involving robocalls and an expanding share targeting victims through fake websites. In 2026, scammers have added a new agency to their playbook: the Department of Government Efficiency (DOGE). ScamVerify™ tracks 74,032 malicious domains through URLhaus and has observed a surge in government-themed phishing infrastructure.
The pattern is familiar but the scale is not. Scammers are registering domains that mimic DOGE, IRS, SSA, and other federal agencies at unprecedented rates, exploiting public confusion about government reorganization, benefit changes, and tax policy.
DOGE: The Newest Impersonation Target
The Department of Government Efficiency was created in early 2025, and scammers began impersonating it almost immediately. DOGE is an ideal target because most Americans do not know what it does, how it communicates, or what its official web presence looks like.
How DOGE Impersonation Websites Work
| Element | What Fake Sites Claim | Reality |
|---|---|---|
| Domain | doge-gov.us, doge-efficiency.com, dogerefund.org | DOGE has no public-facing website for citizens |
| Offer | "Claim your DOGE efficiency refund" | DOGE does not distribute refunds |
| Requirement | Enter SSN and bank details to "verify identity" | No agency requests this via website |
| Urgency | "Funds expire in 72 hours" | Artificial deadline to prevent verification |
These sites pair with the DOGE impersonation email campaign that targeted 1,800+ addresses across 350+ organizations. The emails drive traffic to the fake websites, creating a multi-channel attack.
Why DOGE Confusion Helps Scammers
Three conditions make DOGE impersonation unusually effective:
- No established online identity. Unlike the IRS (irs.gov) or SSA (ssa.gov), DOGE has no well-known .gov website that citizens regularly visit. Victims have no reference point to compare against.
- Constant news coverage. DOGE appears in headlines daily, making references to it feel current and plausible rather than suspicious.
- Unclear scope. Public confusion about what DOGE does and does not do means claims about "recovered government funds" or "efficiency dividends" sound vaguely believable.
IRS Impersonation: Still the Largest Threat
The IRS remains the single most impersonated government agency. The IRS included government impersonation on its Dirty Dozen list for the third consecutive year, and fake IRS websites peak between January and April during tax filing season.
Common Fake IRS Website Tactics
- Fake "Where's My Refund" portals that replicate the irs.gov interface and steal Social Security numbers
- Tax transcript download pages that install malware when victims click the download button
- Identity verification forms mimicking the IRS Identity Protection PIN system
- Payment portals demanding immediate tax debt payment via gift cards, wire transfer, or cryptocurrency
The real IRS website is irs.gov. The IRS will never initiate contact via email, text, or social media to request personal or financial information.
SSA Impersonation Targets Seniors
Social Security Administration impersonation websites specifically target older Americans and people nearing retirement. The FTC data shows SSA impersonation complaints skew heavily toward victims over age 60.
How Fake SSA Sites Operate
Scammers create websites claiming:
- Benefits will be suspended unless the victim verifies their identity immediately
- A new Social Security card must be applied for online with a "processing fee"
- Benefit amounts have changed and require account verification
- The victim's Social Security number has been compromised and needs to be "replaced"
The real SSA website is ssa.gov. The SSA will never threaten to suspend your Social Security number, and there is no fee for a replacement Social Security card.
The .gov Rule: Your Single Best Defense
Every legitimate federal website ends in .gov. The .gov domain is managed by CISA (Cybersecurity and Infrastructure Security Agency), and only verified U.S. government entities at the federal, state, local, and tribal levels can register .gov domains.
| Real Domain | Common Fakes | How to Tell |
|---|---|---|
| irs.gov | irs-refund.com, irs-gov-portal.org | Real IRS is always irs.gov |
| ssa.gov | ssa-benefits.com, socialsecurity-gov.net | Real SSA is always ssa.gov |
| va.gov | va-benefits-portal.com | Real VA is always va.gov |
| medicare.gov | medicare-enrollment.org | Real Medicare is always medicare.gov |
Scammers cannot register .gov domains. Any website claiming to be a federal agency that does not use a .gov domain is fraudulent.
How Fake Government Websites Are Built
ScamVerify's URLhaus analysis shows that 81% of malicious domains use .com extensions, and government impersonation sites follow this pattern. As detailed in our analysis of why .com dominates malware hosting, the .com TLD's trusted reputation makes it the preferred choice for phishing operations.
A fake government website can be operational in under an hour:
- Domain registration (5 minutes, $10-12) using a keyword domain like irs-tax-portal.com
- Free SSL certificate (1 minute) from Let's Encrypt for the padlock icon
- Website cloning (10-30 minutes) using scrapers that copy the real agency's HTML, CSS, and images
- Credential harvesting backend (30 minutes) that logs every form submission
The result is a pixel-perfect replica that operates for 24-72 hours before being reported and taken down. By that point, hundreds of victims may have entered their information.
How to Verify Government Websites in 2026
- Check for .gov in the URL. This is the single most reliable indicator. No .gov means no legitimate federal agency.
- Type the URL directly. Never click links in emails, texts, or search ads. Navigate to irs.gov, ssa.gov, or the relevant agency by typing the URL yourself.
- Be skeptical of "new" government programs. If you hear about a government benefit for the first time through a website or email, verify through official channels before providing any information.
- Check the URL with ScamVerify. Run any suspicious government-related URL through the website checker for a multi-source threat analysis.
- Call the agency directly. Use the phone number from the official .gov website, not any number listed on the suspicious site.
Check any URL now
Paste a URL to scan it against 74,000+ threat domains and real-time intelligence.
What to Do If You Entered Information on a Fake Site
- Change passwords immediately for any accounts using the same credentials
- Place a fraud alert on your credit reports at all three bureaus (Equifax, Experian, TransUnion)
- File a report with the FTC at ReportFraud.ftc.gov
- Contact the real agency through their official .gov website
- Monitor your accounts for unauthorized activity for at least 12 months
- Consider a credit freeze if you shared your Social Security number
FAQ
Is DOGE a real government agency?
Yes. The Department of Government Efficiency is a real federal advisory body. However, it does not have a public-facing website for individual citizens, does not issue refunds or payments, and does not contact citizens directly. Any website claiming to offer DOGE-related benefits is fraudulent.
Can scammers register .gov domains?
No. The .gov domain registry is managed by CISA under the Department of Homeland Security. Registration requires proof that the applicant is a legitimate government entity. This makes .gov the most reliable indicator of an authentic government website.
Why are there so many government impersonation complaints?
Government agencies handle sensitive information (Social Security numbers, tax records, health data), and their actions can affect benefits and legal status. This creates natural urgency that scammers exploit. Public confusion about policy changes, reorganization, and new programs like DOGE amplifies the problem.
How do I report a fake government website?
Report it to the FTC at ReportFraud.ftc.gov, to the real agency being impersonated through their .gov website, and to the Anti-Phishing Working Group at reportphishing@apwg.org. You can also submit the URL to Google Safe Browsing at safebrowsing.google.com/safebrowsing/report_phish.
