When a scam hits home: How a Hampton email scheme exposed a bigger problem

When a Hampton city email circulated the community’s inboxes, folks found out that it wasn’t what it seemed—hackers had found a way to scam them out of money.

Last month, several Hampton residents opened their inboxes to find what looked like official city emails—messages from “city staff” about planning and rezoning applications. For some, these emails seemed routine. But behind the familiar logos and city language, hackers were waiting. Fake invoices and fraudulent requests for payment left unsuspecting Virginians at risk of losing their hard-earned money.

Stories like this are becoming all too common. In 2024 alone, Virginians lost nearly $294 million to scams—many of which impersonate potential love interests, or local governments and trusted institutions. 

It’s easy to wonder: “Could I have spotted the scam?” 

Many victims and their families report blaming themselves, feeling embarrassed or ashamed.

But the real story is bigger: The platforms that allow these emails to slip through—giant tech companies like Google—often escape responsibility. Tech accountability experts say that, despite knowing about the risks, “Big Tech” companies haven’t done enough to protect everyday people from sophisticated scams.

Meanwhile, the laws that should protect Americans haven’t kept up with the pace of scammer ingenuity. 

Where the government comes in

The federal government is charged with protecting Americans from scammers by enforcing laws against fraud, investigating scams, prosecuting offenders, and holding companies accountable through agencies such as the Federal Trade Commission (FTC), the FBI, and the Consumer Financial Protection Bureau. 

These agencies also propose new rules—such as bans on impersonator fraud—and coordinate with law enforcement partners to address illegal activities.

On the legislative side, Congress can hold tech companies accountable by passing laws that regulate their practices, conducting oversight hearings to investigate company actions, and amending legal protections. Lawmakers can also direct agencies like the FTC to enforce rules, require transparency, and impose penalties for violations—ensuring that tech companies are responsible for consumer harms and data privacy. 

Where things get shady

At the same time, major technology companies spend tens of millions of dollars each year on lobbying and campaign contributions for the lawmakers who shape public policy. 

Tech companies and their executives have donated millions to political campaigns—including significant contributions to both parties and to recent presidential inaugurations. 

Here’s a list of tech companies and executives who donated $1 million or more to Donald Trump’s inauguration fund: Meta (Facebook, Instagram), Amazon, Google, Tim Cook (Apple), Microsoft, Adobe, Uber, OpenAI, Nvidia, and Elon Musk. 

As Trump was sworn into a second term as president, his family and key allies sat behind him on the stage—including Mark Zuckerberg (Meta), Jeff Bezos (Amazon), Sundar Pichai (Google), and Musk. 

This financial support has raised concerns that some politicians are less likely to support strong regulations that hold tech companies responsible for consumer harms. As a result, reforms are often stalled or weakened, leaving individuals—especially children, seniors, and vulnerable adults—to take on much of the responsibility for protecting themselves against online scams.

Read More: Big tech cozies up to new administration after spending record sums on lobbying last year

How to protect yourself

No one should have to face these scams alone—or feel like it’s their fault. Real solutions start with holding tech companies and lawmakers accountable, so every Virginian can feel safe online and in their own inbox. Here are some steps you can take to make the internet safer for yourself and others:

• First, if you receive an email like the folks in Hampton did—something that claims to be from a local government office, for example—verify the sender’s email address carefully. When in doubt, contact the department by going to their official website and finding their contact information—not by clicking any links in the email.
• Familiarize yourself with the signs of phishing scams. Then, if you see one, report it to the FTC.
• Talk to friends and neighbors about these risks. Sharing your story could help someone else avoid becoming the next victim.
• Find out if your representatives in the Senate and in the House of Representatives take donations from Big Tech by going to OpenSecrets.org, entering your representative’s name in the search bar, then reviewing the “Top Contributors” and “Industry Totals” sections for tech company names.
• Write or call your representatives and ask them to put consumer protections above campaign donations. Point to politicians like Mikie Sherrill of New Jersey, who has pledged to ban online advertising targeted at children, restrict the collection of kids’ personal data, and give users more control over their data.