1. Impersonation Scams. Scammers often pretend to be someone you trust—like a bank employee, government official, or even a family member. They may contact you by phone, text, or email, asking for personal information or money. These messages can look real because of spoofed phone numbers or email addresses. Anytime someone contacts you and asks for your banking password, PIN, or security code, or urgently requests that you send money or gift cards, you should be on high alert. If anything about the communication seems off, hang up or delete the message and contact the supposed source directly via their trusted contact information.
2. Fake Links and Apps. Fraudsters can create fake websites and mobile apps that look just like legitimate banking platforms. If you unknowingly enter your login information on them, you could give criminals access to your bank accounts. Phony websites and apps can also infect your device with malware. Watch out for URLs that don’t match your bank’s official website address or contain misspellings or extra characters. You should also only download mobile apps from official app stores and be sure to examine the app’s details and reviews to ensure you’re downloading the right one.
3. Zelle and Peer-to-Peer (P2P) Scams. P2P payment platforms like Zelle, Venmo, and Cash App make it easy to send money—but scammers take advantage of that convenience. Crooks love P2P networks because payments made on them are typically irreversible or difficult to dispute. Beware of ads for goods and services that request payment through these platforms and think twice if you’re contacted and pressured to send money through them. Only use P2P payments to send money to people you know and trust and always verify the recipient’s username or phone number before sending.
4. Account Takeover Scams. In this scam, criminals gain access to your bank account using stolen login information or by tricking you into giving it to them. Once in your account, they can move money, change account settings, or lock you out. Common signs that could indicate your bank account has been compromised include unexpected account changes, strange login alerts, or transactions you didn’t make. Protect yourself by using strong passwords, enabling multi-factor authentication (MFA), and checking your account regularly for suspicious activity.
5. QR Code Scams. QR codes are everywhere—from restaurant menus to advertisements. But scammers can create fake QR codes that lead to dangerous websites or apps that can steal your personal information or infect your device. Be cautious when scanning QR codes found in random places or unsolicited messages. After scanning, always review the URL that pops up, and only click on it if you’re certain it’s the destination you were expecting.
6. AI Voice and Video Spoofing. Scammers are beginning to use deepfake technology to mimic the voices and faces of real people. They might call you or initiate a video chat that looks or sounds like someone you know, asking for money or sensitive information. If anything about a call feels off, trust your instincts. Hang up and call the person back using a known number so you can verify the request.
7. SMS Phishing. “Smishing” is when scammers send fake text messages that look like they’re from your bank or another trusted source. These texts often include links or urgent requests designed to steal your credentials or personal data. Watch out for texts asking for login info or security codes, messages with spelling mistakes, or links that don’t match your bank’s website. Never click on links from unknown numbers and contact your bank directly if you’re unsure whether a text is legitimate.
8. SIM Swap Fraud. In a SIM swap scam, fraudsters trick mobile carriers into transferring your phone number to a new SIM card. This gives them access to your text messages, including those containing authentication codes for your bank accounts. Warning signs that your phone number may have been hijacked include a sudden loss of phone service, alerts about account changes you didn’t make, or unusual login attempts. If you experience any of these red flags, contact your mobile carrier immediately. You can also help safeguard your bank accounts by always using strong passwords and opting for authentication apps instead of text-based codes whenever possible.
9. Subscription Traps. This scam involves “free trials” that quietly turn into expensive subscriptions. Unlike legitimate subscription services that clearly disclose terms and offer straightforward cancellation options, subscription traps are designed to exploit trust and confusion. They frequently target debit and credit card users, knowing that automatic billing can go unnoticed for weeks or months. To help protect yourself, be skeptical of “free trials” that require payment information upfront, and read all terms and conditions carefully before subscribing—especially cancellation policies. You should also always carefully review your bank or credit card statements to ensure there are no unexpected charges from your subscriptions.
10. Social Media Scams. Scammers often use social media platforms like Facebook, Instagram, and TikTok to promote fake products, giveaways, or investment opportunities. These scams often look flashy and exciting but are designed to steal your money or personal information. Be wary of promises of easy money or prizes, requests for payment or sensitive info, and social media accounts with few followers or strange usernames. Always research before making a purchase, and never share private information through social media.
Common Red Flags to Watch For
No matter what the scam is, there are some common signs that should always make you pause:
- Urgency or pressure: Scammers often create a false sense of urgency using language like, “Act now!” or “Your account will be locked!”
- Unusual requests: Be wary if someone contacts you asking for money transfers, gift cards, or sensitive info like passwords and PINs.
- Unfamiliar contact methods: Beware of unexpected calls, texts, emails, or social media messages from someone claiming to be your bank. Remember that if your bank does reach out to you, they’ll never ask you for sensitive information, including security codes.
- Too good to be true: Think twice about promises of easy money, prizes, or guaranteed returns.
- Spelling or grammar errors: Legitimate institutions rarely make grammatical mistakes in official communications.
- Requests to bypass security: Never follow through with a request to disable MFA or share one-time passwords or security codes. You should also be wary of any request to remotely access or control your device.