Online scams have evolved significantly in recent years, leveraging the anonymity and automation of modern technology to target consumers at scale. While some scams still involve human interaction, AI has streamlined and sophisticated many others. To help you navigate this complex landscape, we’ve developed a comprehensive taxonomy of the scams impacting consumers today. Interact with our diagram or read more below.
Phishing scams are deceptive attempts to acquire sensitive information – such as usernames, passwords, and credit card details – by impersonating trusted entities through various channels.
Emails – a common method used to trick recipients into revealing personal information or clicking on malicious links and attachments.
Smishing – a type of SMS scam where scammers impersonate a legitimate organization to prompt recipients to click on a malicious link.
Vishing – voice phishing
, where scammers use phone calls to create urgent scenarios and pressure victims into revealing sensitive information.
Quishing – a form of phishing using fake QR codes to deceive victims into revealing personal details or downloading malware.
Deceptive scams are crafted to trick individuals or organizations into providing money or sensitive financial information under false pretenses, with the primary goal of monetary gain.
Shopping scams – fraudulent online stores or sellers offering goods at attractive prices but either failing to deliver the products or providing counterfeit or inferior items.
Pyramid schemes – fraudulent attempts to make money based on recruiting new participants to the chain. Members pay to join, lured by false promises of high returns for recruiting others.
Ponzi schemes – investment scams where returns are paid to current investors using funds from new participants, falsely suggesting profits come from legitimate business activities.
Investment fraud – fraudulent schemes promising high returns, often using fake companies to lure victims into investing.
Loan scams – a scammer demands an upfront fee from borrowers but never provides the promised loan.
Debt relief scams – scammers exploit individuals with significant debt, offering false promises of relief, such as fake student loan discounts.
Real estate scams – fake real estate listings for rentals or properties for sale, designed to extract money or personal information from interested buyers or renters.
Scammers impersonate trusted individuals or entities to deceive victims into providing money, sensitive information, or access to confidential data.
Identity theft – identity theft occurs when someone steals personal information, such as your name, Social Security number or financial details, to commit fraud, gain unauthorized access to resources, or engage in other deceptive activities. These scams often involve tricking individuals into revealing sensitive information through online methods, social engineering, or other deceitful tactics.
Exploiting emotions to obtain money or personal information.
Romance scams – exploiting emotions through fake romantic relationships to steal money or personal information.
Healthcare scams – promoting deceptive health products with fake treatments and false promises of miraculous cures.
Lottery scams – victims are asked to pay fees or provide personal information to claim a prize they never receive.
Charity scams – soliciting donations for fake charities or causes, often after natural disasters or during times of crisis.
Sextortion scams – blackmailing a victim by threatening to publish nude images or videos unless a demanded price is paid.
Pretending to offer tech support to gain access to a device or extract money.
Tech support – scammers impersonate tech support agents, claiming issues with the victim's device and offering to fix them for a fee. They use this method to install malware or steal personal information.
Targeting individuals to steal money or personal information.
Gaming scams – targeting gamers to steal accounts for financial gain. In 2022, voting scams emerged to steal Steam accounts. Gamers receive a fake message from a 'friend' on Steam or Discord, asking for a vote via a phishing link that grants the scammer account access.
Tax scams – emails or fake calls posing as tax authorities, demanding payment or personal information.
Job scams – scammers create fake job offers to exploit job seekers by demanding upfront payments for training, background checks, or other bogus expenses. They often pose as employers or recruiters, requesting money or personal information under the guise of a job offer.
Targeting companies, businesses, or organizations for financial fraud, data theft, or ransom.
Ransomware – deploying malicious software to infiltrate a computer system or network, encrypt data, and demand payment for its release. Attackers threaten to permanently delete or block access to files unless the ransom is paid. These scams target individuals, businesses, and governments, exploiting software vulnerabilities or using social engineering to gain access.
Whaling or spear phishing – whaling, or CEO fraud, is a type of spear phishing targeting high-profile individuals like CEOs or executives. Attackers aim to trick them into authorizing financial transactions or revealing sensitive corporate information.
Exploiting older individuals’ vulnerabilities, often through phone calls or emails, by taking advantage of their trust or unfamiliarity with technology.
Government impersonation scams – scammers impersonate government officials (IRS, Social Security, Medicare, etc.) to target the elderly, threatening arrest, deportation, or loss of benefits over unpaid taxes or Medicare issues.
Grandparent scams – scammers impersonate a grandchild or close relative in crisis, asking for immediate financial help. They may spoof caller IDs to appear as a trusted source and claim to have been in an accident or arrested. The scammer might ask the grandparent not to tell parents and pass the phone to someone posing as a lawyer demanding immediate payment.
Funeral scams – scammers read obituaries and attend funerals to exploit grieving family members, claiming the deceased had an outstanding debt. They then try to extort money from relatives to settle the fake debt.
Romance scams – scammers create fake social media profiles to target lonely elderly individuals, pretending to be overseas. Once a friendship is established, they demand money for visa fees, medical emergencies, or other fake reasons.
Pension scams – scammers promise elderly individuals better returns on their pension savings by convincing them to transfer or release their pension funds.
Illegal robocalls – unwanted spoofed calls impersonating legitimate organizations, government agencies, or financial institutions to trick individuals into revealing sensitive information or participating in scams. These calls may also use prerecorded messages or automated systems to connect to a live operator promoting fraudulent schemes.
Lottery scams – scammers call elderly individuals claiming they’ve won a lottery prize, then demand money, cash, or gift cards to cover taxes and processing fees.
Fraudulent activities taking place across online platforms.
Travel – fake vacation packages with hidden fees or non-existent accommodations.
Utility – impersonating utility companies to demand immediate payment or threaten service disconnection, or tricking individuals into unwanted subscriptions by offering free trials that automatically convert into paid plans.
Social media – deceptive or fraudulent activities on social networking platforms that exploit trust within online communities to trick users into providing personal information, money, or engaging in actions that benefit the scammer. These scams can occur on platforms like Facebook, X, Instagram, LinkedIn, and others.
Pets – fake pet adoption listings where scammers demand payment for pets that don't exist or aren't in their possession.
Carried out through fake phone calls, including tech support, tax authority, and impersonation scams.
Fraudulent schemes delivered via postal mail, such as lottery scams or fake prize notifications.
AI-generated text can create more sophisticated phishing emails or messages. Scammers may also use AI-generated phone scripts to impersonate customer service representatives and trick individuals into revealing sensitive information. By mimicking the writing style of someone the victim knows or trusts, AI makes scams more convincing and harder to detect.
AI-generated content could flood platforms with spam, scams, or fake reviews and comments, undermining the credibility of online information.
AI can aid social engineering attacks by analyzing publicly available data to craft more targeted and convincing scams, exploiting personal information to build trust.
AI can be manipulated to create convincing fake news, misinformation, or deepfakes, influencing public opinion or causing panic by spreading false content, including fabricated images and videos.
Image and voice manipulation – using voice cloning, scammers can impersonate trusted individuals, such as friends or family, to trick victims into giving money or personal information. AI can mimic a loved one's voice, pretending they're in danger and demanding a ransom. All scammers need is a sample of the victim's voice, which is easily accessible through social media.
Celebrity scams – scammers impersonate celebrities using AI-generated images and videos to promote fake money-making schemes. They exploit the likeness, name, or reputation of well-known individuals to trick people into sharing personal information, sending money, promoting fake products, or engaging in fraudulent investments. Fraudsters may also create fake charities using a celebrity's name to solicit donations for non-existent causes.
Deepfakes – deepfakes involve the manipulation of facial appearances using AI generative methods. With advanced deep learning algorithms, scammers can create realistic, deceptive video or audio content. The term 'deepfake' combines 'deep learning' and 'fake,' and the technology can alter or replace existing content, making it appear as if individuals are saying or doing things they never did.
Fake chatbots – scammers can create AI-powered chatbots that impersonate customer service representatives from legitimate companies to steal sensitive information from unsuspecting individuals.
Fake news – AI can be used to create convincing fake news or misinformation, influencing public opinion or causing panic by spreading false information.