Common Scams and How to Spot Them

Overview

Scammers combine psychology, technology, and social engineering to trick people into giving up money, account access, or personal data. In my 15 years advising clients on personal finance, I’ve seen fraud move from handwritten letters and door-to-door cons to sophisticated email, phone, and deepfake scams. The good news: many scams share common warning signs you can learn to spot and act on.

How scams have evolved

The internet and smartphones made it easier for fraudsters to scale attacks and impersonate legitimate organizations. Phishing emails and fake websites became common in the 2000s; by the 2010s, voice spoofing and business-email-compromise (BEC) attacks were mainstream. Today, scammers use AI-generated voices, deepfake videos, and social-media profiles to increase credibility. Despite new tools, the core tactics—urgency, fear, and authority—remain constant.

Common scam types (what to watch for)

• Phishing (email, SMS, and social media): Messages that mimic banks, retailers, or service providers asking you to click a link or provide credentials. Look for unexpected messages, misspelled domains, or links that don’t match the displayed address. (Source: FTC — https://www.ftc.gov)

• Imposter scams: Callers or messages claiming to be government officials, tech-support agents, relatives in distress, or company executives. They pressure you to wire money, buy gift cards, or provide account access. The IRS and Social Security Administration warn that government agencies will not demand payment by gift card or wire transfer. (See IRS guidance — https://www.irs.gov and FTC — https://www.ftc.gov)

• Investment and crypto scams: Promises of guaranteed, high returns or insider access to hot investments. Scammers often use fake endorsements or spoofed platforms. Always verify registrations and consult a licensed advisor before investing.

• Romance and dating scams: Fraudsters build emotional relationships online, then invent crises that require money. They often avoid in-person meetings and push for private transfers.

• Tech-support scams: Pop-ups or cold calls claim your computer is infected and ask for remote access or payment for unnecessary services.

• Lottery/Prize scams: Notices that you’ve won a prize but must pay fees or taxes to claim it. Legitimate lotteries don’t ask for upfront payments.

• Gift-card and payment-redirect scams: Demands to pay with gift cards, wire transfers, or cryptocurrency—methods that are hard to reverse.

• Business-targeting scams: Fake vendor invoices, invoice-payments redirected by email compromise, and payroll diversion fraud that target small businesses and accounting teams.

• Rental and marketplace scams: Fake listings, requests for deposits before viewing, or sellers asking for off-platform payments.

• Deepfake and voice impersonation: AI-generated audio or video used to impersonate executives, relatives, or officials, increasing the realism of impostor schemes.

(For sector-specific examples and reporting steps, see our guides: Guide to Reporting Scams to Federal and State Agencies, Recognizing Common Scams: Red Flags and Prevention, and Common Scams Targeting Seniors and How to Prevent Them.)

Red flags that usually mean “scam”

• Unsolicited contact that asks for immediate action or secrecy.
• Requests for payment by gift card, cryptocurrency, wire transfer, or prepaid debit card.
• Pressure to bypass normal processes (e.g., skip a bank’s verification steps).
• Poor spelling, odd email addresses, or links that don’t match the sender.
• Emotional manipulation—claims of an emergency, romantic plea, or sudden opportunity.
• Requests for remote access to your device or for account login credentials.

If you see any combination of these signals, pause. Scammers rely on fast decisions.

Real-world examples (short, anonymized cases from practice)

• A client nearly wired $8,000 to what looked like their vendor because the email included real invoice details. A phone call to the vendor’s verified number revealed the vendor’s account hadn’t changed.

• A retired client was told she owed back taxes and threatened with arrest if she didn’t pay immediately. She hung up, called the IRS using the number on IRS.gov, and confirmed it was a scam.

These illustrate two repeating themes: attackers often reuse public details to appear credible, and a simple verification call prevents most losses.

Immediate steps if you suspect a scam

1. Stop communications. Don’t click links, download files, or provide more information.
2. Document everything: screenshots, emails, call times, phone numbers, and transaction receipts.
3. If money was sent, contact your bank or payment provider immediately to attempt a reversal. Time is critical.
4. Change passwords and enable multi-factor authentication (MFA) on affected accounts.
5. Report the incident: file a complaint with the Federal Trade Commission (ReportFraud.ftc.gov), your state attorney general, and, if applicable, the Consumer Financial Protection Bureau (https://www.consumerfinance.gov).
6. If an identity was stolen, consider a credit freeze and file a police report. You can get the free annual credit report summary and guidance at AnnualCreditReport.com.

Authoritative reporting resources:

• Federal Trade Commission (FTC) — https://www.ftc.gov (ReportFraud.ftc.gov)
• Consumer Financial Protection Bureau (CFPB) — https://www.consumerfinance.gov
• Internal Revenue Service (IRS) — https://www.irs.gov (for tax-related imposter scams)

Prevention best practices (practical, actionable steps)

• Verify before you act: hang up and call the organization using a published phone number. Don’t use numbers or links provided in the suspicious communication.
• Don’t pay with gift cards or crypto: legitimate businesses and government agencies will not require these as payment.
• Use strong, unique passwords and a password manager to avoid reuse across sites.
• Turn on multi-factor authentication (MFA) for email, financial accounts, and social media.
• Keep software and devices updated; use reputable antivirus tools and enable browser protections.
• Limit personal information shared online. Scammers harvest details from social profiles to craft convincing messages.

In my practice I tell clients: assume every unsolicited request is suspect until you verify it. That simple rule prevents 9 out of 10 common scams I see.

Special guidance for vulnerable groups

• Seniors: Scammers often use romance, Medicare, or grandchild-in-distress stories. Assign a trusted family member or advisor to help verify urgent requests and consider adding call-blocking tools. (See resources by the FTC and AARP for senior-specific guidance.)

• Small businesses: Protect accounts payable processes with dual-approval for payments, verify vendor changes by phone, and train staff to recognize BEC and vendor-fraud red flags. We’ve helped clients stop fraudulent vendor-account changes by confirming bank details directly with a known contact.

Recovery steps after financial loss

• Contact your bank, credit card company, or payment service immediately to report the fraud and request reversals.
• File a report with the FTC (ReportFraud.ftc.gov) and your local police department; many banks require a police report for chargeback or reimbursement requests.
• Freeze or monitor your credit: place a fraud alert or credit freeze with the major bureaus (Equifax, Experian, TransUnion).
• If tax identity theft is involved, follow IRS instructions at https://www.irs.gov/identity-theft-fraud-scams.

Recovery is possible but often slow; early reporting improves your chances.

Common misconceptions

• “It won’t happen to me.” Scammers use data and social engineering to target people from all income levels.
• “I can always get my money back.” Reversals depend on the payment method and timing—payments via gift cards, cryptocurrency, or some wire transfers are often unrecoverable.
• “If it looks official, it must be legit.” Scammers spoof domains, use logos, and even purchase web certificates to look credible. Always verify independently.

Short FAQ

• Q: Who should I contact first? A: If money is involved, call your bank or payment provider immediately. Then report to the FTC at ReportFraud.ftc.gov.
• Q: Should I ever give remote access to my computer? A: Only to trusted providers after verifying the request via official support channels. Unsolicited tech-support calls are almost always scams.
• Q: When should I contact law enforcement? A: If you lost money, personal information was used to open accounts, or you were threatened. File a police report promptly.

Useful resources and reading

• ReportFraud.ftc.gov — file complaints and get recovery steps (FTC)
• Consumer Financial Protection Bureau — complaints and consumer guides (CFPB)
• IRS — guidance on tax-related impersonation and identity theft
• Our related site guides: Guide to Reporting Scams to Federal and State Agencies, Recognizing Common Scams: Red Flags and Prevention, Common Scams Targeting Seniors and How to Prevent Them.

Professional disclaimer

This article is educational and does not constitute legal, tax, or personalized financial advice. If you’ve suffered a significant financial loss, contact your financial institution and consult a qualified attorney or licensed financial professional for guidance.

If you want, I can convert this into a printable checklist for seniors or a one-page vendor-fraud checklist for small businesses.