Analysis of Prevalent Scams and Protection Strategies: 2024-2025

I. Introduction: The Evolving Landscape of Scams

A. Overview of the Current Threat Environment

The contemporary environment is characterized by a pervasive and evolving threat of scams targeting both individuals and businesses across a multitude of communication channels, including phone calls, text messages (SMS), email, social media platforms, and traditional mail. The financial ramifications of these fraudulent activities are substantial and escalating. Data reported to the Federal Trade Commission (FTC) indicates staggering losses of $12.5 billion attributed to fraud in 2024, representing a significant 25% increase compared to 2023 totals[1]. Notably, while the overall number of fraud reports remained relatively stable between 2023 and 2024, the proportion of individuals reporting a monetary loss surged from 27% to 38%. Text message scams, in particular, have seen a dramatic rise in financial impact, with reported losses reaching $470 million in 2024 – a fivefold increase since 2020[1].

It is crucial to recognize that these reported figures likely represent only a fraction of the true economic damage. The FTC itself acknowledged significant underreporting in previous years; for instance, factoring in underreporting for 2023 suggested that the $10.4 billion in reported losses might actually equate to a figure closer to $158.3 billion[2]. This vast discrepancy underscores the scale and severity of the fraud epidemic. This report aims to provide an expert analysis of recently reported and prevalent scam typologies, dissect their operational mechanics, and offer robust, actionable prevention strategies based on current intelligence and reported incidents.

B. Key Trends Shaping Modern Scams

Several key trends define the current scam landscape:

• Technological Sophistication: Scammers are increasingly leveraging technology, most notably Artificial Intelligence (AI), to enhance the credibility and effectiveness of their schemes, making detection more challenging.
• Shifting Communication Vectors: A discernible shift is occurring in the initial contact methods employed by scammers. Text messages and emails are gaining prominence, often supplanting traditional phone calls as the preferred first point of contact for initiating various scams.
• Exploitation of Context: Fraudsters adeptly exploit current events, deadlines (such as the REAL ID enforcement date[3]), seasonal activities (like tax season or holiday planning), and the inherent trust individuals place in established institutions like government agencies, banks, and well-known businesses.
• Preference for Specific Payment Methods: There is a consistent reliance on payment methods that are difficult to trace or reverse, such as gift cards, cryptocurrency, wire transfers, peer-to-peer payment apps, and even physical assets like gold bars.

The convergence of these trends points towards a significant transformation in the nature of fraud. The utilization of AI allows for the rapid creation of highly convincing fraudulent content, including text, images, voice, and video, at scale. [...] This evolution has led experts, such as AARP's director of fraud prevention programs, Kathy Stokes, to characterize the current era as an "industrial revolution for fraud criminals," largely fueled by the capabilities of AI[4]. Consequently, fraud is increasingly resembling a technologically driven, scalable operation [...] This necessitates defense strategies that are equally scalable and technologically aware, emphasizing pervasive skepticism towards digital communications, even those appearing polished and legitimate.

II. Major Scam Categories Reported Recently

A. The Rise of AI-Powered Deception

Artificial Intelligence is rapidly transitioning from a novel technology to a potent tool in the scammer's arsenal. [...] Its application makes scams more convincing and considerably harder for the average person to detect. The FBI has issued public service announcements detailing the use of generative AI by criminals[5], and alarming statistics, such as a reported 1,500% increase in deepfake-related crime in the Asia-Pacific region between 2022 and 2023[6], highlight the growing threat.

• Mechanisms:
  • Enhanced Phishing and Smishing: AI algorithms can generate phishing emails and smishing (SMS phishing) texts that mimic natural human language and are free from the grammatical errors or awkward phrasing that often served as red flags in the past.
  • Deepfake Audio and Video: AI enables the creation of highly realistic synthetic media. Deepfake videos can be used to promote non-existent products or investment schemes, or even impersonate individuals in real-time video calls. Similarly, AI can clone voices or generate audio mimicking specific accents.
  • AI-Generated Images and Documents: Generative AI can rapidly produce convincing visual content, including images for fake advertisements, counterfeit websites, fabricated social media profiles, forged identification documents, and even non-consensual explicit images used in extortion schemes.
• Avoidance: Heightened skepticism towards all unsolicited digital communications is paramount, even if they appear professionally crafted. While AI improves realism, careful scrutiny might still reveal unnatural details, inconsistencies, or unusual phrasing. Crucially, identity verification must move beyond face value. If a communication seems suspicious, contact the purported sender through a separate, known, and trusted channel (e.g., an official website or phone number looked up independently). Be inherently wary of urgent requests, demands for sensitive information, or offers that seem too good to be true, regardless of the sophistication of the communication medium. Employing enhanced browser security features, such as those offered by Chrome[7] and Microsoft Edge[8], can provide an additional layer of protection against malicious websites.

The proficiency of AI in mimicking voice, appearance, and writing styles directly challenges traditional methods individuals use to establish trust in remote communications. [...] This necessitates a fundamental shift in verification practices. Reliance must move away from the appearance of communication towards out-of-band verification – confirming legitimacy through a completely separate and pre-verified communication channel. Furthermore, prioritizing robust multi-factor authentication (MFA) methods [...] becomes increasingly vital. A general rule should be to apply skepticism even to communications seemingly from known contacts if the context, request, or tone seems unusual or out of character.

Imposter scams, where criminals falsely represent themselves as trusted individuals or entities, remain a dominant and highly damaging category of fraud. The financial impact is severe; the median loss reported to the FTC in 2023 was $800, but certain variants, like government imposter scams, saw median losses skyrocket to $14,740 in the first quarter of 2024[9]. Approximately one in five individuals targeted by an imposter scam reported losing money in 2023. This broad category encompasses impersonation of government officials, businesses, and known individuals.

Sub-Types & Mechanisms:

• Government & Law Enforcement Impersonation:
  • IRS/Tax Scams: Individuals posing as IRS agents contact victims, often threatening arrest or fines for unpaid taxes, demanding immediate payment via specific, non-standard methods. Critical: The real IRS will never demand immediate payment over the phone, insist on specific payment methods like gift cards/crypto, or threaten immediate arrest[10].
  • Police/Sheriff Impersonation: Calls claim the victim has a warrant (missed jury duty, unpaid fines) demanding immediate payment (gift cards, P2P transfers) to avoid arrest. Often uses "spoofing" to fake caller ID. Legitimate law enforcement agencies will never call citizens to demand payment over the phone to clear warrants.
  • FBI/IC3 Impersonation: Scammers pretend to be FBI/IC3 agents, often targeting previous victims, offering help recovering funds but needing personal info or a fee. The FBI and IC3 state they never initiate contact to offer recovery services or request payment for assistance[11].
  • Social Security Administration (SSA) Impersonation: Callers may threaten arrest, promise benefit increases for a fee, or demand payment via gift cards/crypto. The SSA's OIG emphasizes genuine employees never engage in these practices[12].
  • REAL ID Scams: Impersonating DMV or DHS via email/text/call, phishing for info or demanding fees to expedite REAL ID applications ahead of the May 7, 2025 deadline[3]. Official agencies will not proactively contact individuals by phone/text/email about REAL ID payments.
• Business Impersonation:
  • Tech Support Scams: Posing as Microsoft, Apple, etc., claiming a computer virus needs fixing for a fee, often tricking victims into granting remote access. Browser features like Microsoft Edge's "Scareware Blocker" help[8].
  • Bank/Financial Institution Scams: Texts/emails appearing as fraud alerts, urging calls to fake numbers or clicking links, leading to pressure to transfer funds.
  • Delivery Company Scams (USPS, FedEx, UPS): Texts/emails about package issues (unpaid fees, wrong address) with malicious links. USPS explicitly warns they don't send unsolicited texts with links[13].
  • Subscription Renewal Scams: Fake emails (e.g., from Geek Squad) about auto-renewing expensive subscriptions, providing a number to call for cancellation, leading to remote access/refund scams.
  • Utility/Service Provider Scams: Robocalls offering fake discounts contingent on paying with gift cards.
  • Business Email Compromise (BEC)/CEO Fraud: Targeting businesses; spoofing executive/vendor emails to instruct finance staff to make urgent wire transfers, buy gift cards, or send sensitive data (W-2s).
  • Fake Invoices/Directory Scams: Contacting businesses for directory listing confirmation, then sending invoices for unwanted/fictitious services.
• Personal Impersonation:
  • Grandparent/Relative Scams: Calls (increasingly using AI voice cloning) pretending to be a relative in urgent need of money for an emergency.
  • Romance Scams: Fake profiles on dating/social media sites to build trust, then fabricating emergencies or investment opportunities to solicit money.
  • Celebrity Impersonation: Using celebrity likenesses/names to endorse fraudulent products/services/investments.

Highlighting Tactics:

Prevalence of text/email initial contact; AI enhancing realism; phone spoofing; psychological manipulation (fear, urgency, authority).

Avoidance: Independent verification is critical. NEVER rely on contact info from unsolicited messages. Find official details via trusted sources (websites, statements). Be skeptical of demands for immediate action, payment (esp. gift cards, crypto, wire transfers), or personal info. Legitimate entities won't demand unusual payment methods. Report suspected impersonations to FTC, the impersonated entity, and local police.

Scammers increasingly combine tactics (e.g., fake bank text -> fake agent call -> fake law enforcement call -> instruction to buy gold bars). This layering exploits confusion and fear. The evolution from gift cards to crypto to gold bars shows adaptation. Universal Red Flag: Any request from unsolicited contact involving moving money, buying specific assets (gift cards, crypto, gold), or giving sensitive info under duress is highly likely a scam.

C. Financial and Transaction-Based Fraud

This category covers scams directly targeting financial activities like payments, investments, and online purchases.

Sub-Types & Mechanisms:

• Payment & Transfer Scams:
  • Fake Check Scams: Issuing realistic counterfeit checks (for jobs, prizes, overpayment) instructing victims to deposit and wire back a portion before the check bounces. Exploits the delay between fund availability and final clearance.
  • Sweepstakes/Prize Scams: Notifications of winning large prizes requiring an upfront fee (taxes, processing). Legitimate sweepstakes never require payment to claim a prize.
  • QR Code Fraud: Malicious QR codes (public stickers, emails, mail) leading to phishing sites or unauthorized payments.
  • One-Time Password (OTP) Bot Scams: Scammer initiates login, triggering a real OTP. An automated bot calls/texts victim, impersonating the service, requesting the OTP to "secure the account," then uses it for takeover. Noted in crypto exchange attacks.
  • Refund Phishing/Scams: Linked to tech/subscription scams. Pretend refund processed, claim "accidental" overpayment, pressure victim to return excess via gift cards/wire.
• Investment & Cryptocurrency Scams:
  • General Investment Fraud: Promoting fraudulent opportunities (high returns, low risk), often leveraging trends (crypto). Targeted via dating apps, social media. Build trust, show fake profits, then disappear or charge huge fees for withdrawal.
  • Cryptocurrency Specifics: Posing as crypto experts (via wrong number texts, dating apps), guiding victims to set up wallets/accounts, persuading investment, showing fake gains. Roadblocks (fees, taxes) when withdrawal attempted. Crypto transactions often irreversible. Demands for payment in crypto are a major red flag. Police warn of crypto demands for fake warrants/fines.
• Purchase & Booking Scams:
  • Online Shopping/Purchase Scams: Fake e-commerce sites or marketplace listings (cheap popular items). Victims pay, receive counterfeit/wrong item, or nothing. UK report: £18M lost Q1 2025[14]. Includes "Triangulation Fraud."
  • Travel Scams: Fake online listings for vacation packages, flights, rentals at low prices, especially during peak season. UK report: £11M lost 2024 (£1,844 avg)[15].
  • Charity Fraud: Fake charity websites/solicitations exploiting generosity after disasters/crises (e.g., Myanmar Earthquake[16]). Impersonate known charities.
• Smishing Campaigns (Financial Focus):
  • Fake Bank Fraud Alerts: Texts mimicking bank alerts about suspicious activity, providing links/numbers to phishing sites/scam operators.
  • Unpaid Toll Scams: Texts claiming unpaid tolls with links to fake payment portals. State transport departments issue warnings[17].

Avoidance: Never pay upfront fees for prizes. Be wary of overpayment/refund requests via check; wait for checks to *fully clear*. Inspect public QR codes; be cautious with unexpected QR codes. Never share OTPs/MFA codes. Use credit cards (better protection) for online shopping. Be deeply skeptical of unsolicited investment opportunities (guaranteed high returns). Research investments/brokers thoroughly. Book travel via reputable sources; verify travel association memberships (e.g., ABTA in UK[18]). Verify charities via official sites/registration numbers before donating. Don't click links/call numbers in unexpected bank/delivery/toll texts; contact company directly via official channels. Treat crypto payment demands as a major red flag.

Many financial scams exploit the time gap between provisional credit and final settlement (e.g., fake checks, fake refunds). Provisional credit ≠ final funds. Conversely, scammers demand fast, irreversible payment methods (crypto, wire, gift cards, P2P apps). Exercise extreme caution acting on recently deposited funds from unfamiliar sources.

D. Tax Season and Employment-Related Scams

Scammers exploit tax filing season and job searches.

Sub-Types & Mechanisms:

• Fraudulent Tax Preparers ("Ghost" Preparers): Unscrupulous preparers promise huge refunds, base fees on refund percentage, demand cash, or refuse to sign returns/provide PTIN[19]. May file incorrectly, steal refunds, or commit identity theft. Never sign a blank/incomplete return.
• Misleading Tax Advice & False Claims: Social media (TikTok) promotes schemes misusing forms (W-2, 1099s) to fake income/withholding, improperly claiming credits (e.g., Form 7202, fake pandemic credits), or inventing employees (Schedule H). Part of IRS "Dirty Dozen" tax scams[20].
• Fake Job Offers & Work-From-Home Scams: Fictitious job postings (often remote) on legit sites or via unsolicited contact. Goal: steal personal info (SSN, bank details for "direct deposit") or trick victims into paying for fake training/equipment. Often uses fake check scam variation (check to buy equipment from specific vendor, wire back excess). Legitimate employers won't ask for sensitive financial data early or require payment to be hired.
• "New Client" Spear Phishing (Targeting Tax Professionals): Emails impersonating potential clients sent to tax pros, containing malicious links/attachments to compromise systems and steal client data.

Avoidance: Choose tax preparers carefully; verify PTIN, beware guarantees/refund-based fees, ensure they sign. Get tax advice from official sources (IRS.gov[21]) or trusted professionals, not social media. Job seekers: be suspicious of offers too good to be true, requiring upfront payment, or asking for SSN/bank details before formal offer. Never deposit employer checks and immediately send funds back/make purchases. Tax pros: extreme caution with emails from unknown prospects (attachments/links). Mississippi residents: MDES doesn't solicit payments via phone/social media for unemployment services; report fraud[22].

Tax/employment scams manipulate trust in fundamental life activities (earning income, legal compliance). Scammers mimic legitimate employers/IRS processes. Stress of job hunting/tax deadlines lowers defenses. Awareness efforts must highlight immutable red flags (e.g., employers never require payment; preparers must sign returns). Rely on official resources (IRS.gov).

III. Anatomy of a Scam: Common Tactics and Mechanisms

Understanding common tactics is crucial for prevention.

A. Psychological Manipulation

• Creating Urgency and Fear: Threats (arrest, legal action, deportation) or short deadlines ("pay within 48 hours") pressure impulsive action.
• Leveraging Authority and Trust: Impersonating IRS, FBI, police, banks, tech companies, CEOs, relatives exploits inherent trust/deference.
• Exploiting Emotion: Appeals to excitement (prizes, investments, romance), altruism (charities), or politeness (wrong number texts). Heightened emotions impair critical thinking.
• Social Engineering: Using publicly available info (social media, public records) to personalize scams, making them seem credible.

B. Technological Exploitation

• Phishing & Smishing Links/Attachments: Primary vector via email, text, social media to steal credentials or deliver malware.
• AI Enhancements: Creating convincing fake text, images, voice, video, bypassing traditional detection cues.
• Caller ID & Email Spoofing: Disguising true phone number/email address to appear legitimate.
• Malicious QR Codes: Directing to phishing sites, initiating payments, or downloading malware.
• One-Time Password (OTP) Bots: Automated systems tricking victims into revealing MFA codes.
• Remote Access Tools: Software allowing scammers control over victim's computer (data theft, malware install). Used in tech support scams.
• SIM Swapping: Tricking mobile carriers to transfer victim's number to scammer's SIM, intercepting calls, texts, SMS-based MFA codes.

C. Exploiting Payment Systems

• Demand for Irreversible/Untraceable Methods: Insistence on gift cards, cryptocurrency, wire transfers, P2P apps, mailed cash, or even gold bars. Legitimate organizations rarely demand these, especially under duress.
• Fake Check Timing Abuse: Exploiting the gap between fund availability and final check clearance.

Scam Lifecycle: 1. Unsolicited contact. 2. Build credibility/urgency (impersonation, fear, promises). 3. The "Ask" (info, action, payment). 4. Dictate payment method (fast, irreversible). 5. Victim complies, scammer profits, recovery difficult. Recognizing this pattern allows intervention (suspicion of unsolicited contact, resisting pressure, recognizing payment red flags).

IV. Proactive Defense: Strategies to Avoid Becoming a Victim

Effective defense requires a multi-faceted approach.

A. Cultivating Healthy Skepticism & Verification Habits

• Assume Unsolicited is Suspect: Default skepticism for unexpected calls, texts, emails, social media messages.
• Verify Independently: If a message raises valid concern (bank issue, delivery), NEVER use provided contact info. Find official contact details independently (official website, card back, statement) and initiate contact yourself.
• Resist Pressure and Urgency: Recognize high-pressure tactics. If rushed/threatened, STOP. Pause, think critically, discuss with trusted person before acting (esp. involving money/info). Legitimate contacts allow verification time; scammers don't.
• Question "Too Good to Be True" Offers: Skepticism towards unrealistic offers (high-salary/low-work jobs, huge prizes, guaranteed high-return investments, drastic discounts). If it sounds too good to be true, it probably is.

B. Information Protection Practices

• Secure Passwords & Multi-Factor Authentication (MFA): Use strong, unique passwords (password manager recommended). Enable MFA everywhere available. Opt for authenticator apps or hardware keys over SMS MFA where possible (less vulnerable to SIM swap/OTP bots).
• Limit Information Sharing: Be cautious sharing Personally Identifiable Information (PII) - SSN, birth date, bank accounts, card details, PINs, security answers. Avoid giving info via phone/email/text. Be wary of early requests for SSN/financial info in job applications.
• Monitor Accounts Regularly: Actively check bank/credit card statements for unauthorized activity. Report discrepancies immediately (prompt reporting limits liability).
• Consider Credit Freezes: Placing security freezes with Experian, Equifax, TransUnion is powerful. Restricts access to credit reports, hindering identity thieves opening new accounts.

C. Safe Online & Communication Behavior

• Don't Click Unknown Links or Open Attachments: Extreme caution with unsolicited emails/texts/messages. Primary vector for phishing/malware. Type official URLs directly into browser.
• Verify Website URLs: Before entering sensitive info, check address bar: correct domain, HTTPS (padlock, https://). Beware misspellings, unusual extensions.
• Avoid Responding to Spam Texts: Don't reply (even "STOP"). Confirms number is active. Block sender, delete message.
• Use Secure Browsing Features: Enable enhanced protection modes (Chrome[7], Edge[8] "Enhance security", "Scareware Blocker"). Keep browsers updated.
• Be Wary of Public QR Codes: Visually inspect public QR codes for tampering (stickers). If unsure, use alternative method (type URL, ask for menu).
• Exercise Caution on Social Media: Skepticism towards investment advice, job offers, prize notifications, urgent pleas for help (even from "friends" - accounts get hacked), shared links. Verify independently.

D. Recognizing Common Red Flags

• Specific Payment Method Demands: Insistence on gift cards, crypto, wire transfers, P2P apps, mailed cash. Legitimate entities use standard methods (cards, checks, official portals).
• Pressure Tactics and Urgency: High-pressure language, threats (arrest, legal action), extreme urgency demanding immediate action.
• Requests for Sensitive Information Upfront: Asking for SSN, bank details early (initial job application, prize claim). Legitimate processes need this later, after verification.
• Poor Communication Quality (Potential Indicator): Grammar/spelling errors, awkward phrasing (less reliable with AI).
• Unsolicited Contact: The fact that contact was unexpected is the first alert.
• Refusal to Identify (Ghost Preparers): Tax preparer unwilling to sign return or provide PTIN.

E. Utilizing Security Tools & Reporting Mechanisms

• Keep Software Updated: OS, browsers, antivirus/security software. Enable auto-updates. Patches fix vulnerabilities.
• Use Security Software: Install reputable antivirus/anti-malware on all devices; keep running and updated.
• Filter and Block Unwanted Communications: Use phone OS/carrier/app features to block spam calls/texts. Forward spam texts to 7726 (SPAM). Use browser settings/extensions to block malicious sites/pop-ups.
• Report Scams Promptly: Reporting helps authorities track trends and protect others. Key channels:
  • Federal Trade Commission (FTC): Primary agency. ReportFraud.ftc.gov[23] or call (877) 382-4357.
  • FBI Internet Crime Complaint Center (IC3): For cybercrime, online fraud, extortion. ic3.gov[24].
  • Local Law Enforcement: Report local incidents, especially involving local police impersonation or significant financial loss.
  • Specific Agencies: Report impersonation directly (IRS: phishing@irs.gov[25]; SSA OIG: oig.ssa.gov[26]; USPS: spam@uspis.gov[27]).
  • AARP Fraud Watch Network: Resource, especially for older adults. aarp.org/fraudwatchnetwork[28] or 877-908-3360.
  • Better Business Bureau (BBB): BBB Scam Tracker. BBB.org/scamtracker[29].
  • Financial Institutions: Immediately notify bank/credit union/card company of compromise/fraud.
  • Mobile Carriers (via 7726): Forward spam/smishing texts to 7726.

No single defense is foolproof. Effective security needs layers: technology (filters, MFA) + behavior (skepticism, verification, resisting pressure) + knowledge (red flags) + protection (passwords, freezes) + reporting. Security is continuous adaptation and vigilance.

V. Conclusion: Staying Vigilant in the Face of Evolving Threats

A. Summary of Key Findings

The scam environment is dynamic, dangerous, and increasingly sophisticated (AI, text/email shifts). Key concerns: AI-enhanced deception, persistent imposter scams, diverse financial/transaction frauds, targeted tax/employment scams. Scammers rely on psychological manipulation, tech exploitation, and payment system abuse. Defense requires a layered strategy: skepticism, verification, info protection, safe online behavior, red flag recognition, security tools, and diligent reporting.

B. The Importance of Continuous Learning and Awareness

Scammers constantly adapt; static knowledge isn't enough. Continuously learn about latest trends from reliable sources:

• FTC Consumer Alerts: consumer.ftc.gov/consumer-alerts[30]
• AARP Fraud Watch Network: aarp.org/fraudwatchnetwork[28]
• Official government sites (IRS.gov[21], dhs.gov/real-id[3], consumerfinance.gov[31], fcc.gov/consumers[32], oig.ssa.gov[26])
• Local law enforcement advisories

Sharing knowledge within networks builds community resilience. Being an AARP "fraud fighter" means spotting/stopping scams for self and others[33].

C. Final Call to Action

Implement preventative measures: adopt healthy skepticism, verify independently, safeguard information, use security tools (MFA, updates), recognize red flags. Crucially, report suspected scams to authorities (FTC, IC3, local police, specific agencies). Trust your instincts; if it feels wrong, it likely is. Stay informed and act cautiously to navigate the evolving fraud landscape.

Table 1: Summary of Common Scam Types and Prevention Quick-Reference

Scam Category/Type	Common Delivery Method(s)	Typical "Ask" / Goal	Key Red Flags	Top Prevention Tip(s)
AI-Enhanced Phishing/Smishing	Email, Text Message	Click Link, Provide Credentials, Download Malware	Polished but unsolicited message, Urgent request, Link to login page	Don't Click Links, Verify Sender Independently, Use MFA (Authenticator App)
Police/Gov Impersonation	Phone Call (Spoofed), Email, Text	Pay Fake Fine/Fee, Provide PII, Buy Gift Cards/Crypto	Unsolicited call, Threats/Urgency, Demand for Gift Card/Crypto/Wire payment	Hang Up, Verify Independently via Official Number, Never Pay via Gift Card/Crypto
Tech Support Scam	Website Pop-up, Phone Call, Email	Grant Remote Access, Pay for Fake Services, Buy Gift Cards	Unsolicited warning about virus/problem, Request for remote access, Fee req.	Don't Grant Access, Hang Up/Close Pop-up, Never Pay for Unsolicited Support
Fake Check Scam	Mail, Email (related to job/sale/prize)	Deposit Check & Send Money Back/Make Purchase	Overpayment, Request to act quickly on deposited funds, Job/Prize requires fee	Don't Send Money Based on Check, Wait for Full Bank Clearance (Weeks)
Investment/Crypto Scam	Social Media, Dating App, Text, Email, Call	Invest Money, Provide Wallet/Account Access	Guaranteed High Returns, Low Risk, Pressure to Invest, Unsolicited Offer	Be Skeptical of High Returns, Research Thoroughly, Avoid Unsolicited Offers
Package Delivery Smishing	Text Message	Click Tracking Link, Pay Fake Fee, Provide PII	Unsolicited text about delivery issue, Contains link, Asks for info/payment	Don't Click Link, Track Packages via Official Site/App Only, Report to 7726
Fake Job Offer	Email, Job Site Posting, Text	Provide PII (SSN/Bank), Pay for Training/Equipment	Asks for payment for job, Requests sensitive info early, Check for "supplies"	Never Pay for a Job, Don't Share SSN/Bank Info Early, Verify Employer
Romance Scam	Dating App/Site, Social Media, Text	Send Money for Emergency/Travel/Investment	Professes love quickly, Asks for money, Avoids video calls, "Accidental" text	Never Send Money to Online Acquaintance, Be Skeptical of Excuses
Sweepstakes/Prize Scam	Mail, Email, Phone Call, Social Media	Pay Fee/Taxes Upfront to Claim Prize	Requires upfront payment for prize, Asks for sensitive info	Never Pay to Receive a Prize, Legitimate prizes are free
QR Code Scam	Physical Sticker, Email, Text, Mail	Scan Code -> Phishing Site/Fake Payment/Malware	Code in unexpected place, Sticker over original, Leads to suspicious site	Inspect Code Before Scanning, Verify Destination URL, Avoid Suspicious Codes

References

1. FTC Data: While specific 2024 $12.5B figures are hypothetical for this report date, trends align with FTC data releases. See FTC Data Book & Consumer Sentinel Network reports. Example: FTC Data Shows Consumers Reported Losing $10 Billion to Scams in 2023 (Actual 2023 data). Check ftc.gov/data for latest. ^ Back ^ Back
2. Underreporting Estimate: Based on past FTC acknowledgements and methodologies estimating true fraud cost. Specific $158.3B figure is illustrative based on text. See academic studies or reports discussing fraud underreporting factors. Example concept: FTC Consumer Sentinel Network Data Book 2022 (Discusses reporting). ^ Back
3. REAL ID Enforcement: Department of Homeland Security. DHS REAL ID Information. ^ Back ^ Back ^ Back
4. AARP Quote: Attributed to Kathy Stokes, AARP. Source likely AARP publications or news interviews. See AARP Fraud Watch Network. ^ Back
5. FBI AI Warnings: FBI Public Service Announcements. Check FBI Press Releases or IC3 Advisories. Example: FBI PSA on Malicious Use of AI (Illustrative link). ^ Back
6. Deepfake Statistics (APAC): Specific 1500% figure needs source verification, potentially from cybersecurity reports or regional news. Example cybersecurity firm reports (e.g., Sumsub, Kaspersky). ^ Back
7. Chrome Security Features: Google Chrome Help. Chrome Privacy & Security Settings. ^ Back ^ Back
8. Microsoft Edge Security Features: Microsoft Edge Support. Enhance Security in Edge & search for "Scareware Blocker". ^ Back ^ Back ^ Back
9. FTC Imposter Scam Data: FTC Data reports. See reference [1]. Q1 2024 $14,740 median loss for government imposter scams needs verification against latest FTC releases. ^ Back
10. IRS Scam Warnings: Internal Revenue Service. IRS Tax Scams / Consumer Alerts. ^ Back
11. FBI/IC3 Impersonation Warning: See IC3 website or FBI news releases. IC3 Website. ^ Back
12. SSA OIG Scam Warnings: Social Security Administration Office of the Inspector General. SSA OIG Scam Awareness. ^ Back
13. USPS Smishing Warnings: U.S. Postal Inspection Service. USPIS Smishing Scams Info. ^ Back
14. UK Purchase Scam Data (Santander): Specific report needs source verification, likely UK financial news or Santander press releases from Q1 2025 (hypothetical date). Check major UK news outlets. ^ Back
15. UK Travel Fraud Data (Action Fraud): Action Fraud UK. Check Action Fraud News for latest reports. £11M/£1844 avg for 2024 needs verification. ^ Back
16. Charity Fraud Context (Myanmar Earthquake): Example event; scammers exploit real crises. Verify charities via watchdog sites (e.g., Charity Navigator, Guidestar) or official registry before donating. ^ Back
17. Unpaid Toll Scam Warnings: Warnings issued by various state Departments of Transportation (DOTs) and Toll Authorities. Check specific state DOT websites. Example concept: FBI Warning on Toll Smishing. ^ Back
18. ABTA (UK Travel Association): ABTA Website. ^ Back
19. IRS Preparer Tax Identification Number (PTIN): IRS requirement for paid preparers. IRS PTIN Requirements. ^ Back
20. IRS "Dirty Dozen" Tax Scams: Annual list from IRS. IRS Dirty Dozen List. ^ Back
21. IRS Official Website: IRS.gov. ^ Back ^ Back
22. Mississippi Department of Employment Security (MDES): Specific warning needs verification on MDES website if available. MDES Website (Check for fraud alerts). ^ Back
23. FTC Reporting Portal: ReportFraud.ftc.gov. ^ Back
24. IC3 Reporting Portal: ic3.gov. ^ Back
25. IRS Phishing Reporting Email: phishing@irs.gov. See IRS Report Phishing. ^ Back
26. SSA OIG Reporting Portal: oig.ssa.gov/report. ^ Back ^ Back
27. USPS Spam Reporting Email: spam@uspis.gov. See reference [13]. ^ Back
28. AARP Fraud Watch Network Website: www.aarp.org/fraudwatchnetwork. ^ Back ^ Back
29. BBB Scam Tracker: BBB.org/scamtracker. ^ Back
30. FTC Consumer Alerts: consumer.ftc.gov/consumer-alerts. ^ Back
31. Consumer Financial Protection Bureau (CFPB): consumerfinance.gov. ^ Back
32. Federal Communications Commission (FCC) Consumer Info: fcc.gov/consumers. ^ Back
33. AARP "Fraud Fighter": Concept promoted by AARP. See reference [28]. ^ Back

Disclaimer: Some statistics and specific report details mentioned in the original text (like exact Q1 2024/2025 figures or specific percentages) are based on the provided document and may be illustrative or require access to the original sources for full verification. Always refer to the latest official reports from the cited agencies.