Loading…
Loading…
How specific scams play out on particular platforms, via particular payment methods, and in particular countries.
How romance scammers operate specifically on Instagram — from DM openers to steering you off-platform — and how to stay safe.
How pig-butchering investment scams use WhatsApp's private messaging, group features, and end-to-end encryption to groom victims over weeks before introducing a fraudulent trading platform.
How fraudulent 'like and earn' or 'app review' task scams use Telegram channels, bots, and anonymous accounts to recruit workers, collect small deposits, and then vanish.
How fraudulent sellers exploit Facebook Marketplace's local listings, Messenger integration, and Facebook Pay to take payment and disappear — or ship nothing at all.
How crypto giveaway fraud exploits X's reply threads, impersonation of verified accounts, and fast-moving tweet culture to trick users into sending cryptocurrency they will never recover.
How fraudulent recruiters exploit LinkedIn's professional credibility, job search culture, and InMail system to phish credentials, collect personal data, or advance investment and advance-fee scams.
How attackers phish Instagram login credentials, hijack accounts, and then use those accounts to scam the victim's own followers — and how to recover access and prevent it.
How fraudulent shops exploit TikTok's viral product videos, LIVE shopping events, and seamless checkout links to sell counterfeit or non-existent goods to unsuspecting viewers.
How romance scammers use Snapchat's disappearing messages, Snap Map, and streaks culture to build false intimacy with victims before steering conversations toward financial requests.
How fraudulent AI trading platforms use YouTube livestreams, monetised ads, and deepfake celebrity endorsements to funnel viewers into fake crypto investment schemes.
How counterfeit products are sold through eBay listings, the signals that separate genuine items from fakes, and how to use eBay's Money Back Guarantee and external routes to seek redress.
How attackers use Discord DMs, fake bot invitations, and phishing links disguised as game rewards to steal gaming account credentials and in-game assets.
How scammers pose as brand or Facebook support agents in comments and Messenger to harvest account credentials, card details, and remote access from people seeking legitimate help.
How fraudulent part-time job offers use WhatsApp groups, fake HR managers, and staged 'commission' payments to collect deposits from people seeking flexible work.
How sextortion scammers use Snapchat's disappearing content to build false confidence before threatening to distribute intimate images — and why paying never stops the demands.
How phishing emails mimic banks, couriers, and government agencies to harvest login credentials and card details — the header signals, link tricks, and habits that protect you.
How smishing messages impersonating parcel carriers reach millions of phones and harvest card details through lookalike payment pages — why SMS makes these harder to verify, and how to protect yourself.
How fraudulent crypto giveaway channels use Telegram's anonymous groups, pinned messages, and bot-driven fake engagement to steal cryptocurrency from users seeking free tokens.
How fraudulent online retailers buy Google Ads to appear above legitimate search results, collect payment for goods that never arrive, and how to verify before you buy.
How romance scammers use Facebook's profile system, friend suggestions, and Messenger to build false relationships — and the profile signals that reveal a scammer before emotional investment deepens.
How fraudulent investment mentors use WhatsApp groups to simulate a community of successful traders, build credibility through staged wins, and collect fees for courses and platforms that deliver nothing.
How fake tech support operators use YouTube comment sections, pinned links under tech help videos, and fake tutorial channels to direct viewers to fraudulent phone numbers and remote-access sessions.
How fraudulent sellers and buyers exploit Craigslist's anonymous classifieds, unverified listings, and cash-or-transfer payment culture to defraud both sides of transactions.
How fraudulent phone callers — posing as government agencies, utility companies, or tech support — use the voice channel's authority and urgency to steer victims toward buying gift cards and reading the codes aloud.
How fraudulent job listings on major job boards harvest personal data, charge upfront fees, or pivot to task and investment scams — and how to vet a job posting before applying or sharing any information.
How wallet drainer malware and phishing links are distributed through Discord servers, compromised bots, and fake NFT or token mint announcements — and how to protect your crypto wallet from on-chain theft.
How fraudulent online shops use Instagram's paid advertising to reach targeted audiences with stolen product photos, collect payment, and deliver nothing — or ship poor-quality counterfeits.
How romance scammers exploit dating app matching systems, profile verification gaps, and in-app messaging to build trust before steering victims off-platform and into financial requests.
How AI-generated celebrity endorsement videos are used in Facebook paid ads to promote fraudulent investment platforms — how to identify synthetic media, and why the celebrity's apparent involvement is always fabricated.
How smishing campaigns exploit SMS's lack of a sender-domain check, alphanumeric sender ID spoofing, and mobile-browser URL truncation to harvest credentials and card details at scale.
How romance scammers use WhatsApp's voice notes, profile photos, and status updates to manufacture intimacy — and why the platform's end-to-end encryption leaves less evidence for victims to show authorities.
How task scam operators use TikTok's algorithm, DMs, and creator culture to recruit workers into fake 'app rating' and 'boosting' jobs that collect deposits and deliver nothing.
How fraudulent store-fronts use Facebook Marketplace's category listings, Messenger checkout flows, and profile recycling to sell goods that never arrive — distinct from individual seller fraud.
How fraudulent crypto giveaway streams hijack YouTube channels, impersonate celebrities using pre-recorded footage, and run continuous 'send to double' scams — and why this format has no legitimate version.
How attackers use phishing snaps, verification code requests, and third-party app lures to hijack Snapchat accounts — then use those accounts to scam the victim's friends through trusted-sender messages.
How fraudulent investment promoters exploit Reddit's upvote system, community trust, and pseudonymous accounts to pump penny stocks, fake crypto projects, and fraudulent trading platforms.
How fraudulent retailers use Pinterest's shoppable pins, board curation, and aspirational aesthetics to funnel users to fake storefronts that collect payment for goods that never arrive.
How fraudulent task and micro-job listings exploit Indeed's job board credibility to recruit workers into deposit-based scams — and why a listing on a major job board is not a guarantee of employer legitimacy.
How romance scammers exploit Tinder's swiping mechanic, profile photo norms, and conversational immediacy to manufacture emotional closeness before steering victims toward financial requests.
How fraudulent tech support operators buy Google Search ads to appear above legitimate company support pages — intercepting users seeking real help and redirecting them to scam phone numbers.
How fraudulent crypto investment accounts, fake trading signal groups, and impersonation of finance influencers on X recruit victims into fraudulent platforms — distinct from giveaway scams.
How pig-butchering fraudsters use Instagram's follow, DM, and Reels features to build fake romantic trust before pitching a fraudulent crypto trading platform.
How fraudsters use fake Facebook pages, Messenger links, and lookalike login prompts to steal account credentials and personal data.
How fraudsters exploit Telegram channels, bots, and group chats to promote fake investment schemes and steal funds from victims.
How fraudsters use LinkedIn's professional context — fake job offers, connection requests, and InMail — to harvest credentials, deliver malware, and commit financial fraud.
How pig-butchering investment scams use Facebook groups, friend requests, and Marketplace to build relationships before pitching fraudulent trading platforms.
How fraudulent crypto and forex trading platforms are promoted through Discord servers, bots, and DMs to recruit victims who lose deposited funds.
How scammers use LinkedIn's professional networking context to build fake romantic relationships that lead to financial fraud.
How cryptocurrency fraudsters exploit X's reply threads, impersonation of verified accounts, and paid promotion to lure victims into fake giveaways and fraudulent platforms.
How fraudulent investment schemes use YouTube ads, livestream impersonation, and fake tutorial channels to recruit victims into fraudulent platforms.
How fraudulent sellers abuse Amazon's marketplace model to collect payment for goods they never deliver or to sell counterfeit products.
How email phishing impersonates banks, retailers, and government agencies to harvest credentials, install malware, and commit financial fraud.
How fake app-rating and product-review jobs are distributed through WhatsApp bulk messaging and then steal money from victims via deposit demands.
How fraudsters impersonate Amazon customer service to harvest account credentials, trick victims into gift card purchases, or install remote-access software.
How fraudulent investment schemes use Facebook ads, groups, and fake celebrity endorsements to recruit victims into platforms that steal their money.
How fraudsters impersonate bank support, WhatsApp itself, and tech companies on WhatsApp to steal account credentials and financial information.
How fraudsters use TikTok's video format, creator impersonation, and DM links to deliver phishing attacks and recruit victims into investment fraud.
How fraudulent parcel-delivery notifications arrive via WhatsApp — impersonating couriers to harvest personal details or collect small fraudulent fees.
How fraudulent sellers abuse Etsy's handmade marketplace trust to collect payment for items that do not arrive or are misrepresented.
How romance scammers use TikTok's comment section, DMs, and LIVE feature to build fake relationships that lead to financial fraud.
How pig-butchering investment fraud uses Tinder match patterns, fast-burn emotional investment, and off-platform migration to groom victims for fake trading platforms.
How fraudsters place fake customer-service phone numbers in Google search results and paid ads to intercept people seeking genuine support.
How investment fraudsters exploit Snapchat's disappearing messages, Stories, and young user base to promote fake money-flipping and crypto investment schemes.
Scammers post fake rental listings on Facebook Marketplace, collecting deposits or first-month rent before disappearing. The platform's open listing system makes it easy to impersonate legitimate landlords.
Attackers send DMs and comment-links on Instagram that lead to fake login pages designed to steal account credentials. Stolen accounts are then monetised through follow-for-pay schemes, crypto promotion, or extortion.
Fraudulent sellers on TikTok Shop use viral-style product videos to sell counterfeit or non-existent goods, exploiting the platform's impulse-purchase environment. Victims receive fakes, empty parcels, or nothing at all.
Fraudsters create convincing company profiles and recruiter personas on LinkedIn to lure job seekers into paying upfront fees, surrendering personal data, or performing unwitting money-mule tasks.
Pig-butchering operators have expanded onto Discord, infiltrating crypto and gaming servers to build trust with users before steering them to fraudulent trading platforms. The platform's pseudonymous culture aids their deception.
Gumtree attracts a range of marketplace scams, from overpayment cheque fraud targeting sellers to phantom buyers who send fake payment confirmations. Both sellers and buyers face distinct risks on the platform.
Telegram's large group capacity and end-to-end encryption make it a primary channel for promoting fraudulent crypto and forex trading platforms. Signal-provider groups funnel members to fake exchanges that steal deposits.
Phishing attacks on X/Twitter target users with fake account verification requests, impersonated customer support accounts, and malicious links disguised as airdrop claims that drain connected crypto wallets.
Fraudsters monitor Reddit for posts about banking, crypto exchanges, and tech problems, then respond via DM posing as official support staff. Victims who engage hand over credentials, remote access, or payments.
Fraudulent retailers pay for Google Shopping placements to appear alongside legitimate products, tricking consumers into ordering from sites that deliver counterfeits, inferior substitutes, or nothing at all.
Instagram-based task scams recruit victims to like posts, follow accounts, and boost content in exchange for promised earnings, then demand account balances or activation fees that are never repaid.
Scammers migrate romance fraud onto Signal after initial contact elsewhere, using the app's encryption and disappearing messages to make evidence collection nearly impossible. Investment requests follow.
Scammers add victims to WhatsApp investment groups populated with fake members, then use staged trading tips and group 'wins' to convince targets to invest in fraudulent crypto platforms through the group's recommendation.
Scammers run fake YouTube livestreams and channels using deepfake footage of Elon Musk, Vitalik Buterin, and other figures to promote crypto giveaways and fraudulent platforms. Victims who send crypto to participate lose their funds permanently.
Facebook's large adult user base and Messenger's familiarity make it a prime channel for pig-butchering operators who build romantic relationships through friend requests and daily Messenger chat before introducing crypto investment fraud.
Investment fraudsters use WhatsApp broadcast lists and channels to distribute fake trading signals and promote fraudulent investment platforms, exploiting the app's trusted contacts framework to lend credibility to their approach.
Phishing on Telegram targets users with fake bot notifications, admin impersonation messages, and malicious mini-apps that harvest account login codes and crypto wallet seed phrases.
Fraudulent sellers use Snapchat Stories and DMs to promote fake limited-edition clothing drops, trainers, and electronics. The ephemeral nature of Snapchat makes complaints harder to document and enables rapid reselling of the same victims.
Pig-butchering operators systematically use dating apps as recruitment channels, establishing romantic connections before introducing fraudulent crypto trading platforms. Dating app matches are the most common initial contact point for this category of fraud globally.
eBay scammers contact potential buyers or sellers outside eBay's checkout system, claiming payment or shipping is easier through alternative channels. Buyers who comply lose eBay Money Back Guarantee protection.
Discord's server-based communities and direct-message system are exploited by phishers who clone official bots, send fake nitro giveaways, and hijack high-value accounts.
WeChat's ecosystem of mini-programs, QR codes, and Official Accounts gives phishers multiple entry points to steal credentials and WeChat Pay balances.
Facebook's advertising system and Groups are routinely exploited to promote fraudulent investment and trading platforms using celebrity deepfakes and community trust.
Instagram's aspirational culture and influencer economy make it a prime channel for fake trading platforms that use lifestyle imagery, fake profit screenshots, and paid promoters to recruit victims.
WhatsApp's encrypted group chats are used to run fake 'VIP investment clubs' that funnel members toward fraudulent trading platforms through a mix of social proof, fake profits, and controlled group dynamics.
LinkedIn's professional credibility makes it a high-value hunting ground for pig butchering scammers who pose as successful executives, fund managers, or wealthy entrepreneurs to build investment-focused relationships.
Telegram's large group capacity, bot ecosystem, and absence of content moderation make it the primary off-platform destination for pig butchering scammers and the source of fake trading group invitations.
Reddit's investment and crypto subreddits attract pig butchering scammers who post helpful advice to build credibility, then DM interested users with personalised platform recommendations.
Discord servers posing as legitimate task platforms recruit users with offers of cryptocurrency rewards for simple jobs, then demand 'activation deposits' before any earnings can be released.
Signal's reputation for privacy and security is exploited by task scammers who frame the app as proof of their operation's legitimacy, recruiting victims via WhatsApp before migrating them to Signal for tighter control.
Discord's gaming and interest-based servers create a context where deep personal connections develop quickly, making it a growing venue for romance scammers targeting emotionally invested community members.
WeChat's Moments feature and group chat invitations enable romance scammers to cultivate relationships within Chinese-speaking diaspora communities before steering victims to fraudulent investment platforms.
Discord's crypto and NFT communities are targeted by wallet drainers, fake token launches, and compromised announcement channels that direct users to malicious sites.
Reddit's crypto subreddits are targeted by recovery scammers, fake project shills, and seed phrase fishing attempts through posts, comments, and DMs.
Facebook Messenger and Facebook ads are used to send fake parcel delivery notifications that harvest personal and payment details through convincing courier-branded pages.
TikTok's viral short-video format amplifies fake investment advice, fraudulent trading platform promotions, and crypto giveaway scams to vast audiences through a powerful recommendation algorithm.
Telegram channels and groups posing as cryptocurrency recovery agencies, fraud investigation firms, and legal services target previous scam victims with false promises of fund retrieval for an upfront fee.
Gumtree's classifieds format attracts fake rental listings — often copied from legitimate sites — where landlords demand advance payments before any property viewing.
Amazon's third-party marketplace is exploited by scammers who create fake seller accounts, ship empty boxes or counterfeit goods, and manipulate the review system to appear trustworthy.
Etsy's handmade and vintage marketplace is exploited by scammers who list dropshipped factory goods as handmade, sell non-existent digital downloads, and run off-platform payment diversion schemes.
Scammers infiltrate Nextdoor neighbourhood groups to promote fake investment schemes, exploiting the platform's community trust and the assumption that neighbours would not deceive one another.
Fraudulent retailers use WeChat's Moments feature and private mini-program shops to sell counterfeit or non-existent goods, exploiting the platform's closed ecosystem where buyer protection is minimal and disputes are difficult to escalate.
Fraudsters hijack popular Twitch channels or create lookalike streams to broadcast fake celebrity crypto giveaways, using live-stream legitimacy and real-time countdown timers to pressure viewers into sending cryptocurrency to a 'doubling' address.
Scammers create or hijack Nextdoor profiles to post fake buy-sell-trade listings, exploiting the platform's neighbourhood verification model to make fraudulent sellers appear more trustworthy than anonymous marketplace contacts.
Fake recovery agents monitor Reddit communities focused on fraud, scam victims, and cryptocurrency losses, offering to retrieve lost funds in exchange for upfront fees — a secondary scam that victimises people who have already been defrauded.
Fraudulent employment offers proliferate on Instagram through Stories ads, Reels, and direct messages, promoting flexible remote work, brand ambassador roles, and social media manager positions that require upfront payments for training kits or certifications.
Scammers create convincing Bumble profiles to establish romantic connections before steering victims toward financial requests, fake investment platforms, or emergency money transfers — exploiting Bumble's women-first messaging model to appear non-threatening.
Pinterest's aspirational content ecosystem is exploited by task scam recruiters who post Pins advertising flexible home income opportunities, directing users to WhatsApp or Telegram groups where advance-fee task fraud is operated.
Scammers create detailed Hinge profiles using AI-generated or stolen photos to establish convincing romantic connections, before steering matches into financial scams including crypto investment, emergency money requests, or advance-fee schemes.
Scammers operate within Reddit's buy-sell-trade subreddits (r/Knife_Swap, r/GunAccessoriesForSale, r/photomarket, r/Flipping) using aged accounts with fabricated trade histories to sell counterfeit, non-existent, or misrepresented goods.
Scammers exploit Signal's privacy reputation to create a false sense of exclusivity and security around fake investment groups, using the encrypted platform to evade detection while recruiting victims into advance-fee and pig butchering schemes.
Facebook's advertising system, Groups, and Pages are exploited by crypto scammers running fake celebrity endorsement ads, fraudulent giveaway campaigns, and pig butchering recruitment operations targeting users across age groups.
Scammers impersonate the official support channels of crypto exchanges, software platforms, and financial services on Telegram, harvesting login credentials, seed phrases, and personal data from users seeking genuine help.
Scammers infiltrate Meetup groups to establish in-community trust before transitioning contact to private messaging, where they build romantic relationships and eventually present financial crises or investment opportunities.
Investment scammers use TikTok's short-form video format and algorithm-amplified reach to promote fake trading courses, pump-and-dump crypto schemes, and fake 'trading mentor' accounts that redirect followers to fraudulent platforms.
How romance scammers exploit Nextdoor's neighbourhood-trust model to build credibility before pivoting to financial requests.
How investment fraudsters use Twitch livestreams, chat raids, and fake influencer accounts to promote fraudulent trading platforms and crypto schemes to a young audience.
How fraudulent sellers use Signal groups and direct messages to sell non-existent goods, exploiting the app's privacy reputation to evade accountability.
How crypto scammers use Discord support impersonation, fake bot prompts, and compromised server announcements to steal wallet seed phrases.
How counterfeit and misleadingly described goods circulate on Etsy, exploiting the platform's handmade brand to pass off mass-produced or fake items as authentic artisan products.
How phishing attacks exploit WeChat's mini-programs, QR code sharing, and group chats to steal credentials and payment details from users.
How fake cryptocurrency airdrop scams spread through X using compromised verified accounts, reply spam, and promoted posts to drain wallets.
How fraudulent sellers on Facebook Marketplace use fake listings, Zelle and Venmo payment scams, and fake buyer overpayment schemes to defraud both buyers and sellers.
How parcel delivery phishing scams spread via Telegram messages, using channel forwarding and bot-generated links to harvest card details from recipients.
How fraudulent sellers use TikTok Shop, TikTok LIVE commerce, and influencer-linked storefronts to sell counterfeit or non-existent goods to viewers.
How fraudulent recruiters on LinkedIn use convincing profiles, phantom job listings, and interview processes to harvest personal data or extract fees from job seekers.
How fake cryptocurrency giveaways spread on Instagram through impersonated celebrity accounts, sponsored posts, and Stories that require sending crypto first to receive more.
How romance scammers exploit Bumble's women-first messaging model to establish credibility before pivoting to financial requests or investment pitches.
Fake crypto giveaways flood Discord servers and DMs, promising to double or multiply any cryptocurrency you send to a given wallet. No legitimate project ever requires you to send crypto first to receive more.
Attackers distribute malicious links through Discord DMs and compromised servers that, when clicked and connected to a crypto wallet, instantly drain all assets. These attacks take seconds and are irreversible.
Scammers impersonate buyers and sellers in gaming-focused Discord servers to steal in-game items, accounts, or real money through fake escrow arrangements and fraudulent item trades.
Bots and users in gaming Discord servers promise free in-game currency or premium items in exchange for account credentials, survey completions, or payments — all of which deliver nothing while stealing data or money.
Phishing attacks on Discord harvest login credentials, Nitro gift codes, or wallet keys through malicious links sent via DMs, compromised servers, or bots impersonating Discord's own notifications.
Attackers hijack Discord accounts through phishing, credential stuffing, and social engineering, then use the compromised accounts to scam the victim's friends and server communities.
Fraudulent charity solicitations spread through Reddit posts and DMs, particularly following disasters or viral causes, directing donations to personal wallets or sham organisations.
Phishing attacks on Reddit harvest account credentials through fake login pages, malicious links in posts or DMs, and impersonation of Reddit admins or moderators requesting account verification.
Scammers pose as tech support agents in Reddit help subreddits or via DM, convincing victims to call fraudulent phone numbers or grant remote access to their devices.
Fake cryptocurrency giveaways appear in Reddit posts and DMs, impersonating well-known figures or projects and requiring victims to send crypto first to receive a larger promised return.
Fraudulent trading platforms are promoted through Reddit posts, subreddit takeovers, and DM campaigns, collecting deposits that appear to grow in fabricated dashboards but can never be withdrawn.
WeChat is a primary operating environment for pig-butchering fraud, with scammers using the platform's contact-discovery features and group-chat infrastructure to build trust before introducing fraudulent trading platforms.
WeChat romance connections can escalate into blackmail when scammers solicit intimate images then threaten to share them with the victim's contacts unless payments are made.
Task scam recruiters use WeChat groups and direct messages to offer paid micro-tasks, then extract cryptocurrency deposits from victims under the guise of unlocking earnings.
Fraudulent trading apps are distributed through WeChat contacts and mini-programs, mimicking legitimate brokers with convincing interfaces while blocking all attempts to withdraw deposited funds.
Fraudulent recruiters use WeChat to lure job seekers into paying upfront fees, providing personal documents, or joining task scam operations under the cover of legitimate employment offers.
Scammers use WeChat's personal social features to establish romantic or friendly connections and then groom victims into cryptocurrency investments on fraudulent platforms, combining emotional manipulation with financial fraud.
Phishing attacks on WeChat steal account credentials, WeChat Pay details, and linked bank information through malicious mini-programs, fake login pages, and impersonation of official service accounts.
Scammers maintain long-term fake romantic personas on WeChat, extracting repeated financial transfers through fabricated emergencies, investment requests, or business 'opportunities'.
WeChat group chats and personal contacts are used to promote fraudulent investment opportunities ranging from fake funds to unregulated forex schemes, often backed by staged testimonials from coordinated group members.
Pig-butchering operators route victims to Signal after initial contact elsewhere, exploiting the app's privacy-first reputation to discourage external scrutiny and create a closed communication environment for the fraud.
Fraudulent recruiters conduct fake hiring processes on Signal, collecting upfront fees, identity documents, and personal information under the cover of a legitimate job offer.
Cryptocurrency scams operate through Signal groups and private messages, promoting fake tokens, fraudulent exchanges, and wallet-draining schemes in a privacy-protected environment that limits platform moderation.
Phishing attacks on Signal distribute malicious links through group messages and individual chats, targeting cryptocurrency wallet credentials and account logins with links that appear to be from trusted contacts or official services.
Signal's disappearing-message feature is exploited by romance blackmailers who cultivate intimate conversations then delete their own messages, retaining evidence of the victim's disclosures while eliminating any proof of provocation.
Signal accounts are taken over through SIM-swap attacks and registration code theft, giving attackers access to the victim's contacts and the ability to impersonate them in ongoing conversations.
Fake fund-recovery services operate on Signal, targeting victims of other scams with promises of retrieving lost cryptocurrency or funds — then collecting additional fees while delivering nothing.
Pig-butchering scammers exploit Viber's large user base in Southeast Asia, Eastern Europe, and the Middle East, using the app's community and direct-message features to cultivate investment fraud relationships.
Fraudulent trading apps are promoted through Viber groups and direct messages, particularly targeting communities in regions where Viber is a primary communication platform, with convincing interfaces that ultimately block all withdrawals.
Task scam operators use Viber groups and direct messages to recruit workers for fake micro-task platforms, extracting cryptocurrency deposits under the guise of unlocking earnings.
Phishing campaigns on Viber distribute malicious links through mass messages and group posts, targeting banking credentials, parcel-delivery data, and government-service logins with convincing impersonation pages.
Romance blackmailers use Viber to cultivate intimate connections and then extort victims by threatening to share sensitive content with Viber contacts or public platforms unless payments are made.
Fake recruiters use Viber to deliver fraudulent job offers, collect processing fees, and harvest personal documents from job seekers under the guise of legitimate hiring processes.
Scammers use Viber calls and messages to impersonate bank or tech support agents, convincing victims to share one-time passwords, install remote-access tools, or transfer funds to 'secure' accounts.
Viber accounts are taken over through SIM-swap attacks, OTP theft, and device compromise, with hijacked accounts then used to send scam messages to the victim's contacts.
Fraudulent investment schemes use Viber groups and direct messages to promote fake forex, crypto, and real estate opportunities, exploiting the platform's regional reach to target specific communities with localised narratives.
Fraudulent charity and neighbourhood-collection posts on Nextdoor exploit hyper-local trust to solicit donations for fabricated causes, disaster relief efforts, or personal hardship stories.
Fraudulent sellers on Nextdoor's For Sale section take payment for items that are never delivered, are misrepresented, or switch items on delivery, exploiting the implied trust of a neighbourhood-verified community.
Buyers on Nextdoor pay for items listed in the For Sale section that are never delivered, with sellers disappearing after receiving payment and providing false or non-existent tracking information.
Fraudsters post as service providers, tradespeople, or tech support contacts in Nextdoor neighbourhood threads, leading to fake support interactions that collect fees, access credentials, or remote device access.
Phishing attacks on Nextdoor harvest account credentials and personal information through fake neighbourhood alerts, suspicious external links in posts, and emails impersonating Nextdoor notifications.
Tech-support fraudsters posted as local IT helpers on Nextdoor convince residents to install remote-access software, gaining direct control of computers to access financial accounts and steal money.
Fraudulent 'local business' listings on Nextdoor promote fake stores and services that collect payments and never deliver, exploiting the community trust that genuine small businesses earn on the platform.
Fake recovery services post in Nextdoor neighbourhood feeds targeting residents who have publicly mentioned losing money in a scam, offering to retrieve funds in exchange for upfront fees that are never refunded.
Fraudulent job listings and recruiter posts on Nextdoor target residents seeking local employment, collecting application fees, personal documents, or directing victims into task scam operations.
Pinterest pins drive buyers to websites that accept orders and payment but never ship products, exploiting the platform's high-intent discovery traffic and the trust generated by professional product imagery.
Phishing attacks on Pinterest harvest account credentials through fake login pages linked from pins, email impersonation of Pinterest notifications, and boards designed to funnel users toward credential-stealing sites.
Pinterest boards on financial independence, passive income, and wealth building are exploited by fraudulent investment promoters who pin attractive infographics linking to fraudulent platforms and crypto schemes.
Scammers use Pinterest profiles as part of elaborate fake romantic identity construction, building trust before transitioning to direct-message platforms where blackmail or financial fraud is executed.
Fraudulent romantic personas use Pinterest as a cross-platform credibility anchor, directing victims to elaborate fake profiles before extracting repeated financial transfers through fabricated personal emergencies.
Pinterest boards on cryptocurrency and blockchain investing promote fraudulent tokens, fake exchanges, and giveaway scams through professionally designed infographic pins that drive users toward fraud sites.
Fraudulent charity campaigns use Pinterest's visually compelling format to share emotive cause-related content that directs users to fraudulent donation pages rather than legitimate organisations.
Fake crypto giveaway streams impersonate well-known streamers and crypto figures on Twitch, promising to double or multiply sent cryptocurrency in exchange for an initial transfer that is never returned.
Twitch chat bots and fake streams promote free in-game currency generators, directing gamers to credential-stealing sites or survey traps that deliver nothing while stealing account access.
Fraudulent game item traders use Twitch streams and chat to find buyers for non-existent or misrepresented in-game items, collecting payment through non-reversible methods before delivering nothing.
Phishing attacks on Twitch steal streamer and viewer credentials through fake affiliate program emails, malicious chat links, and third-party tool sites that harvest Twitch OAuth tokens.
Twitch accounts are hijacked through phishing, credential stuffing, and OAuth token theft, enabling attackers to broadcast scam content to the original streamer's audience and access linked payment information.
Task scam operators promote paid micro-work opportunities in Twitch chat and through Twitch-affiliated Discord communities, directing viewers toward task platforms that ultimately extract cryptocurrency deposits.
Malicious links distributed through Twitch chat and compromised streamer accounts connect to wallet-draining contracts that empty all cryptocurrency from connected wallets in a single transaction.
Scammers impersonate Twitch support in DMs and emails, and pose as game or platform support agents in Twitch chat, convincing streamers and viewers to provide credentials, install remote-access tools, or pay fees.
Fraudulent emails impersonate banks, retailers, and government agencies to steal login credentials, financial data, and personal information.
Scammers send promotional emails advertising non-existent shops or counterfeit goods, then take payment and vanish.
Fraudsters send emotional fundraising appeals by email after disasters or during campaigns, diverting donations to personal accounts instead of genuine causes.
Criminals send fake parcel-delivery emails claiming a package could not be delivered, asking for a small fee or personal details to rearrange delivery.
Scammers use phishing emails to steal credentials and gain unauthorised access to bank, shopping, and social accounts.
Criminals send alarming emails claiming your device is infected, pushing fake security software that charges fees or installs real malware.
Fraudsters impersonate tax authorities by email, threatening penalties or offering false refunds to extract personal details or payments.
Con artists email previous fraud victims posing as recovery specialists, government agencies, or law firms, charging upfront fees and delivering nothing.
Malicious emails deliver links or attachments that trigger fake browser alerts or install malware designed to steal data or extort victims.
Callers impersonate software or hardware companies, claiming your device has critical errors, then charge for fake repairs or install remote-access tools.
Callers impersonate tax offices, threatening arrest or fines to extract immediate payment or personal information over the phone.
Scammers impersonate police officers by phone, threatening victims with arrest unless they transfer money or assist in a 'sting operation'.
Callers convince victims to install remote-access software, then use the connection to steal banking credentials and drain accounts.
Fraudsters call mobile carriers impersonating the account holder to transfer the victim's phone number to a SIM they control, intercepting SMS authentication codes.
Cold callers pitch high-return, low-risk investment opportunities that turn out to be entirely fraudulent, disappearing with victims' funds.
Fraudsters call pretending to be recruiters offering jobs, then extract fees, personal data, or banking details from hopeful applicants.
Scammers make wrong-number or chance calls to start a relationship that transitions into a fraudulent investment scheme, eventually draining large sums.
Callers posing as fraud investigators or lawyers contact previous victims and charge upfront fees to recover lost funds — then disappear.
Fraudulent job postings on employment platforms harvest personal data or fees from applicants by posing as legitimate employers or staffing agencies.
Fake gig-style job listings on employment sites promise pay for simple online tasks, but require victims to invest money to 'unlock' earnings that never materialise.
Job listings redirect applicants to WhatsApp for 'screening', where scammers conduct the fraud away from the job board's moderation tools.
Fraudulent listings recruit 'investment advisors' or 'trading assistants', drawing applicants into fake investment operations that steal their money.
Fraudulent applications or fake listings on job boards harvest login credentials and personal data, enabling attackers to take over accounts.
Criminals post fake jobs to establish contact with victims, then build trust relationships that transition into fraudulent investment platforms.
Fake job listings and recruiter messages on employment platforms direct users to credential-harvesting pages designed to steal account logins.
Fraudulent e-commerce businesses recruit staff on job boards, then use new hires as unwitting front-men for counterfeit or non-existent goods.
Fake job listings recruit victims under the guise of fraud-investigation or asset-recovery roles, ultimately charging fees or collecting sensitive data.
Fraudulent retailers pay for top Google placements to intercept shoppers with counterfeit or non-existent goods, exploiting the trust placed in search results.
Sponsored search results promote bogus security software, directing worried users to fake product pages that charge for useless or harmful tools.
Criminals purchase sponsored Google listings to position cloned login pages above legitimate results, capturing credentials when users search for their bank or service.
Fraudulent investment platforms buy Google ad placements to attract investors searching for trading, crypto, or savings opportunities.
Fraudulent tech-support numbers appear in Google ads for queries about device problems, software help, or router issues — connecting users to scammers instead of legitimate support.
Fraudulent crypto exchanges and wallet services appear in Google-sponsored results, stealing deposits or private keys from users searching for cryptocurrency platforms.
Fraudulent recovery services purchase Google ads targeting victims searching 'how to recover scam money', charging upfront fees and delivering nothing.
Fraudulent trading platforms advertise through Google to attract investors, showing fabricated profits before blocking all withdrawals.
Malicious Google ads redirect users to pages that trigger fake browser alerts or silently download malware.
X is a major vector for crypto fraud, from fake giveaway accounts to phishing links embedded in replies to popular posts.
Scammers create fake celebrity accounts on X to cultivate romantic connections with fans, ultimately asking for money or gifts.
Fake investment promoters use X to build credibility with trading content before pushing victims toward fraudulent platforms.
X accounts are targeted and hijacked through phishing DMs and third-party app abuse, then used to post scams to the victim's followers.
Fraudulent DMs and posts on X direct users to fake login pages and malicious sites disguised as legitimate resources.
Scammers initiate contact through X replies or DMs, build trust over time, then introduce fraudulent investment platforms.
Fraudulent charity accounts post urgent donation appeals on X, exploiting trending news and hashtags to divert donations from genuine causes.
Fraudulent trading platforms are promoted through sponsored posts, influencer accounts, and viral content on X, directing investors to sites that steal deposits.
Fake fund-recovery services target fraud victims on X through reply threads, DMs, and promoted content, charging upfront fees for services that never materialise.
YouTube videos promote fraudulent trading platforms through testimonials and tutorials, directing viewers to deposit on sites that will never return funds.
Fraudsters use YouTube channels, ads, and comment sections to impersonate celebrities and direct fans toward romance fraud or financial schemes.
Scammers use YouTube comment sections and community posts to initiate the long-term trust-building relationships that characterise pig-butchering investment fraud.
YouTube videos and channels claiming to show fund-recovery success stories are used to recruit new victims into upfront-fee recovery fraud.
YouTube ads and fraudulent tutorial channels promote bogus security software, directing users to purchase products that provide no protection or cause harm.
YouTube comment sections, community posts, and creator impersonators are used to deliver phishing links that steal Google account credentials and personal data.
LinkedIn messages offer remote 'micro-task' or rating-review jobs that secretly require deposit payments, targeting professionals seeking flexible income.
Financial fraud operators use LinkedIn's professional environment to pitch investment opportunities to business professionals, presenting fake credentials and fabricated track records.
Fraudulent messages and fake login pages target LinkedIn users to steal credentials, corporate data, and personal information.
LinkedIn accounts are compromised through phishing and credential stuffing, then used to conduct fraud against the victim's professional network.
Scammers build romantic connections through LinkedIn's professional messaging, exploiting the platform's credibility to defraud victims emotionally and financially.
Fake recruiters on LinkedIn redirect professionals to WhatsApp for job discussions, where scams are conducted outside LinkedIn's safety monitoring.
Fake fund-recovery consultants use LinkedIn's professional environment to approach fraud victims and charge upfront fees for services that do not materialise.
Romance scammers use Snapchat's ephemeral messaging to build fake romantic relationships with younger users, then request money or gifts.
Impostor celebrity accounts on Snapchat target fans with fake personal connections and prize offers, ultimately requesting money or sensitive images.
Snapchat stories and direct messages are used to recruit younger users into task-scam operations that require escalating deposits to unlock fabricated earnings.
Crypto fraud operates on Snapchat through fake giveaways, wallet-draining links, and peer-pressure referral schemes promoted via stories and direct messages.
Snapchat users receive fake login links and prize notifications through snaps and DMs designed to capture account credentials and personal information.
Fraudsters assemble fabricated profiles on Facebook by blending real and invented personal details, then use those profiles to gain trust, solicit money, or harvest credentials from unsuspecting users.
Fabricated Instagram personas built from real and invented data deceive followers into handing over money, personal information, or account credentials through influencer mimicry and manufactured credibility.
Fraudsters use fabricated WhatsApp identities — often impersonating banks, government agencies, or known contacts — to harvest personal data and extract money from victims who believe they are communicating with a trusted source.
Scammers use personal information gathered from Facebook profiles and Marketplace interactions to open fraudulent financial accounts in victims' names, leaving targets with debt and damaged credit.
Telegram channels and bots are used to recruit money mules and collect stolen identity documents needed to open fraudulent bank and cryptocurrency accounts at scale.
Parents who share children's names, birthdates, schools, and photos on Facebook inadvertently supply fraudsters with the personal data needed to open fraudulent accounts in minors' names — fraud that may go undetected for years.
Phishing emails impersonating tax authorities trick recipients into surrendering their national identification numbers and financial details, which fraudsters then use to file bogus tax returns and collect refunds.
Reddit's personal finance and tax communities are targeted by operators who pose as helpful advisers to extract sensitive tax information, and by posts advertising fraudulent tax-filing services that commit refund fraud on behalf of their 'clients'.
Attackers use stolen username and password combinations to break into email accounts, then exploit the access to reset passwords across linked financial services, committing account fraud that is difficult to detect and reverse.
Attackers hijack newly created or recently active Instagram accounts through phishing, SIM swapping, and fake support portals, then use them to defraud the account holder's followers before the original owner can regain access.
Discord accounts are taken over through phishing links, malicious bots, and token-stealing malware, then used to spread further phishing or to defraud the victim's server communities.
Reddit posts and DMs are used to frighten users about their personal data appearing on broker sites, then funnel them toward fake removal services that charge fees and deliver nothing, while potentially harvesting even more data.
Scammers pose as Instagram support staff offering to apply the coveted blue verification checkmark, tricking creators and businesses into handing over their login credentials or paying fraudulent fees.
Aspiring TikTok creators are targeted by fake TikTok support accounts and phishing emails that offer badge verification in exchange for login credentials or upfront payments.
Fake copyright infringement notices sent by email pressure content creators and website owners into clicking malicious links or paying fraudulent settlement fees by mimicking legitimate DMCA takedown processes.
Fraudsters who take over or clone Facebook accounts use the victim's identity to message their contacts with fake emergency requests for money, gift card codes, or personal information.
Fraudsters who take over a WhatsApp account send urgent money or verification requests to every contact, exploiting the trusted phone-number identity system to maximise the chance that recipients comply.
Attackers who take over Instagram accounts DM every follower with requests for money, gift cards, or account verification codes while impersonating the legitimate owner.
Fraudsters pose as Facebook account recovery specialists in groups and marketplace listings, charging fees or collecting credentials from users desperate to regain access to locked or hacked accounts.
Fraudsters advertise Instagram account recovery services on Instagram itself and across the web, collecting advance fees and credentials from users who have lost access to their profiles.
Telegram channels and bots advertise hacked account recovery services targeting victims who have lost access to social media or financial accounts, collecting fees and credentials that enable further fraud.
Scammers impersonate TikTok creator programme managers or third-party monetization partners, promising creators accelerated earnings access in exchange for fees, credential sharing, or survey completion that harvests personal data.
Fraudulent Facebook pages and DMs impersonate Meta's creator monetization teams, directing page owners to phishing sites or demanding fees to unlock video monetization, stars, or fan subscription features.
Scammers in Discord communities targeting streamers and content creators offer fraudulent sponsorship and monetization deals that require advance payments or the submission of banking details to operators who then disappear.
Fake brand collaboration offers sent via Instagram DM harvest creator credentials, personal banking information, and advance payments from influencers eager to land paid partnerships.
Phishing emails posing as brand partnership inquiries target content creators with fake collaboration offers, leading to credential harvesting, advance payment fraud, or malicious attachment delivery.
Fake brand partnership DMs on TikTok target creators with fraudulent sponsorship offers that lead to credential theft, upfront payment demands, or personal data collection.
Fraudsters copy a real person's profile photo, name, and public information to create a duplicate Facebook account, then use it to contact the victim's friends and family with scam messages.
Fraudsters copy public Instagram profiles — photos, bios, and follower lists — to create convincing clones that contact followers with scam offers while the real account owner remains unaware.
Fraudsters copy someone's WhatsApp profile name and photo to create an account on a different number, then contact the victim's friends and family as if they are the real person.
Fraudulent notifications claiming a Facebook account or page has been suspended for policy violations trick users into submitting credentials or paying fees through fake appeal portals to avoid permanent deletion.
Phishing emails and DMs impersonating Instagram support claim accounts are disabled for policy violations, directing users to fake appeal portals that capture login credentials or charge fraudulent fees.
Fraudulent TikTok account suspension notices trick creators into surrendering credentials or paying appeal fees through phishing sites that imitate TikTok's support communications.
Fake giveaway DMs on Instagram trick users into submitting login credentials to claim a prize, leading directly to account takeover that the attacker then uses to perpetuate the scam further.
Fake prize notifications sent via TikTok DM trick creators and viewers into entering credentials on phishing sites, leading to account hijacking that spreads the scam to the victim's followers.
Fake Discord giveaway bots and DMs lure users into clicking phishing links or authorising malicious OAuth applications that seize control of their accounts and spread the scam automatically.
Malware distributed through Discord channels and DMs extracts stored session tokens from the victim's browser and Discord app, giving attackers persistent account access that bypasses two-factor authentication.
Telegram channels distribute infostealer malware and phishing links that harvest browser session cookies and account tokens, enabling attackers to access financial and social accounts without credentials.
Reddit posts in software and gaming communities share links to infostealer malware disguised as useful tools, harvesting browser session cookies that grant access to financial and social accounts without passwords.
Automated bots test billions of leaked username and password combinations against Facebook's login system, breaking into accounts whose owners reuse passwords from breached services.
Parenting subreddits and public discussions where parents share children's details create data points that, combined with other sources, can be aggregated for child identity fraud.
WhatsApp messages claim to have found personal data about the recipient on broker sites and offer paid removal services or use the manufactured fear to harvest further personal information.
Fake copyright strike notifications targeting TikTok creators claim their content infringes intellectual property rights, directing them to phishing portals that harvest credentials or charge settlement fees.
Automated bots attack Instagram accounts using leaked email and password combinations from other data breaches, gaining access to accounts whose owners have recycled the same password across multiple services.
Reddit communities focused on personal finance, benefits, and credit are targeted by operators who harvest personal details shared in public posts to commit account opening fraud, or who advertise fraudulent 'credit repair' services that collect identity data for the same purpose.
Phishing messages impersonating Facebook's rights management team or rights holders' representatives threaten page administrators with removal for copyright infringement, directing them to fake appeal portals that capture credentials or payment.
Telegram channels and bots are used to assemble, trade, and deploy synthetic identities built from real and fabricated personal data for financial fraud, account creation, and money mule recruitment.
Fabricated TikTok personas built from AI-generated faces and real data fragments are used to run financial scams, recruit money mules, and harvest personal details from a young audience less familiar with social engineering.
WhatsApp messages impersonating tax authorities claim refunds are pending or accounts are under review, directing recipients to external sites that harvest the personal data needed for fraudulent tax filings.
Fraudsters use social engineering, SIM swapping, and intercepted verification codes to take over WhatsApp accounts, then exploit the trusted contact list to run impersonation scams against the victim's connections.
Telegram accounts are taken over through phishing login links, intercepted SMS codes, and malicious bots that harvest session data, then used to scam the victim's contacts or access premium channel subscriptions.
WhatsApp messages claiming the recipient has won a prize require a verification step that either harvests personal data or tricks the victim into forwarding a code that surrenders account access.
Facebook ads and pages promote fraudulent data removal services by alarming users with targeted warnings about their personal information appearing on data broker sites, then harvesting even more data in the removal process.
Instagram DMs and ads falsely alert creators and users to the presence of their personal data on broker sites, directing them to fraudulent removal services that collect payment and additional personal information.
Phishing emails and malicious attachments delivered via email harvest browser session cookies, enabling attackers to access online accounts without the victim's credentials by replaying the stolen session tokens.
Automated bots test leaked credential pairs against Telegram accounts, and compromised Telegram accounts are used to access private channels, paid subscriptions, and contact lists that enable further scams.
Attackers use credentials stuffed from other breaches to access the email or phone accounts linked to WhatsApp, then use those accounts to hijack WhatsApp access through password reset flows.
Automated attacks test leaked email and password pairs against TikTok's login system, taking over creator accounts to exploit their audiences for investment promotions, giveaway phishing, and fraudulent brand deals.
Facebook accounts are taken over through phishing, credential stuffing, and malicious app permissions, then used to run scam ads, make fraudulent Marketplace listings, and impersonate the owner to their network.
Telegram bots and channels offer fraudulent personal data removal services, using fear about broker site exposure to collect fees and harvest additional sensitive information from users worried about their privacy.
Fake prize notifications sent via Facebook Messenger direct recipients to phishing portals that capture login credentials, leading to immediate account takeover that spreads the same scam to the victim's entire contact network.
Facebook pages and ads posing as tax assistance services harvest national ID numbers and financial data needed for fraudulent tax filings, while fake refund posts lure users into submitting personal details.
Parents who publicly share children's names, birthdates, and photos on Instagram inadvertently provide fraudsters with data usable for child identity fraud, particularly when personal details appear in captions and tagged locations.
WhatsApp group conversations and school community chats can expose children's personal details to fraudsters when parents share too much identifying information in semi-private group settings that are not as secure as they appear.
WhatsApp messages from strangers claiming to be recovery specialists offer to restore hacked accounts in exchange for fees or credentials, often harvesting the victim's remaining access in the process.
Reddit accounts with significant karma or established reputations in valuable communities are targeted for credential stuffing and phishing takeovers, then used to spread scam links, manipulate votes, or harvest community trust.
Fake copyright infringement claims sent via Discord DM threaten server owners and creators with bot removal or account suspension unless they click external links or pay settlement fees.
Fraudulent Instagram accounts impersonate Meta's creator monetization team or third-party platforms, offering creators bogus badge-activated monetization, subscription income, or reels bonus programmes in exchange for credentials or fees.
TikTok videos and DMs promote fraudulent tax refund maximisation services and file-on-your-behalf schemes that harvest taxpayer ID numbers and banking details for use in fraudulent return filing.
WhatsApp messages impersonating music labels, photo agencies, or platform legal teams threaten content creators and businesses with immediate legal action unless they click settlement links or pay fees.
Fraudulent business services promoted on LinkedIn enroll professionals in recurring billing plans through negative-option consent buried in fine print, then make cancellation nearly impossible.
Creators and sponsored ads on YouTube funnel viewers into subscription products where billing consent is buried in checkout flows, resulting in recurring charges that are hard to identify and harder to stop.
TikTok's short-video format and impulse-driven browsing make it fertile ground for subscription products that capture payment details on fast-loading landing pages where negative-option billing consent is easily missed.
Facebook ads and Marketplace listings funnel users into subscription plans with auto-renewing charges where cancellation rights are buried or ignored, costing victims months of unwanted fees.
Instagram's visual-first format and influencer culture are exploited by subscription products that enroll followers through polished aesthetics and sponsored posts hiding auto-renewal traps in checkout fine print.
Professional tools advertised on LinkedIn collect card details under a free-trial offer, then charge full subscription fees immediately or after a very short window — leaving professionals with unexpected bills.
YouTube creators and ads promote free-trial offers for tools or courses that silently capture card details and begin charging within days, often for products that do not deliver on their promises.
TikTok's viral content loops amplify free-trial offers that capture card data through fast mobile checkouts, with billing terms that most viewers scroll past before charges begin.
Facebook's targeted advertising enables free-trial trap operators to reach demographically matched audiences with offers that collect card details and begin billing before most users realise they signed up for a subscription.
Snapchat's young user base and disappearing-content format create ideal conditions for free-trial operators who know that impulsive checkout decisions and ephemeral ads leave little evidence for dispute.
Phishing messages impersonating LinkedIn Premium or third-party tools used by professionals tell recipients their subscription has lapsed and urge them to click a link to restore access — stealing card details or credentials.
Phishing DMs and emails impersonating X Premium billing warn users that their verified status or subscription will be revoked, directing them to fraudulent pages that steal login credentials or payment details.
Phishing emails and messages impersonating YouTube Premium billing or channel membership renewals direct users to credential-harvesting sites designed to look exactly like Google account login pages.
Phishing messages impersonating Facebook or Meta billing warn users that their account or Page subscription is at risk, directing them to credential-harvesting sites disguised as Meta login pages.
Phishing messages impersonating Instagram or Meta Verified billing target creators and business accounts with fake account-suspension warnings, directing victims to credential-stealing login pages.
Fraudulent apps promoted through TikTok videos enroll users in expensive App Store subscriptions within seconds of installation, exploiting Face ID or Touch ID to confirm charges before users understand what they are agreeing to.
Apps advertised through Snapchat ads and Stories use impulsive download behaviour to enroll young users in costly App Store subscriptions that are difficult to cancel and expensive to maintain.
Instagram Shopping tags and influencer partnerships promote subscription-trap apps that convert impulsive installs into high-cost App Store or Google Play subscriptions within moments of first launch.
Pinterest's inspiration-driven browsing leads users to promoted pins for lifestyle and creativity apps that funnel downloads into unexpected App Store subscriptions through misleading trial prompts.
Schemes with no genuine product or service target LinkedIn professionals with 'business opportunity' connection requests, recruiting them to pay entry fees and recruit others — generating income only through chain recruitment.
Facebook Groups and personal profiles are used to run recruitment-only schemes that collect entry fees and perpetuate through chain recruitment, with no genuine product or service generating income.
Instagram's aspirational lifestyle aesthetic is weaponised by recruitment-only pyramid schemes that use luxury imagery and income screenshots to recruit followers into entry-fee schemes with no viable product.
X accounts posing as financial educators and community builders use threads and DMs to recruit followers into pyramid schemes disguised as 'investment groups' or 'money circles'.
Nextdoor's local community trust is exploited by neighbours running pyramid recruitment schemes, using the platform's geographic familiarity to lower guard and drive in-person or local digital recruitment.
Facebook Groups and personal profiles host MLM-style schemes that use product sales as legal cover but generate most participant income through recruitment and inventory loading — leaving most members at a net financial loss.
MLM operators use Instagram's aspirational lifestyle imagery to recruit downlines into product-based schemes where most income derives from recruitment and starter kit sales rather than genuine retail activity.
Pinterest boards and promoted pins showcase MLM products in aspirational contexts, funnelling interested pinners into downline recruitment through 'work from home' and 'be your own boss' content.
Nextdoor's local trust is exploited by MLM participants posting product sales and business opportunity content, using neighbourhood credibility to lower the scrutiny usually applied to income scheme pitches.
YouTube channels dedicated to MLM 'success stories' and product demonstrations recruit viewers into downline structures by presenting income highlights while omitting the statistical reality revealed in income disclosure statements.
X's crypto-friendly culture and influencer network enable crypto MLM and matrix schemes to spread rapidly, with recruitment threads and DMs promising passive income from blockchain referral networks that pay only through chain recruitment.
LinkedIn professionals are targeted by crypto income schemes dressed in business language — 'blockchain investment networks' and 'digital asset communities' that operate as matrix or MLM structures.
YouTube channels dedicated to 'passive crypto income' recruit viewers into matrix or MLM structures through detailed tutorials on how to earn by building referral networks — schemes that pay only while recruitment continues.
TikTok's viral loops spread crypto matrix and MLM scheme content rapidly, with short earnings-reveal videos and referral incentives driving young users toward deposit-based recruitment structures.
Instagram's lifestyle imagery and influencer referral culture make it a natural home for crypto MLM and matrix schemes that present recruitment income as financial independence.
YouTube's creator economy provides the ideal stage for fake course gurus who use free tutorial content to establish credibility before selling expensive courses that deliver recycled, low-value information.
LinkedIn's professional credibility signals are exploited by fake course gurus who present fabricated expertise and inflated credentials to sell overpriced digital courses to professionals seeking career advancement.
Instagram's aspirational content format enables fake gurus to build course-buying audiences through lifestyle imagery and vague income demonstrations before selling high-ticket programs that deliver little real value.
TikTok's viral discovery engine surfaces fake guru content to millions of viewers who may never have sought it out, driving course sales through algorithmic exposure and short-form income revelation videos.
Facebook Groups and targeted ads funnel professionals and aspiring entrepreneurs into fake online courses sold through webinar funnels and high-pressure group coaching pitches.
Instagram's hustle culture normalises job offers that are actually recruitment traps — fake remote income roles that require upfront payments, personal data, or recruiting others to earn any income at all.
TikTok's side-hustle content ecosystem is saturated with fake income opportunities that collect upfront fees or personal data from users looking for flexible earning options.
Facebook jobs listings and Groups host fake remote income opportunities that funnel applicants into upfront fee traps or pyramid recruitment structures under the guise of legitimate employment.
X's financial independence and side-hustle communities are targeted by recruitment scams that use trending hashtags and influencer-style accounts to lure users into fee traps and pyramid structures.
Snapchat's young user base and direct messaging format make it a vector for peer-to-peer hustle recruitment scams where peers enroll friends into fee-based income schemes.
YouTube is the primary distribution channel for fake passive income system promoters, who use tutorial and lifestyle content to sell courses and tools that promise automated earnings but deliver minimal real returns.
Instagram's financial independence aesthetic makes it the primary social surface for passive income system sellers who use lifestyle imagery and income milestone posts to sell courses and systems that generate results only for the sellers.
Facebook Groups and targeted ads promote passive income systems and automated business packages that promise hands-off earnings but deliver low-value content and require ongoing costs that exceed realistic returns.
Pinterest's planning and aspirational browsing context makes it effective for passive income course funnels that route pinners through a discovery journey before landing on high-ticket course checkouts.
X's finance and FIRE communities are targeted by passive income system sellers who use threads and engagement farming to build audiences before selling courses and newsletters that claim to teach automated wealth building.
Facebook Marketplace and Groups host a high volume of fraudulent puppy listings where buyers are asked to pay deposits for puppies that do not exist, then face escalating fee demands before the puppy 'arrives'.
Nextdoor's local verified community is exploited by puppy deposit scammers who use neighbourhood trust to make fraudulent listings appear credible, collecting deposits from neighbours for puppies that do not exist.
Instagram's visual format and follow-based trust enable fake 'breeder' accounts to collect deposits from buyers for puppies that do not exist, using professionally photographed dogs stolen from real breeders.
Pinterest pins promoting puppy breeders route buyers to external sites or contact information where fraudulent breeders collect deposits for puppies that are never delivered.
Fake pet breeder accounts on Facebook Marketplace and Groups collect payments for non-existent animals using stolen photos, false breeding credentials, and emotionally compelling backstories.
Instagram accounts impersonating legitimate breeders collect purchase payments and deposits using stolen photos, fabricated litter announcements, and follow-up fee escalation tactics.
Nextdoor's local trust is exploited by pet breeder scammers who post neighbourhood-targeted listings using the platform's verification to lower buyer defences before collecting remote payments for animals that do not exist.
Pinterest pins linking to fraudulent breeder websites collect payments from pet buyers who discover the listings through breed-specific searches and assume the polished presentation indicates legitimacy.
Facebook rescue Groups and Marketplace listings host fraudulent pet adoption posts that charge fees for animals that do not exist, exploiting the goodwill of people seeking to adopt rather than buy.
Instagram accounts impersonating animal rescue organisations collect rehoming fees and transport donations for non-existent animals using sympathetic content and urgent appeal language.
Nextdoor's neighbourhood trust context makes fake pet adoption posts especially convincing, with scammers using local framing to collect rehoming fees for animals that are never delivered.
Scammers use Nextdoor posts and messages to warn neighbours about fake parcel redelivery card schemes circulating in the area, sometimes as a pretext to distribute phishing links or as warnings that inadvertently increase the reach of the original scam.
Facebook posts and Messenger messages warning about parcel redelivery card scams are weaponised to distribute phishing links, while Facebook Groups about local deliveries are targeted by fake carrier messages.
Scam accounts on X impersonate courier companies and send fake redelivery notifications via mentions and DMs, directing users to phishing sites that collect card details under the guise of a small redelivery fee.
Scammers post fake parcel locker access and fee notifications in neighbourhood Nextdoor Groups, routing users through phishing sites that harvest payment card details under the guise of small parcel release fees.
Facebook Groups and Messenger messages distribute fake parcel locker notifications that direct users to phishing sites collecting card details to pay fabricated locker access or customs fees.
X is used to distribute fake parcel locker notifications and impersonate carrier support accounts, directing users who post about delivery problems toward phishing sites that collect payment card details.
Facebook ads and Pages promote fraudulent immigration assistance services that collect large fees for visa applications or green card processing they have no authority or ability to complete.
YouTube channels providing immigration guidance build audiences of people navigating visa and residency processes, then monetise with links to fraudulent paid services that overcharge or deliver nothing.
LinkedIn professionals seeking work visas or skilled migrant pathways are targeted by fraudulent immigration consultants who use the platform's professional credibility to charge large fees for services they cannot legally provide.
YouTube channels targeting potential visa lottery participants collect application fees or processing charges for programmes that are either entirely free to enter or do not exist, exploiting viewers unfamiliar with official processes.
Facebook ads and Pages targeting diaspora communities promote paid services for visa lottery programmes that are officially free, collecting fees and personal data from applicants who believe they are using an authorised agent.
LinkedIn professionals are targeted by services claiming to offer advantaged or assisted visa lottery entries, collecting fees for official processes that require no third-party intermediary.
Rogue pharmacies buy Google ads and manipulate search rankings to appear at the top of results for prescription drug queries, luring buyers with steep discounts on medications that arrive counterfeit, contaminated, or never at all.
Fraudulent pharmacy pages and sponsored Facebook posts target users who discuss health conditions in groups, offering discounted prescription drugs that are counterfeit, mislabelled, or never shipped.
Scammers use Instagram accounts styled as wellness brands or licensed pharmacies to sell counterfeit prescription drugs through DMs and shoppable posts, targeting users who engage with health and fitness content.
Spam emails promoting unlicensed online pharmacies flood inboxes with offers for discounted or prescription-free medications, directing recipients to rogue sites that deliver counterfeit products or nothing at all.
Fraudulent health product pages and sponsored ads on Facebook promise impossible recoveries from chronic illnesses, exploiting personal data visible in health-related groups to target vulnerable users.
Instagram influencers and fake wellness accounts promote unproven treatments and supplements with dramatic before-and-after imagery, leveraging the platform's visual credibility to sell products that cannot deliver their promised results.
Long-form YouTube videos structured as documentaries or personal testimonials are used to build credibility for fraudulent health products, with affiliate links and product placements monetising viewers who believe they have found a genuine medical breakthrough.
Unsolicited emails promoting unproven treatments for serious illnesses use long-form persuasion copy, personal testimonials, and countdown timers to pressure recipients into purchasing fraudulent health products.
Callers impersonating health insurance brokers or government health programme representatives pressure consumers into enrolling in worthless discount plans or fraudulent policies that provide no real coverage.
Facebook ads and pages targeting people who discuss healthcare costs promote non-insurance discount schemes and sham policies that collect premiums but fail to pay medical claims.
Unsolicited emails posing as government health programme notifications or independent broker offers enrol recipients in fake or inadequate health coverage that fails to pay medical bills.
Fraudulent health insurance brokers and sham plan providers buy Google ads targeting health coverage keywords to intercept consumers shopping for legitimate insurance and enrol them in plans that provide no real protection.
Instagram is a primary channel for ghost brokers who advertise cheap car insurance deals, collect payments for fraudulent policies, and leave drivers unknowingly uninsured and exposed to legal penalties.
Ghost brokers use Facebook Marketplace, sponsored ads, and community groups to sell fraudulent or falsified car insurance policies at below-market prices, leaving drivers uninsured and at risk of prosecution.
Ghost brokers send targeted emails offering cheap car insurance renewals, collecting personal and vehicle data to submit fraudulent applications to real insurers — leaving policyholders unknowingly uninsured.
Callers posing as insurance brokers or comparison service representatives offer fraudulent car insurance deals over the phone, collecting personal details and payment for policies that are falsified or entirely fictitious.
Craigslist's unmoderated classifieds make it a prime venue for fake car listings that collect deposits from buyers who discover the vehicle does not exist or belongs to someone else.
Facebook Marketplace car listings are exploited by scammers who use cloned photos, fabricated ownership documents, and urgency tactics to extract deposits from buyers for vehicles that do not exist or are not theirs to sell.
Instagram accounts posing as private sellers or car dealers post attractive vehicle photos to solicit direct inquiries, then manipulate interested buyers into paying deposits for cars that are fraudulent or non-existent.
Robocalls and live callers falsely claim a vehicle warranty is expiring and pressure owners into purchasing worthless extended warranty plans that cover nothing when a breakdown occurs.
Emails warning that a vehicle warranty is expiring pressure owners into purchasing inadequate or entirely fictitious extended warranty contracts via deceptive online checkout pages.
Facebook ads and pages impersonating dealerships or manufacturer warranty programmes sell fictitious or inadequate vehicle service contracts to targeted car owners.
Facebook ads and community pages promote fictitious government solar rebate programmes or substandard installations, collecting large deposits from homeowners who receive no panels or shoddy workmanship.
Fraudulent solar installers post in Nextdoor neighbourhood feeds as satisfied local customers or community recommendations, leveraging the platform's trusted local reputation to solicit deposits for substandard or non-existent installations.
Unsolicited callers claiming to represent government solar programmes or certified installers pressure homeowners into booking surveys and paying deposits for solar installations that are substandard or fraudulent.
Email campaigns mimicking government energy agencies or certified solar programmes direct homeowners to fraudulent quote pages or phishing forms that collect personal data and deposits.
Callers impersonating electricity, gas, or water companies threaten immediate service disconnection unless a past-due balance is paid within minutes using a non-reversible payment method.
Fake disconnection notice emails impersonating utility providers create urgency around an invented past-due balance, directing recipients to phishing payment pages that capture card details or demand gift card payment.
Craigslist listings offering to pay overdue utility bills or restore service for a fee target consumers in financial hardship, collecting upfront payments without providing any genuine utility relief.
Craigslist rental ads cloned from legitimate listings offer below-market rents to attract tenants, then collect application fees and security deposits from multiple victims for properties the fraudster does not own or control.
Facebook Marketplace and housing groups host fraudulent rental listings that use stolen photos and compelling backstories to extract security deposits and application fees from housing-seekers.
Fraudulent rental listings on Nextdoor exploit the platform's neighbourhood-verified reputation to collect deposits from local housing-seekers for properties that are cloned, unavailable, or never shown.
Fraudsters posing as legitimate landlords on Facebook collect multiple tenants' deposits for the same property — one they do not own — then disappear before move-in day.
Craigslist's anonymous listing format enables fake landlords to collect deposits from multiple tenants simultaneously for properties they have no right to rent, exploiting the urgency of the housing search.
Email correspondence from fake landlords follows up on housing inquiries or responds to rental-search forum posts, guiding applicants through a convincing tenancy process that ends with a stolen deposit.
Rogue moving companies use Google Ads and SEO to appear prominently for relocation search queries, providing artificially low estimates that balloon on moving day when possessions are held hostage for inflated payment.
Craigslist moving service ads from unregistered operators offer extremely low hourly rates, then add hidden charges on moving day, damage goods, or simply take deposits and fail to appear.
Facebook Marketplace and local groups host moving company ads from operators who collect deposits and fail to appear, deliver substandard service, or present inflated invoices after goods are loaded.
Counterfeit hotel and travel booking websites appear prominently in Google search results and ads, collecting full payment for reservations that do not exist or are never confirmed by the genuine property.
Fraudulent travel and accommodation booking pages on Facebook collect payments for hotel stays, tours, or event tickets that are never confirmed, leaving buyers with unrecoverable losses.
Phishing emails impersonating major booking platforms notify recipients of a reservation problem or exclusive deal, directing them to fraudulent checkout pages that harvest payment details.
Instagram accounts presenting as local travel experts and licensed guides collect advance payments for tours that are substandard, overpriced, or never delivered.
Facebook groups for travellers and destination communities are used by fraudulent tour operators and fake guides to solicit advance bookings from holidaymakers who discover the service does not exist or is substandard.
Craigslist travel services listings offer guided tours and local experiences at low prices, using advance-payment requirements to extract money from tourists who find the service substandard or entirely absent.
Fraudulent customer service websites and Google Ads display fake airline phone numbers that connect travellers to scammers who charge fees for basic services and harvest credit card details.
Callers posing as airline customer service agents contact travellers whose booking details have been compromised, offering to 'fix' problems with reservations in exchange for fees and card details.
Phishing emails styled as airline booking confirmations, cancellation notices, or refund offers direct travellers to fraudulent portals that harvest account credentials and payment information.
Callers targeting existing timeshare owners claim to have a buyer ready for their unit, requesting upfront fees for legal, transfer, or marketing costs that are collected and provide no genuine resale service.
Emails targeting timeshare owners claim a buyer has been found or a legal exit pathway is available, using official-looking documents and upfront fee requests to perpetuate a long-running fraud.
Facebook groups for timeshare owners and vacation property communities host fraudulent resale and exit service operators who collect upfront fees for services that are never delivered.
Fraudulent clinical trial recruitment ads appear in Google search results targeting people with specific health conditions, collecting personal and medical information or charging registration fees for trials that do not exist.
Facebook health condition groups and targeted ads are used to recruit people with specific diagnoses into fraudulent clinical trials that harvest medical data, collect fees, or expose participants to unregulated substances.
Unsolicited emails targeting people with specific health conditions invite them to enrol in fraudulent research studies, collecting medical data and participation fees for trials that have no institutional affiliation.
Instagram influencers and sponsored accounts promote fraudulent weight loss supplements and detox programmes using misleading before-and-after photos, undisclosed paid partnerships, and auto-ship schemes.
Facebook ads and health groups promote fraudulent weight loss supplements through fabricated testimonials, celebrity endorsement imagery, and hidden subscription billing that traps buyers in recurring charges.
YouTube videos styled as honest reviews or personal weight loss journeys are used to promote fraudulent supplements and programmes, driving viewers to purchase through affiliate links on product pages that obscure subscription terms.
Fraudulent health plan promoters post in Nextdoor neighbourhood feeds posing as community members who found affordable coverage, directing neighbours toward sham discount plans or unlicensed insurance products.
Instagram accounts posting attractive property photography attract inquiries from housing-seekers and then collect deposits for rentals that are cloned from legitimate listings or unavailable for let.
Facebook posts and Messenger messages impersonating utility providers warn of imminent disconnection and direct account holders to fraudulent payment pages that harvest card details or demand gift card payment.
Email campaigns from rogue moving companies solicit enquiries with low quotes, then dramatically inflate the final bill on moving day or fail to appear after collecting a deposit.
Instagram accounts posing as boutique hotels, vacation rentals, or activity booking services collect advance payments through DMs or external links for stays and experiences that are never honoured.
Instagram accounts impersonating airline customer service accounts respond to travellers who post complaints or inquiries publicly, directing them to fraudulent support channels that collect personal and payment information.
Craigslist listings for timeshare resale services or direct timeshare sales collect upfront fees from owners seeking to exit their commitment, providing no genuine market access or resale outcome.
Callers claiming to represent research institutions or pharmaceutical companies recruit people with specific conditions into fraudulent paid trials, collecting screening fees or harvesting personal medical details over the phone.
Email campaigns promoting fraudulent weight loss supplements and programmes use long-form persuasion copy, celebrity name-drops, and auto-ship billing to extract payments from recipients who receive ineffective or unsafe products.
Craigslist services listings offer cheap car insurance through unlicensed brokers who either produce fraudulent policies with falsified details or collect payment without purchasing any policy at all.
Email responses to car-search inquiries or alerts offer fictitious vehicles at below-market prices, directing buyers toward a deposit payment before any in-person inspection is possible.
Instagram accounts presenting as property managers or individual landlords post rental property photos to attract tenants, then collect security deposits for properties they have no authority to rent.
Craigslist services listings offer vehicle or appliance extended warranties at low prices through unregistered providers, collecting premiums for coverage that pays nothing when a claim is made.
Fraudsters impersonate police officers or bank officials on WhatsApp to convince victims their bank card has been compromised, then send a fake courier to collect the card and PIN in person.
Criminals use Telegram accounts styled as bank fraud teams or law enforcement to convince victims their card is compromised, then dispatch a fake courier to collect the card and PIN at home.
Fraudsters send WhatsApp messages posing as parcel locker services, claiming a package is held at a collection point and requesting payment or login credentials via a phishing link to release it.
Scammers run automated Telegram bots that send fake parcel locker alerts, directing victims to phishing sites to pay fictitious fees or surrender login credentials.
Discord users receive DMs or server messages mimicking parcel locker services, prompting them to visit phishing links under the guise of releasing a held package.
Fraudsters use WhatsApp to recruit unwitting workers as reshipping mules, presenting the role as a legitimate parcel-handling job while using victims to move stolen goods or launder fraud proceeds.
Telegram channels and bots advertise fake logistics jobs that turn recipients into reshipping mules, forwarding stolen goods or laundering fraud money through their home address.
Fraudulent job listings on Gumtree for home-based parcel handlers recruit victims as reshipping mules, using their addresses to receive and forward stolen goods while paying small amounts to maintain the deception.
Scammers impersonate immigration officials on WhatsApp, threatening deportation or arrest unless victims pay an immediate fee to resolve a supposed visa or status violation.
Criminal operators use Telegram to send mass deportation-threat messages to migrant communities, demanding urgent fee payments to prevent fabricated immigration enforcement actions.
Scammers send Snapchat messages posing as immigration enforcement, threatening young migrants or international students with deportation unless they pay a fee before evidence disappears.
Scammers pose as immigration consultants on WhatsApp, charging fees for visa or residency applications they never file, leaving victims out of pocket and no closer to legal status.
Telegram channels operated by fake immigration advisers advertise guaranteed visa and residency services, collecting fees and documents from migrants who receive nothing in return.
Fraudulent immigration consultants advertise cheap visa processing services on Gumtree, take payment and documents upfront, and then deliver nothing while disappearing from the platform.
Fraudsters use WhatsApp to promote 'free trial' offers that secretly enrol victims in recurring subscriptions, with cancellation terms buried in fine print or entirely inaccessible.
Sponsored and DM-based Snapchat promotions lure younger users into free trials that auto-enrol them in monthly subscriptions, exploiting the platform's transient content to obscure terms.
Promoted posts and DMs on X advertise free trials that auto-enrol users in recurring subscriptions, using fast-scrolling ad formats to obscure billing terms.
Telegram bots and channels direct users to download apps that immediately charge high-value subscriptions through Apple or Google billing, often before the user has meaningfully engaged with the app.
Discord servers promote apps and digital tools that enrol users in expensive recurring subscriptions the moment they are downloaded, exploiting community trust to drive installs.
Promoted posts and organic X content drive downloads of apps that immediately charge high-value subscriptions, using social proof and urgency to prevent users from reading the terms.
Fraudsters send WhatsApp messages claiming the recipient has won a foreign lottery prize, then extract fees for taxes, insurance, or processing before any money is paid — and none ever is.
Automated Telegram bots and direct messages announce fabricated lottery wins to mass lists of users, then drain victims through escalating release-fee demands.
X accounts impersonating international lottery organisations post fake winner announcements and DM targets to extract advance fees under the guise of prize release charges.
Fraudsters send WhatsApp messages claiming the recipient has been randomly selected to win a smartphone, gift card, or cash prize, then demand fees or personal data to process the award.
Fake prize channels and bots on Telegram announce brand-sponsored giveaways to lure victims into handing over personal data and payment details to claim non-existent awards.
Scammers use Snapchat Stories and DMs to announce fake prize wins from brands or celebrity accounts, directing victims to phishing links to claim their award.
Fraudsters send WhatsApp messages impersonating government departments to claim the recipient is eligible for a grant, then demand application fees, bank details, or ID documents before the grant is never paid.
Telegram channels and mass-DM campaigns impersonate government agencies to harvest personal data and fees from victims who believe they have been selected for a legitimate grant programme.
Snapchat stories and DMs promote fabricated government assistance programmes targeting younger users, collecting personal data and small fees under the guise of a grant application.
Fraudsters send WhatsApp messages impersonating court officials, claiming the recipient has missed jury service and must pay an immediate fine or face arrest — all designed to extract money.
Scammers impersonate court systems on Telegram to claim victims have outstanding jury-duty warrants, demanding immediate fine payments to cancel fabricated arrest orders.
X accounts and DMs impersonate court systems to threaten users with arrest warrants for alleged missed jury service, directing them to payment pages to resolve fabricated legal issues.
Fraudsters use WhatsApp to impersonate tech support agents or bank fraud teams, convincing victims to install remote-access apps that give the scammer full control of the victim's device and accounts.
Criminals use Telegram to pose as IT support or bank security teams, sending links and instructions that lead victims to install remote-access software and surrender device control.
Scammers monitor X for public complaints about technical problems, then DM the poster offering help and steering them toward installing remote-access software to resolve the issue.
Fraudsters impersonate corporate IT helpdesks on WhatsApp to harvest employee login credentials, multi-factor authentication codes, and VPN access details under the guise of urgent account maintenance.
Scammers create Telegram accounts impersonating corporate IT support, targeting employees with urgent credential-reset requests that deliver access tokens directly to the attacker.
Attackers use Discord to contact employees of tech companies and gaming studios, impersonating internal IT or security teams to harvest work credentials under the guise of urgent account actions.
Telegram channels and bots distribute links that trigger malware-style popup alerts in browsers, convincing victims to download malicious software or call fraudulent support numbers.
Links shared via WhatsApp — often from compromised contacts — lead to browser pages displaying fake virus alerts designed to panic users into calling fraudulent support lines or downloading malicious files.
Discord users are targeted with malicious links in DMs and server messages that open browser popups mimicking antivirus alerts, directing them to download malware disguised as security tools.
Fraudsters distribute malicious QR codes through Telegram channels and DMs, redirecting victims to phishing pages, credential-harvesting login screens, or cryptocurrency payment requests.
Fraudsters send WhatsApp QR codes disguised as payment confirmations, parcel barcodes, or loyalty reward vouchers that redirect victims to phishing pages when scanned.
eBay sellers and buyers are targeted with QR codes in messages and listings that redirect to phishing pages or off-platform payment systems designed to bypass eBay's buyer and seller protections.
Fraudulent online shops operate through Telegram channels and bots, accepting payment for goods they never dispatch and disappearing once sufficient funds have been collected.
Fraudulent shops operating within Discord servers sell digital goods, gaming items, or physical merchandise that either do not exist or are counterfeit, taking payment and disappearing.
Sellers advertising goods through Telegram channels and groups collect payment and never dispatch items, exploiting the platform's lack of formal buyer protection.
Snapchat-based sellers promote appealing products at steep discounts, take payment through unprotected channels, and never deliver the purchased items.
Gumtree sellers advertise in-demand items at attractive prices, request postal payment, and never dispatch — a long-running fraud on one of the UK's most-used classified sites.
Fraudulent Gumtree sellers use fake listings, switched items, and payment manipulation to defraud buyers, while fraudulent buyers use chargeback abuse and overpayment tricks to defraud sellers.
Third-party Amazon marketplace sellers use fake reviews, counterfeit goods, and off-platform payment requests to defraud buyers while exploiting the trust Amazon's brand lends to all listings.
eBay marketplace fraud spans fake listings, shill bidding, counterfeit goods, and off-platform payment requests, exploiting the platform's auction format and buyer expectations.
Discord marketplace channels are plagued by fraudulent sellers offering digital items, in-game goods, and physical merchandise without buyer protection, exploiting community trust to take payment and disappear.
Discord bots and DMs announce fabricated international lottery wins to users, then extract advance fees through escalating release-charge demands before disappearing.
Fraudsters impersonate Amazon via emails, SMS, and fake pages claiming buyers have won a prize or reward, then extract payment card details or personal data through the claim process.
Fraudulent third-party Amazon sellers collect payment for products that are never dispatched, or ship empty boxes and items that do not match the listing, exploiting the volume of Amazon orders to delay detection.
eBay sellers take payment for items they never ship, using fake tracking, off-platform communication, and feedback manipulation to delay dispute resolution long enough to complete multiple fraud cycles.
Gumtree buyers and sellers are targeted with QR codes in messages and listing images that redirect to phishing sites or initiate unauthorised payments when scanned.
Discord servers and bots impersonate government assistance programmes, collecting personal data and fees from users who believe they are applying for a legitimate grant.
Fraudsters pose as technical support volunteers in Discord servers, offering to fix account or device problems by walking victims through installing remote-access software that gives the scammer full device control.
Fraudulent online shops promoted through X posts and paid ads collect payment for goods they never deliver, exploiting X's ad targeting to reach high-intent buyers.
Discord bots and accounts announce fake brand-sponsored prize wins to community members, directing them to phishing links to claim awards that do not exist.
Scammers use WhatsApp to conduct off-platform marketplace transactions with no buyer protection, posing as private sellers or diverting buyers away from protected platforms to collect unrecoverable payments.
Telegram groups and channels host fraudulent peer-to-peer marketplaces where sellers take payment via unprotected methods and disappear without dispatching goods or delivering digital items.
Fraudulent eBay seller accounts create professional-looking storefronts to sell non-existent or counterfeit goods, exploiting eBay's brand trust before the account is suspended.
Scammers on Discord impersonate bank support servers or direct-message users with false fraud alerts, persuading them to hand their bank card and PIN to a fake courier.
X accounts impersonating brands and celebrities send DMs or reply to users claiming they have won a prize, directing them to phishing pages to claim awards that do not exist.
Scammers send Snapchat DMs claiming the recipient has won a foreign lottery, then use the platform's ephemeral messaging to apply urgent pressure for advance fee payments.
Fake tutorial and giveaway videos on YouTube promise viewers unlimited in-game currency through generator tools or 'secret methods', leading to credential theft, survey traps, or malware downloads.
Attackers use Discord DMs, phishing bots, and fake support servers to steal game account credentials or authentication tokens, locking legitimate owners out and reselling or draining the accounts.
Fraudulent sellers use Reddit trading subreddits to list high-value in-game items or accounts at attractive prices, collecting payment via untraceable methods before disappearing without delivering anything.
Fraudsters sell invalid, already-redeemed, or stolen game activation keys through Discord servers and DMs at below-market prices, leaving buyers with codes that do not work and no way to recover their money.
Fraudsters clone popular streamer channels or flood live chats with bot messages to advertise fake giveaways, directing viewers to phishing sites that steal credentials or payment details under the guise of prize fulfilment.
Impostor accounts and hacked verified profiles run fake giveaways on Instagram promising gaming gear, gift cards, or cash prizes, collecting personal information and small fees from followers who believe they have won.
Fraudsters use Telegram channels and group chats to run fake gaming and prize giveaways, using bots to automate winner selection and directing victims to phishing pages or wallet-draining links.
Scammers use Facebook ads and targeted posts to exploit borrowers searching for relief from student debt, charging upfront fees for 'services' that are free through official channels or simply do not exist.
Short-form TikTok videos promote fake student loan relief methods and fraudulent third-party services, directing financially stressed borrowers to phishing sites or paid programmes that deliver nothing.
Fake scholarship accounts on Instagram target students with promises of easy grants and awards that require an application fee, personal data submission, or bank details to claim a prize that does not exist.
Fraudulent course creators use YouTube channels to build credibility with free content before funnelling viewers into expensive courses that contain recycled, outdated, or entirely valueless material.
Fraudulent educators use Facebook groups and targeted ads to sell overpriced or worthless online courses, leveraging community trust and peer pressure to drive enrolment in programmes that fail to deliver.
Fraudulent education agents on Instagram promise guaranteed university placements abroad and collect large upfront fees for visa support and application services before disappearing or delivering counterfeit documentation.
Scam education agents operate through Telegram groups and channels to target students seeking overseas university placements, collecting advance fees for fabricated admission letters and non-existent visa services.
Fraudsters use Reddit to harvest personal details that enable SIM swap attacks — collecting phone numbers, carrier names, and account clues from public posts to impersonate victims to their mobile carrier.
Telegram channels and groups are used to coordinate SIM swap attacks and advertise SIM swap services, targeting cryptocurrency holders and high-value account owners by offering to hijack phone numbers on demand.
Fraudsters advertise fake carrier upgrade deals and unlocked phone sales on Facebook Marketplace and via sponsored posts, collecting payment for devices that never arrive or collecting contract details used for identity theft.
Fraudulent YouTube videos impersonating mobile carrier support channels provide fake phone numbers and remote-access instructions to viewers experiencing technical issues, enabling account takeover and financial theft.
Scam accounts pose as carrier representatives in subreddits dedicated to customer support, directing users with billing or service problems to fraudulent numbers or external sites that harvest account credentials.
Fraudulent charity pages and fundraisers on Facebook exploit donors' generosity by impersonating real organisations or inventing fake causes, routing donations to personal accounts rather than any legitimate charitable purpose.
Scammers create fake charity accounts or hijack real ones on Instagram to solicit donations for fabricated causes, routing payments to personal accounts through unverified links and DM requests.
Scammers exploit breaking disaster events on TikTok by posting emotionally compelling videos that collect donations through unverified external links or solicit cryptocurrency before any accountability infrastructure exists.
Fraudulent YouTube channels monetise disaster events by creating donation-appeal videos with links to unverified payment pages, exploiting viewers who search for ways to help after breaking news events.
Fraudsters post fabricated personal hardship stories in subreddits that support community donations, collecting money under false pretences for medical bills, emergencies, or projects that do not exist.
Fraudulent fundraising campaigns on Facebook use fabricated personal stories and emotional imagery to solicit donations through Facebook's fundraiser tool or third-party links, with funds going to scammers rather than those in need.
Fraudulent Facebook pages and messages claim that recipients have won a foreign national lottery, extracting advance fees, tax payments, and personal identification under the guise of releasing the supposed winnings.
Fake brand and influencer accounts on Instagram send congratulatory DMs claiming the recipient has won a prize, then extract personal information and shipping fees from those who respond.
Scammers on TikTok use comment bots and fake brand accounts to target users with fabricated prize notifications, directing them to external sites to claim non-existent rewards.
Fake giveaway videos and cloned creator channels on YouTube promise viewers expensive prizes in exchange for actions that harvest personal data or redirect to phishing sites.
Fraudulent Discord bots and fake server promotions announce giveaways for premium game items, subscriptions, or cash prizes, directing participants to credential-harvesting sites or collecting entry fees.
Fake giveaway posts on Reddit promise high-value prizes to users who comment or upvote, with apparent winners contacted through DMs and directed to fee-collection or credential-harvesting sites.
Fraudulent game item and account listings on Facebook Marketplace and in gaming groups collect payments for digital goods that are never delivered, exploiting the platform's perceived peer accountability.
Fraudulent game key sellers exploit Reddit trading communities with below-market listings, collecting payment before delivering invalid, already-redeemed, or stolen activation keys.
Fraudulent YouTube channels and video descriptions promote fake game key reseller sites and code-generator tools that steal credentials, install malware, or sell invalid codes for games that were never legitimately purchased.
Fraudulent scholarship pages and targeted Facebook ads deceive students and families by advertising non-existent awards, collecting application fees and personal data under the guise of legitimate financial aid.
Fraudulent YouTube videos promote fake scholarship databases, paid application services, and non-existent grant programmes, luring students into paying for access to opportunities that are either free or entirely fabricated.
Fraudulent loan relief operators use Telegram groups and bots to impersonate financial advisers, charging upfront fees for forgiveness services that either do not exist or are freely available through official government channels.
Fake carrier and phone deal videos on TikTok direct viewers to fraudulent upgrade sites that collect personal details and upfront payments for contracts or devices that are never fulfilled.
Facebook profiles are mined by SIM swap attackers for personal details that answer carrier security questions, while Facebook Messenger is also used to impersonate contacts and gather phone numbers for targeted attacks.
Fraudulent Instagram accounts impersonating carriers or phone resellers advertise upgrade deals requiring upfront payment or sensitive personal data for devices and contracts that are never fulfilled.
Scam operators use Telegram channels and groups to solicit charitable donations for fabricated causes, routing payments to unregulated wallets while impersonating legitimate relief organisations.
Fraudulent YouTube channels run fundraising videos and donation drives under false charitable pretences, routing viewer donations to personal accounts rather than any legitimate cause.
Fraudulent Facebook fundraisers and pages exploit breaking disaster events to collect donations that never reach victims, leveraging the platform's rapid content sharing and built-in donation tools.
Scam accounts exploit Reddit's community goodwill by posting fabricated disaster relief requests in regional subreddits, collecting donations through unverifiable links and personal payment accounts.
Fraudulent YouTube videos impersonate official lottery bodies to announce winners or explain claim processes, directing viewers to phishing sites that collect personal details and advance fee payments.
Fake lottery organisation accounts on Instagram notify followers of alleged wins and direct them to advance-fee collection pages through DMs and story links, harvesting personal data and payments.
Facebook Messenger and post notifications are used to tell users they have won prizes in draws they never entered, leading to fee collection and personal data harvesting through a series of convincing follow-up messages.
Short TikTok videos demonstrate fake currency generators and 'unlimited coin' methods, directing viewers to survey and download sites that harvest data or install malware without providing any in-game benefit.
Fraudsters use Telegram bots and channels to trade in stolen game credentials and sell account-hijacking services, targeting players whose account details have been exposed through other breaches.
Fake mobile carrier accounts on Instagram respond to public complaint posts with fraudulent contact numbers and phishing links, intercepting customers who are already frustrated and seeking help.
Fraudulent scholarship posts in college and financial aid subreddits advertise non-existent awards with low requirements, collecting student data and fees from users who believe they have found a legitimate opportunity.
YouTube channels pose as financial education resources to promote paid loan relief services and fabricated forgiveness programmes, misleading borrowers into paying for access to free government resources.
Attackers harvest personal details from public Instagram profiles and Stories to assemble the information needed to impersonate account holders to their mobile carrier, enabling SIM swap fraud.
Fake brand pages and shared giveaway posts on Facebook collect personal details and fees from users who believe they have won a legitimate prize draw, exploiting the platform's sharing mechanics to maximise reach.
Instagram accounts impersonating game developers or popular gaming influencers advertise free in-game currency giveaways, directing followers to credential-harvesting sites via bio links and story swipe-ups.
Fraudulent TikTok accounts run fake giveaway campaigns using duets and stitches of popular creators, directing entrants to external sites that harvest personal data or require payment to claim non-existent prizes.
Scam Telegram channels launch cryptocurrency donation appeals within hours of disaster events, impersonating relief organisations to collect funds that never reach affected communities.
Fraudulent YouTube videos teach viewers how to 'recover' locked game accounts using third-party tools that actually install malware or capture credentials, enabling attackers to take over the very accounts they claim to help secure.
Fraudulent course promoters use Reddit communities to build credibility and drive enrolment in overpriced or worthless educational programmes, exploiting the platform's culture of peer recommendation.
Instagram influencers and fake education accounts promote overpriced or fraudulent courses using lifestyle-aspirational content, targeting followers who want to replicate a creator's apparent success.
Fake mobile carrier pages on Facebook respond to customer complaints in public posts and groups, redirecting users with service issues to fraudulent support numbers or phishing links that harvest account credentials.
Scam accounts seed lottery winning stories in popular subreddits to build apparent authenticity and then direct readers to fee-collection sites, or contact commenters privately to solicit participation in advance-fee fraud.
Facebook gaming groups and Marketplace listings are used to execute game account takeover fraud, with fake support accounts and account sale scams targeting players who share login details or follow fraudulent links.
Fraudsters use Discord servers and direct messages to solicit disaster relief donations, impersonating community fundraising efforts or known charities to collect funds that are not forwarded to any relief operation.
Scam accounts contact Reddit users via DM claiming they have won prizes in subreddit giveaways, directing them to fee-collection or credential-harvesting sites through convincing but fraudulent winner notifications.
Fraudsters build fake romantic profiles on dating apps to manipulate victims emotionally and eventually extract money or personal information.
Scammers pose as long-distance partners on dating apps, using the distance narrative to justify why they can never meet and to eventually solicit money.
Criminals impersonate military personnel on dating apps to exploit trust and sympathy before requesting money under the guise of military-related emergencies.
Catfishers on dating apps construct entirely false identities to lure victims into emotional relationships for financial gain, blackmail, or personal exploitation.
Scammers use dating apps to build romantic relationships and then guide victims onto fraudulent crypto trading platforms, resulting in devastating financial losses.
Fraudsters on dating apps pose as wealthy individuals with inheritance complications, weaving romance into a narrative designed to get victims to pay fees for a share of a fictional fortune.
Fraudsters exploit Instagram's visual culture to create aspirational fake personas, initiating long-distance romantic relationships that ultimately lead to financial exploitation.
Scammers build Instagram profiles using stolen military photos to cultivate romantic trust before requesting money under false military-related pretexts.
Instagram's image-driven culture enables catfishers to build highly convincing fake identities using stolen photos and fabricated lifestyles.
Scammers on Instagram present as wealthy individuals with frozen assets, using romantic manipulation to convince victims to pay fees for a share of a nonexistent inheritance.
Scammers exploit Facebook's large user base and relationship features to create convincing fake personas, building romantic relationships that lead to financial exploitation.
Fraudsters use Facebook to cultivate long-distance romantic relationships with fabricated personas, eventually extracting money through manufactured emergencies.
Fraudsters create Facebook profiles using stolen military images to build romantic relationships and request money through fictitious military-related emergencies.
Fraudsters build detailed fake Facebook identities to deceive victims into romantic or personal relationships, exploiting the platform's social features to appear genuine.
Fraudsters impersonate celebrities on TikTok to build romantic connections with fans, ultimately requesting money or personal information from star-struck victims.
Catfishers exploit TikTok's video content and DM features to create convincing fake personas, targeting young users for financial, romantic, or blackmail purposes.
Scammers use Telegram's encrypted messaging to sustain fake long-distance romantic relationships and extract money without leaving a recoverable evidence trail.
Scammers impersonate military personnel on Telegram, exploiting the platform's encrypted messaging to maintain a romantic deception and request money without oversight.
Catfishers use Telegram's encrypted, unverified messaging environment to maintain false personas in romantic or personal relationships without accountability.
TikTok videos and livestreams are used to promote and sell counterfeit branded goods to viewers who believe they are getting genuine discounted products.
Fraudsters post TikTok videos promoting fake discount codes that either direct users to phishing sites, capture personal data, or fund fake referral schemes.
Scammers create TikTok accounts impersonating well-known brands, advertising deep clearance sales that funnel buyers to fraudulent checkout pages.
TikTok influencers and shop sellers sell inexpensive dropshipped products at massive markups, concealing the true origin and value of the goods from buyers.
Fraudulent TikTok creators produce paid or incentivised product reviews that misrepresent goods, manipulating buying decisions for financial gain.
Fraudulent Instagram shops use attractive imagery and influencer aesthetics to sell goods that never arrive or are significantly different from advertised.
Instagram accounts and Stories are used to sell counterfeit branded goods, exploiting the platform's visual appeal and DM-based purchasing to reach buyers.
Instagram's native shopping features are exploited by fraudulent sellers whose polished accounts deceive buyers into purchasing goods that are never delivered or misrepresented.
Scam accounts impersonate official brand outlet pages on Instagram, advertising fake clearance sales to harvest payment details from brand-loyal consumers.
Instagram influencers and shop accounts promote cheaply sourced dropshipped products at inflated prices, concealing the true origin and value of goods from buyers.
Fraudulent Instagram accounts and influencers promote fake discount codes that direct followers to phishing pages or earn commissions from fraudulent purchases.
Pinterest pins are used to drive buyers to external sites selling counterfeit branded goods, exploiting the platform's product-discovery format to reach brand-focused shoppers.
Pinterest's product discovery ecosystem is exploited by fraudulent shops that pin deceptive product imagery linking to stores that fail to deliver goods as advertised.
Scammers create Pinterest boards impersonating brand outlet sales, directing brand-conscious shoppers to fraudulent websites that harvest payment details.
Deceptive dropshippers use Pinterest's inspiration-driven format to present cheap wholesale products as premium items, charging large markups to aspiration-motivated buyers.
Advance fee fraud is operated through X DMs and posts, promising victims large financial returns in exchange for small upfront payments that are never refunded.
Fake cryptocurrency airdrop announcements flood Telegram crypto communities, directing members to wallet-draining links or harvesting private keys through phishing sites.
Scammers exploit Telegram's private groups and encrypted messaging to run advance fee fraud operations, promising financial returns in exchange for upfront payments.
Fraudulent crypto project accounts on Instagram announce fake airdrops, directing followers to phishing sites designed to drain wallets or steal private keys.
Facebook is used to run advance fee fraud operations through Messenger DMs, Groups, and fake profiles that promise large financial returns in exchange for upfront payments.
Fake cryptocurrency giveaways on Facebook target users through ads, Groups, and celebrity impersonation pages, using send-first mechanics to steal funds.
Scammers cultivate fake romantic relationships through Telegram's encrypted messaging, exploiting the platform's privacy to isolate victims and extract money.
Paid and fabricated product reviews on Instagram deceive followers into purchasing goods that do not match the claims made, generating affiliate income for dishonest creators.
Facebook Pages, Groups, and Marketplace use fake reviews and testimonials to build false credibility for products, services, and businesses that do not deliver on their promises.
Fraudulent discount code promotions on Facebook direct users to phishing sites or generate illegitimate affiliate income while providing no genuine saving.
Facebook Shops and Marketplace listings are exploited by fraudulent sellers whose polished storefronts and ads lure buyers into purchases that are never fulfilled.
Fraudulent discount codes shared through Snapchat Stories and DMs direct young users to phishing checkouts or generate affiliate commission from purchases under false pretences.
Scam accounts on Snapchat impersonate brand outlet sales, using the platform's ephemeral Stories to reach young audiences with fake clearance promotions.
Scammers impersonate celebrities on Facebook to build romantic connections with fans, exploiting the platform's large older demographic to extract money through fabricated emergencies.
Advance fee fraudsters use Instagram's aspirational lifestyle content and DMs to present convincing financial opportunities that require upfront payment before a promised payout.
Coordinated fake reviews on TikTok Shop manipulate product rankings and buyer decisions, driving purchases of low-quality or fraudulent goods.
Fraudulent product promotions on Snapchat use staged reviews and testimonials to drive purchases of goods that do not match the claims made.
Scammers create Instagram accounts impersonating celebrities to build romantic connections with fans, exploiting parasocial bonds to extract money.
Fraudulent sellers use Snapchat Stories and DMs to drive purchases of goods that are never delivered, exploiting the platform's disappearing content to evade accountability.
Scammers pose as military personnel on Snapchat to build romantic connections with young users, using the platform's disappearing messages to obscure the manipulation.
Facebook Shops and targeted ads are used to promote cheaply sourced dropshipped products at large markups, with misleading quality and origin claims.
Pinterest boards and pins are used to distribute fake discount codes that direct purchase-ready users to phishing sites or generate fraudulent affiliate commissions.
Pinterest boards full of staged or incentivised product reviews manipulate purchase decisions for products that do not match the claims made in the pinned content.
Scammers build convincing romantic personas on Instagram using curated profiles and direct messaging, gradually cultivating emotional dependency before extracting money.
Fraudulent cryptocurrency airdrop announcements spread through Facebook Pages and Groups, directing users to wallet-draining sites or collecting advance fees under the pretence of distributing free tokens.
Scammers impersonate celebrities in Telegram DMs and group chats, building romantic connections with fans before making financial requests.
Criminals hijack or spoof corporate email accounts to impersonate executives, suppliers, or finance staff and trick a company into making fraudulent payments.
Once attackers gain access to a corporate account, they extend business email compromise into Microsoft Teams chats to issue urgent payment instructions that feel internal and trusted.
Attackers who breach a workspace account use Slack direct messages to impersonate leaders or finance staff and authorise fraudulent transfers under the guise of internal chat.
Fraudsters combine spoofed emails with follow-up phone calls, impersonating executives or banks by voice to pressure finance staff into authorising fraudulent transfers.
Scammers impersonate a senior executive by email to instruct finance or junior staff to make an urgent, confidential payment outside normal procedures.
Fraudsters message employees on WhatsApp pretending to be the chief executive, using a new number and an urgent personal tone to demand a discreet payment.
Impersonators contact staff on Telegram posing as a company leader, exploiting the app's username-based identities to demand confidential, urgent payments.
Attackers impersonate a senior leader within Microsoft Teams, using the platform's trusted internal feel to pressure staff into urgent, confidential payments.
Impersonators use Slack direct messages to pose as a company leader, exploiting the workspace's trusted atmosphere to demand urgent, confidential transfers.
Criminals send emails impersonating a genuine supplier to announce a change of bank details, diverting legitimate invoice payments to an account they control.
Fraudsters phone a company's finance team posing as a supplier to announce new bank details, redirecting genuine invoice payments to a criminal account.
Scammers message finance staff on WhatsApp posing as a supplier contact to announce new banking details and divert genuine invoice payments.
Attackers take over a genuine vendor mailbox and use it to send authentic-looking invoices and bank-change requests from the real supplier address.
After breaching a vendor account, attackers extend invoice fraud into shared Microsoft Teams channels, sending manipulated invoices and payment-change requests that look internal.
When companies collaborate with suppliers in shared Slack channels, a compromised vendor account can deliver fraudulent invoices and bank-change requests that appear genuine.
Fraudsters pose by email as legitimate-looking suppliers offering goods or services, take payment or deposits, and then fail to deliver anything.
Scammers build professional LinkedIn profiles and company pages to pose as suppliers, win the trust of buyers, and take payment for goods that never arrive.
Bogus suppliers conduct deals over WhatsApp to appear responsive and informal, securing deposits for goods that are never shipped.
Fraudsters advertise as suppliers in Telegram channels and chats, leveraging the app's anonymity to collect deposits for goods that never materialise.
Fraudsters use search results and paid ads to surface fake supplier websites that look established, collecting payments for goods that are never delivered.
Scammers pose as prospective business clients or lead-generation partners on LinkedIn, extracting fees, data, or deposits in exchange for opportunities that do not exist.
Fraudsters email businesses posing as buyers or lead vendors, charging fees or harvesting data for sales opportunities that never materialise.
Scammers use WhatsApp to pose as eager business buyers or lead sellers, applying personal pressure to extract fees or data for opportunities that do not exist.
Fraudsters advertise B2B leads and buyer opportunities in Telegram channels and chats, taking fees or data for prospects that never convert.
Fraudsters email businesses with urgent domain-renewal or listing notices designed to look official, tricking them into paying inflated fees to the wrong party.
Callers claim a business's domain or web listing is about to expire and pressure staff into paying renewal or reinstatement fees over the phone.
Fraudulent renewal or registrar lookalike sites surface in search results and ads, leading businesses to pay the wrong party or hand over domain control.
Fraudsters email businesses with fake purchase orders, often impersonating a known organisation, to obtain goods on credit or trick suppliers into upfront costs.
Scammers pose as procurement officers of reputable organisations on LinkedIn to issue fake orders, obtaining goods on credit or steering suppliers into upfront fees.
Fraudsters coordinate fake purchase orders over WhatsApp, impersonating buyers from known organisations to obtain goods on credit or extract upfront fees.
Scammers issue fake purchase orders through Telegram, posing as buyers from known organisations to obtain goods on credit or extract upfront provider fees.
Fraudsters pose as investors or venture funds on LinkedIn, dangling funding to extract due-diligence fees, sensitive data, or upfront costs from businesses.
Scammers email businesses posing as investors or funds, using professional proposals to extract due-diligence fees, sensitive data, or upfront costs.
Fraudsters pose as investors on WhatsApp, building personal rapport before introducing fees, data requests, or upfront costs in place of real funding.
Scammers operate as investors in Telegram chats and channels, using anonymity to extract due-diligence fees, data, or upfront costs in place of funding.
Fraudsters arrange investor meetings on Microsoft Teams to appear legitimate, then extract due-diligence fees, sensitive data, or upfront costs.
Fraudsters email businesses official-looking trademark renewal or registration invoices, charging inflated fees for services that are unnecessary or never provided.
Callers claim a business must renew or protect its trademark urgently, pressuring staff to pay inflated fees for unnecessary or non-existent services.
Lookalike trademark service sites appear in search results and ads, charging inflated fees or duplicating official services businesses could obtain directly.
Fraudsters email businesses invoices for goods or services never ordered, relying on busy finance teams to pay them as routine obligations.
Callers chase payment for invoices a business never agreed to, using pressure and false familiarity to extract money for goods or services never ordered.
Scammers send invoices and overdue-payment demands over WhatsApp for goods never ordered, using informal pressure to extract payment from businesses.
Fraudsters email payroll or HR staff impersonating employees to change direct-deposit details, diverting wages to an account they control.
Attackers impersonate employees in Microsoft Teams chats to request direct-deposit changes, diverting wages by exploiting the platform's internal trust.
Fraudsters use Slack direct messages to impersonate employees and request direct-deposit changes, diverting wages by exploiting workspace trust.
Callers impersonate employees to phone payroll or HR and request direct-deposit changes, diverting wages by adding a confident human voice to the deception.
Attackers extend business email compromise onto WhatsApp, impersonating colleagues or suppliers to push urgent payment instructions through personal messaging.
Fraudsters use Telegram to impersonate colleagues or suppliers and push fraudulent payment instructions, exploiting the app's anonymity to pressure finance staff.
Fraudsters phone employees impersonating a senior executive, using a confident voice and spoofed caller ID to demand an urgent, confidential payment.
Attackers use Microsoft Teams chats to impersonate a supplier contact and announce new bank details, diverting genuine invoice payments to a criminal account.
Fraudsters impersonate a supplier in Slack to announce new banking details, diverting genuine invoice payments to an account they control.
After compromising a vendor account, attackers reinforce fraudulent invoices with phone calls posing as the supplier to confirm new bank details.
Bogus suppliers cold-call businesses with attractive offers, securing deposits or orders by phone for goods and services that are never delivered.
Fraudsters use fake tender portals and procurement sites promoted through search and ads to collect registration fees or deposits for contracts that do not exist.
Fraudsters promote fake funding and grant sites through search and ads, charging application or processing fees for investment that never arrives.
Fraudsters promote lead-generation and buyer-list sites through search and ads, charging for prospects or buyers that are fabricated or worthless.
Attackers use Microsoft Teams to pose as procurement staff of known organisations, issuing fake orders to obtain goods on credit or extract provider fees.
Fraudsters pose as investors in shared Slack communities and direct messages, building rapport before extracting fees, data, or upfront costs for funding.
Fraudsters message businesses on WhatsApp claiming a domain or listing is expiring, pressuring them to pay renewal fees to the wrong party.
Scammers message businesses on WhatsApp with urgent trademark renewal or protection demands, charging inflated fees for unnecessary or non-existent services.
Fraudsters send invoices and overdue-payment demands via Telegram for goods never ordered, using anonymity to pressure businesses into paying.
Fraudsters use Microsoft Teams to pose as buyers or lead partners, extracting fees or data for business opportunities that do not exist.
Fraudsters seed fake executive-contact details through search results and ads so staff reach an impersonator who then issues urgent payment instructions.
Attackers shift compromised-vendor invoice fraud onto Telegram, posing as a supplier contact to confirm fake invoices and bank-detail changes.
Attackers move compromised-vendor invoice fraud onto WhatsApp, posing as a supplier contact to confirm fake invoices and bank-detail changes.
Callers impersonate procurement staff of known organisations to place fake orders by phone, obtaining goods on credit or steering suppliers into upfront fees.
Fraudsters phone businesses posing as investors or fund representatives, using a confident voice to extract due-diligence fees, data, or upfront costs.
Attackers use Microsoft Teams chats to impersonate IT or a registrar and warn that a domain is expiring, pressuring staff to pay or share login details.
Fraudsters use Microsoft Teams chats to chase payment for invoices a business never agreed to, exploiting the platform's internal trust to extract money.
Fraudsters use Telegram to impersonate employees and request direct-deposit changes, diverting wages by exploiting the app's anonymity.
Fraudsters impersonate the tax authority over WhatsApp, claiming you owe an urgent debt or are due a refund, to pressure you into paying or sharing personal details.
Scammers use Telegram channels and direct messages to pose as tax officials, offering bogus refunds or threatening penalties to extract money and personal data.
Fraudsters run fake tax-authority pages, ads, and Messenger chats on Facebook to lure people with phoney refunds or scare them with invented debts.
Scam texts impersonate the tax authority, claiming a refund is waiting or a debt is overdue, to drive recipients to fake payment or data-harvesting pages.
Scammers buy search ads and build lookalike sites that appear when people search for tax help, steering them to fake refund portals or premium-rate phone lines.
Fraudsters impersonate police officers over WhatsApp, claiming your identity is linked to a crime, to frighten you into paying 'fines' or transferring funds to 'safe' accounts.
Scammers pose as police or 'cybercrime units' on Telegram, accusing victims of offences to extract payments, fines, or control of their bank accounts.
Fraudulent emails impersonate police or law-enforcement agencies, alleging offences or warrants, to coerce payments or harvest personal information.
Scammers create fake police pages and Messenger personas on Facebook to accuse users of offences and pressure them into payments or sharing personal data.
Scam texts impersonate police, alleging warrants or fines, to push recipients toward fake payment pages or a scripted phone line that demands money.
Fraudsters impersonate immigration authorities over WhatsApp, threatening visa cancellation or deportation, to extract fees and personal documents from victims.
Scammers run fake 'visa help' channels and impersonate immigration officers on Telegram to charge bogus fees and collect identity documents.
Fraudulent emails impersonate immigration departments, claiming visa problems or pending removal, to extract fees and identity documents from recipients.
Scammers call posing as immigration officers, alleging status problems or imminent deportation, to pressure victims into immediate payments over the phone.
Scammers use fake immigration-help pages and Messenger personas on Facebook to advertise bogus visa services, charge fees, and collect identity documents.
Scam texts impersonate immigration authorities, warning of visa problems or removal, to drive recipients to fake portals or a scripted phone line that demands fees.
Fraudulent emails claim you missed jury duty and face a fine or arrest, pressuring you to pay or share personal details to 'clear' the supposed offence.
Scammers call posing as court officers or sheriffs, claiming you missed jury duty and face arrest, to pressure victims into paying a 'fine' immediately.
Scam texts claim you missed jury duty and a warrant is pending, pushing recipients to pay a 'fine' through a link or to call a scripted phone line.
Fraudulent emails promise free government grants you have supposedly been awarded, then demand processing fees or personal details to 'release' the money.
Scammers use fake pages, hacked accounts, and Messenger chats on Facebook to promote bogus government grants, then charge fees and harvest personal details.
Scammers use Instagram posts, DMs, and fake 'grant agent' accounts to advertise bogus government grants, then charge fees and collect personal information.
Scam texts announce you have qualified for a government grant, then push you to a link or number to pay a 'release fee' and hand over personal details.
Fraudsters impersonate the social security agency over WhatsApp, claiming your number is suspended or linked to crime, to extract payments and personal data.
Scammers impersonate social security officials on Telegram, using bots and 'case' channels to claim your number is compromised and to extract payments and data.
Fraudulent emails impersonate the social security agency, claiming your number is suspended or misused, to harvest personal data and extract payments.
Scammers call posing as social security officials, claiming your number is suspended or tied to crime, to pressure victims into payments and disclosing data.
Scam texts claim your social security number is suspended or compromised, driving recipients to fake portals or a scripted phone line to extract data and payment.
Fraudulent emails pose as support, security, or billing alerts to lure victims into installing remote-access software that hands control of their device to scammers.
Scammers use fake support pages and Messenger chats on Facebook to convince users to install remote-access tools, handing control of their devices to fraudsters.
Scammers buy search ads and build fake support sites that appear when people look for help numbers, then talk callers into installing remote-access software.
Fraudsters send WhatsApp messages warning your device is infected, pushing you to install bogus 'antivirus' apps or pay for fake protection that delivers malware.
Scammers use Telegram channels, bots, and DMs to warn of device infections and push fake 'antivirus' downloads or paid protection that installs malware.
Scammers run fake security ads and pages on Facebook warning of infections, pushing users to download bogus 'antivirus' tools or pay for fake protection.
Scammers call claiming your antivirus has expired or your device is infected, pressuring victims to pay for fake protection or grant remote access.
Scammers use malicious Facebook ads and links that trigger fake virus pop-ups, scaring users into calling fake support or downloading harmful software.
Scammers use malicious Instagram ads and bio links that redirect to fake virus pop-ups, pressuring users to call fake support or download harmful apps.
Scam texts contain links that open fake virus pop-ups in the phone's browser, pressuring recipients to call fake support or install harmful apps.
Fraudulent emails embed QR codes that lead to phishing pages or malware, exploiting the fact that codes hide their destination and bypass link filters.
Scammers post QR codes in Facebook ads, posts, and Messenger that lead to phishing pages or malware, hiding the destination behind a scannable image.
Scammers share QR codes in Instagram posts, stories, and DMs that lead to phishing pages or malware, concealing the destination behind a scannable image.
Scam texts contain QR codes or links to coded images that lead to phishing pages or malware, hiding the destination and exploiting quick scanning habits.
Fraudulent emails pose as urgent software or security updates, tricking recipients into downloading malware disguised as a patch or driver.
Scammers use Facebook ads, posts, and Messenger to push fake app or browser updates that install malware instead of genuine patches.
Scam texts claim your phone or an app needs an urgent update, linking to malicious downloads or phishing pages disguised as official patches.
Scammers buy search ads and build lookalike sites that appear when people search for software downloads, serving malware disguised as official updates.
Fraudsters send WhatsApp messages urging you to install an app or 'update' via a link, delivering malware or hijacking your account under the guise of a patch.
Fraudulent emails claim your cloud storage is full, expiring, or compromised, to harvest login credentials or push payment for fake 'extra space'.
Fraudsters send WhatsApp messages claiming your cloud storage or backup is full or at risk, pushing links that steal credentials or payment details.
Scam texts claim your cloud storage is full or your account is at risk, linking to phishing pages that steal logins or payment details.
Scammers call claiming your cloud storage or account is full, compromised, or expiring, to extract payments, logins, or remote access to your device.
Fraudulent emails impersonate mobile carriers to harvest the personal data scammers need to take over your phone number through a SIM swap.
Scammers use WhatsApp to phish carrier details or trick victims into sharing codes, enabling a SIM swap that hijacks the number and linked accounts.
Scam texts impersonate carriers to phish account details, while a sudden loss of signal can be the first sign a SIM swap has hijacked your number.
Scammers take over or spoof a friend's WhatsApp account to request urgent money or verification codes, exploiting the trust between contacts.
Scammers hijack or clone Facebook profiles to message friends with urgent money requests, fake grants, or links, exploiting established trust.
Scammers take over Instagram accounts to message followers with fake investment tips, 'vote for me' links, or urgent requests that steal logins or money.
Scammers hijack or impersonate contacts on Telegram to request money, codes, or investment buy-ins, exploiting trust and the app's anonymity.
Scammers text from spoofed or hijacked numbers posing as a friend or relative in trouble, urging an urgent money transfer before you can verify.
Scam texts impersonate couriers, claiming a parcel is held or needs a fee or redelivery, to lure recipients to phishing pages that steal card and login details.
Fraudulent emails provide bogus tracking numbers and links that lead to phishing pages or malware, posing as shipment updates from couriers or retailers.
Scam texts supply fake tracking numbers and links posing as shipment updates, leading to phishing pages that steal card and login details.
Scammers send WhatsApp messages with bogus tracking numbers and links posing as shipment updates, steering victims to phishing pages.
Scammers use Telegram messages and bots with bogus tracking numbers and links posing as shipment updates, leading to phishing pages or malware.
Scammers advertise products on Facebook Marketplace, pages, and ads, take payment, then never ship the goods, exploiting buyer trust in social commerce.
Scammers run fake shop accounts and ads on Instagram, take payment for products, then never ship them, exploiting the platform's visual commerce.
Scammers move buyers to WhatsApp to close sales for goods they never ship, using the private chat to take insecure payments with no buyer protection.
Scammers pose as official support on Facebook pages and Messenger, intercepting users seeking help to steal logins, payments, or remote device access.
Scammers impersonate brand or platform support on Instagram, often offering 'account recovery', to steal logins, payments, or two-factor codes.
Fraudulent emails pose as company support about an account, order, or charge, to harvest logins, push payments, or lure victims into remote-access sessions.
Scammers buy search ads and build fake support sites that appear when people look for help numbers, then steal payments, logins, or remote device access.
How fraudsters use Signal's end-to-end encryption and disappearing messages to conduct fake romantic relationship scams with reduced evidence trails.
How sextortion and romance blackmail operations exploit Snapchat's ephemeral media features while secretly saving victims' intimate content for extortion.
How Reddit's buy-sell-trade subreddits are exploited by fraudulent sellers who collect payment but never ship goods.
How scammers impersonate delivery couriers on WeChat to trick recipients into clicking phishing links or paying fake customs fees.
How malicious smart-contract links spread through Reddit posts and comments to drain connected cryptocurrency wallets.
How advance-fee fraudsters use Viber's free international messaging to target victims across borders with inheritance, lottery, and business-opportunity pretexts.
How fraudulent prize notifications delivered via WeChat convince victims they have won a foreign lottery and extract fees under the guise of releasing winnings.
How secondary fraudsters contact previous scam victims on Viber with fake fund-recovery offers, charging upfront fees and delivering nothing.
How fraudulent job offers sent via Snapchat target young users with part-time, brand-ambassador, and social-media-manager roles that lead to identity theft or money mule recruitment.
How romance fraudsters leverage Nextdoor's perceived local credibility to build fake relationships with neighbourhood residents before making financial requests.
How scammers impersonate tech support, bank security teams, and platform representatives on Signal to extract remote access or personal data from privacy-conscious users.
How fraudulent sellers in Reddit buy-sell-trade communities exploit the platform's reputation system to conduct payment fraud for high-value goods.
How parcel-delivery phishing messages distributed through Viber steal payment card details and personal information from online shoppers.
How advance-fee fraud is operated through Reddit subreddits and DMs using loan offers, government-grant claims, and business-deal pretexts to extract upfront payments.
How sextortion scammers use Reddit profiles and DMs to identify and target victims, then move the interaction to other platforms to capture intimate content for extortion.
How phishing delivery notifications reach Snapchat users through fake courier Snaps and story ads, stealing card details under the pretence of releasing a parcel.
How fraudulent charity appeals spread through Viber Communities and group chats to collect donations that never reach genuine causes.
How romance scammers build fake long-distance relationships on Viber before introducing financial requests or investment schemes.
How scammers impersonate WeChat, bank, and e-commerce platform support teams via WeChat messages and calls to steal account credentials and authorise fraudulent transactions.
How advance-fee fraud exploits Signal's privacy reputation to conduct inheritance, business-deal, and government-grant fraud with minimal evidence trails.
How fraudulent charity appeals exploit Snapchat's Story format and young audience to collect donations for fabricated causes before the content disappears.
How fake prize win notifications distributed through Viber direct messages and Communities lure recipients into paying advance fees for non-existent foreign lottery winnings.
How romance fraudsters use Reddit communities to identify and approach lonely or emotionally vulnerable users for financial exploitation.
How cryptocurrency investment fraud spreads through Nextdoor neighbourhood feeds by exploiting local trust and peer-to-peer recommendation culture.
How fraudulent investment brokerages and crypto exchanges are promoted through Signal groups and private messages as exclusive, insider-only opportunities.
How phishing delivery notifications are distributed via Signal to steal personal data and payment card details from recipients convinced their parcel requires action.
How fraudulent merchandise and gaming-goods storefronts are promoted through Twitch streamer deals, chat links, and panel buttons to viewers who trust the content creator.
How advance-fee fraud targeting streamers and viewers uses Twitch DMs and chat to solicit upfront payments for sponsorships, partnership deals, and prize claims that do not exist.
How romance scammers use Twitch chat and community DMs to build fake relationships with viewers and streamers before making financial requests.
Fraudsters use Facebook pages, groups, and paid ads to sell counterfeit university degrees and professional certificates to job seekers.
Criminals send spoofed emails posing as universities or payment portals, diverting student tuition payments to fraudulent bank accounts.
Fraudulent education consultants use WhatsApp groups and direct messages to recruit students for overseas programmes that do not exist or are not as advertised.
Fraudsters send phishing emails impersonating mobile carriers to harvest account credentials and port victims' phone numbers to attacker-controlled SIMs.
Criminals pose as mobile carrier support agents on WhatsApp, tricking subscribers into sharing account credentials, one-time codes, or payment details.
Scammers use Telegram bots and fake carrier channels to harvest the account PINs and OTPs needed to port victims' mobile numbers without their consent.
Discord trading servers are rife with scammers who impersonate legitimate traders, use fake middlemen, and switch trade windows at the last moment to steal high-value virtual items.
Scam accounts on Instagram target young gamers with fake free-currency and skin offers that require entering payment details or completing tasks that bill parents without consent.
Telegram groups and bots posing as game trading hubs facilitate item-swap scams where victims send valuable in-game assets and receive nothing in return.
Fraudsters advertise rental properties and holiday lets on Instagram, taking deposits via direct message before the tenant discovers the property is unavailable or non-existent.
Rental scammers use Telegram channels and bots to advertise stolen property listings and process deposit payments, exploiting the platform's anonymity.
Scammers posing as airport transfer operators on WhatsApp collect pre-paid fares for pickups that never arrive, leaving travellers stranded on arrival.
Scammers use Facebook to promote fake vacation club memberships and fraudulent timeshare resale services, collecting large upfront fees for holidays or exit agreements that never materialise.
Fraudulent transfer operators use Instagram profiles and stories to advertise airport pickups, then collect pre-payments for drivers who never arrive.
Phishing emails impersonating mobile carriers deceive subscribers into revealing account credentials or paying fraudulent invoices through convincing carrier-branded messages.
Degree-mill operators use LinkedIn to target professionals seeking career advancement, advertising accredited qualifications that are unrecognised or fraudulent.
Fraudsters use LinkedIn to research payment decision-makers and craft targeted invoice-diversion attacks, often combining LinkedIn intelligence with email-based execution.
Criminals pose as university finance offices on WhatsApp, alerting students or parents to supposed outstanding balances and directing them to fraudulent payment links.
Degree-mill institutions buy Google Ads and manipulate search results to appear legitimate when users search for accredited online courses and professional certifications.
Scammers in Discord gaming servers target young players with fake free-currency and item offers, tricking them into revealing account credentials or completing paid offers.
Telegram game key channels and bots sell invalid or already-redeemed keys while exploiting the platform's anonymity to avoid accountability.
Scammers advertise rental rooms and flats on Facebook groups and Marketplace, collecting holding deposits before disappearing or denying any rental agreement exists.
Email campaigns target timeshare owners with fake resale and exit offers, demanding advance fees to process a sale or cancellation that never materialises.
Scammers use WhatsApp messages to trick subscribers into revealing the account authorisation codes needed to port their number to an attacker-controlled SIM.
Fraudulent education consultants on LinkedIn target professionals and recent graduates with fabricated overseas university placement services, collecting fees for placements that never happen.
Telegram transport channels and bots take advance payments for airport pickups that never materialise, exploiting the platform's popularity in travel-heavy regions.
Scammers impersonate executives on LinkedIn to instruct finance staff or vendors to redirect payments, or to extract confidential business information ahead of an email-based attack.
Scammers send WhatsApp messages to timeshare owners offering to resell their unit or cancel their contract, requesting advance fees that are never applied to any genuine service.
Scammers operating in Telegram rental groups collect holding deposits for properties they do not own or cannot let, disappearing with the payment before move-in.
Scammers use Facebook gaming groups and Marketplace to sell non-existent in-game items or accounts, or to execute trade-and-run fraud with virtual game assets.
Fraudulent game key sellers on Facebook Marketplace and gaming groups offer discounted keys that are invalid, already redeemed, or obtained fraudulently.
Fraudulent phone sellers on Telegram channels and groups advertise flagship handsets at steep discounts, collect payment, and send nothing or a counterfeit device.
Fraudulent removal operators on Telegram collect deposits for moves that are cancelled at the last minute or never fulfilled, leaving customers stranded on moving day.
Fraudulent tour operators buy Google Ads and optimise websites to appear at the top of search results for destination tour queries, collecting pre-payments for experiences they misrepresent or cannot deliver.
Fraudsters impersonate university payment services or scholarship programmes on Instagram, redirecting students to fake portals that capture tuition payment details.
Scammers use WhatsApp messages and groups to advertise discounted phones to unsuspecting buyers, collecting payment for handsets that are never sent or are counterfeit.
Fraudulent property listings appear at the top of Google results through paid ads or SEO manipulation, driving renters to websites that collect deposits for properties the operator does not own.
Fraudulent vacation club memberships and luxury travel packages are promoted on Instagram, collecting large enrolment fees for benefits that are illusory or grossly misrepresented.
Fraudulent carrier support bots and channels on Telegram extract subscriber credentials and one-time codes under the pretence of resolving billing or account problems.
Degree-mill operators use Telegram channels and bots to sell forged academic certificates and professional licences to people seeking employment or credential recognition.
Scammers move in-game trade negotiations to WhatsApp to conduct fake item exchanges and payment fraud outside the protections of the game platform.
Scam game key stores on Instagram advertise deep discounts on game codes, delivering invalid or stolen keys that fail to redeem.
Attackers use LinkedIn to research and target high-value individuals for SIM-swap attacks, harvesting the personal details needed to pass carrier identity verification.
Fraudulent guides solicit tour bookings directly via WhatsApp, collecting pre-payments for experiences that are cancelled, drastically inferior, or never delivered.
Fraudulent Facebook pages and groups target young gamers with fake currency giveaways and paid 'boosting' services that charge parents without delivering any benefit.
Fraudulent removal operators promote services via WhatsApp groups and messages, collecting deposits from people relocating who then find no movers arrive on moving day.
Fraudulent landlords advertise rental properties and request holding deposits via WhatsApp before disappearing or denying any rental agreement was made.
Telegram channels and bots offer timeshare exit services and vacation club memberships, collecting advance fees for services that are never performed.
Fraudulent tour guides and travel operators on Telegram collect deposits for customised travel experiences that are misrepresented, cancelled, or never delivered.
Fraudsters use Telegram to impersonate supplier contacts and announce banking detail changes, diverting business payments to criminal accounts.
Fraudulent transport pages and groups on Facebook collect pre-paid fares for airport pickups that fail to materialise, stranding passengers on arrival.
How fraudsters list stolen vehicles with cloned VINs on Facebook Marketplace to deceive buyers into purchasing cars with hidden criminal histories.
How sellers exploit online classified platforms to sell vehicles with washed titles that hide flood damage, salvage status, or total-loss history from unsuspecting buyers.
How fraudulent buyers on Facebook Marketplace use fake payment confirmations, overpayment cheques, and fake escrow services to defraud private car sellers.
How unlicensed dealers disguise themselves as private sellers on online classifieds to avoid dealer regulations, disclosures, and warranty obligations.
How fraudulent mechanics use online classifieds to find customers, then fabricate repairs or overcharge for services never performed.
How automated robocall campaigns deceive vehicle owners into purchasing worthless or non-existent extended warranties and service contracts.
How sellers on online classifieds platforms provide counterfeit or manipulated vehicle history reports to conceal accidents, salvage titles, and odometer fraud.
How fraudsters on Facebook Marketplace demand upfront deposits to 'reserve' a viewing slot for a car that does not exist or will never be shown.
How fraudulent callers impersonate roadside assistance providers to collect premiums for policies that do not exist or services that will never be rendered.
How sellers on online classifieds disguise high-mileage vehicles by manipulating odometer readings, and how buyers can detect clocking.
How ghost brokers advertise heavily discounted car insurance on online classifieds, selling fake or manipulated policies that leave drivers uninsured.
How fraudulent veteran charity pages on Facebook solicit donations that never reach service members, exploiting public goodwill toward military communities.
How fraudulent animal rescue fundraisers on crowdfunding platforms collect donations for animals in distress whose stories are fabricated, stolen, or grossly misrepresented.
How fraudulent religious appeals sent by email solicit donations for fabricated missions, humanitarian projects, or faith-based causes that exist only to enrich the sender.
How fraudulent children's welfare campaigns on crowdfunding platforms raise money for fictitious or grossly misrepresented child-welfare causes.
How fraudsters impersonate charity collectors at the door to pocket cash donations that never reach any charitable cause.
How fraudulent medical fundraising campaigns on crowdfunding platforms fabricate or exaggerate health conditions to raise money for treatment costs that are non-existent or heavily overstated.
How fraudulent callers impersonate religious leaders or church administrators to solicit tithes, emergency donations, and special collections by phone.
How scammers exploit major disasters and emergencies through unsolicited text messages and calls to collect donations that never reach affected communities.
How fraudulent volunteer programme emails charge applicants upfront fees for placements, visas, and training that are never delivered.
How fraudulent grant award emails impersonate foundations and government programmes to charge processing fees for grants that do not exist.
How fraudulent charity lottery emails claim recipients have won prizes, then charge fees to release winnings that do not exist.
How fraudulent crowdfunding campaigns exploit disaster events to raise money that never reaches affected communities or relief efforts.
How fraudsters impersonate religious representatives at the door to collect donations for fabricated faith-based causes.
How fraudulent crowdfunding campaigns exploit public affection for service dogs, guide dogs, and working dogs to raise money for training programmes that do not exist.
How fraudulent Facebook appeals for individual medical treatment funding use fabricated or misrepresented health conditions to solicit donations from compassionate followers.
How fraudulent phone callers exploit public support for the military community to solicit donations for veteran causes that direct no money to service members.
How fraudulent environmental and wildlife crowdfunding campaigns exploit concern for endangered species and habitat conservation to raise money for causes that do not exist.
Fraudsters create fake NFT project servers on Discord, pressure users into minting worthless tokens, and vanish after collecting funds.
Scammers use Telegram groups and bots to promote fake liquidity-mining schemes that harvest wallet credentials or drain approved funds.
Fraudulent token presales are promoted through Discord servers, collecting ETH or stablecoins before the project vanishes without delivering any real token.
Coordinated groups use X/Twitter to artificially hype new memecoins, inflate prices, then dump their holdings, leaving late buyers with near-worthless tokens.
Fraudulent cryptocurrency job offers circulate on Telegram, requiring applicants to deposit crypto as a training fee or task stake before any payment is made.
Fake copy-trading services on Telegram promise hands-free crypto profits, collect subscription fees or deposits, then produce fabricated performance reports while pocketing funds.
Fake DeFi yield-farming protocols are promoted through Discord communities, luring users with inflated APY rates before rug-pulling or draining depositor funds.
Fraudsters build romantic relationships with victims on WhatsApp, then introduce a fake crypto mining platform that gradually extracts large deposits before disappearing.
Fake forex trading operations recruit via Telegram, promise guaranteed currency-exchange profits, collect deposits, then steal funds through fake brokers or vanishing signal services.
Fraudsters use X/Twitter to artificially inflate the price of thinly traded stocks or tokens, then sell their positions at peak prices, leaving other investors with losses.
High-pressure sales callers push worthless or non-existent investments over the phone, using professional scripts and urgency to extract payments before victims can research the opportunity.
Fraudsters post lifestyle images on Instagram claiming they can multiply cash deposits through secret banking exploits, collecting payments from followers who never receive a return.
Unlicensed social media personalities on Instagram promote high-risk or fraudulent investment products to their followers without regulatory authorization or adequate risk disclosures.
Fraudulent Telegram bots claim to use artificial intelligence to generate consistent investment returns, collecting deposits that are never returned while showing fabricated profit dashboards.
Telegram channels sell AI-generated trading signals at premium prices, claiming machine-learning accuracy, but deliver generic or fabricated calls that produce consistent losses for subscribers.
Fraudsters use Discord to trade fake, stolen, or non-existent in-game skins and virtual currency, collecting real money or items before disappearing without delivering what was promised.
Fraudsters on Discord offer to recover banned accounts, boost rankings, or unlock achievements for a fee, delivering nothing or compromising the victim's account in the process.
Fake generator sites and Discord bots promise free in-game currency for popular games but steal account credentials, install malware, or funnel players through endless surveys that never deliver.
Sellers on Discord offer deeply discounted game keys that were purchased with stolen payment methods, and when the fraudulent purchase is charged back the key is revoked, leaving the buyer without the game.
Fraudulent mod loaders and cheats distributed through Discord contain malware that steals account credentials, cryptocurrency wallet data, and personal files from the victim's computer.
Fraudulent esports tournament organizers and unregulated betting operators on Discord collect entry fees or wagers but never pay out winnings or fabricate match results to ensure the house always wins.
Fraudsters posing as item buyers or marketplace administrators on Discord charge upfront fees before completing a purchase or trade, then disappear with the fee and the victim's items.
How callers posing as immigration or visa enforcement officers use phone calls to pressure victims into making payments to avoid fake deportation or arrest.
How fraudulent emails impersonating a national census bureau harvest personal and financial information from recipients under the guise of a mandatory population survey.
How callers impersonating child support enforcement agencies use threatening phone calls to coerce parents into making fraudulent payments.
How fraudulent emails impersonating passport agencies collect application fees and personal documents from people who believe they are renewing their passports through official channels.
How callers impersonating health insurance marketplaces or government healthcare programs enroll victims in worthless plans or steal personal data during open enrollment periods.
How fraudulent emails impersonating electoral registration authorities steal personal information by directing voters to fake registration portals ahead of elections.
How emails impersonating courts and traffic enforcement bodies pressure recipients into paying fraudulent fines through official-looking portals.
How callers impersonating FEMA and disaster relief agencies target disaster survivors with fraudulent aid applications that steal personal information and application fees.
How fraudulent emails mimicking official court e-summons notifications pressure recipients into clicking malicious links or paying to 'reschedule' hearings.
How text messages impersonating government agencies trick citizens into installing malicious apps that steal credentials, banking details, and personal data.
How phishing emails targeting healthcare portals and insurance accounts enable fraudsters to steal medical identities, obtain prescriptions, and submit fraudulent insurance claims.
How Facebook Marketplace and Facebook Groups are used to sell counterfeit, non-functional, or simply non-existent medical equipment to patients and caregivers.
How fraudulent callers posing as addiction treatment placement services steer vulnerable individuals and families toward fake or unqualified treatment facilities.
How callers sell worthless dental and vision discount plans that deliver far less coverage than promised, targeting people who lack adequate dental or vision insurance.
How health supplement emails use free trial offers to lock consumers into expensive recurring subscriptions hidden in hard-to-find terms.
How fraudulent medical fundraising posts on Facebook exploit compassion by fabricating or exaggerating illnesses to collect donations that never reach a real patient.
How weight loss program emails use dramatic before-and-after testimonials and trial offers to enroll consumers in expensive subscriptions that deliver little or nothing.
How fraudulent online therapy emails attract people seeking mental health support and either collect fees for non-existent sessions or connect them with unlicensed practitioners.
How fraudulent clinical trial invitation emails collect participation fees or personal data from people hoping to access cutting-edge treatments.
How fraudulent telemedicine callers exploit the growth of legitimate telehealth to collect insurance information, bill for services not rendered, and sell unneeded prescriptions.
How fraudulent healthcare billing emails collect personal and insurance information that enables fraudsters to submit claims for services never provided.
How callers promote prescription discount cards that claim to save significantly on medication costs but turn out to deliver negligible or no savings.
How callers target seniors and caregivers with free or subsidised medical alert devices that come with expensive hidden monthly monitoring contracts.
How callers posing as mortgage relief specialists prey on homeowners facing foreclosure, collecting upfront fees for help that never materialises.
How fraudulent emails offer loan modification services to struggling homeowners, collecting fees and sensitive financial documents before vanishing.
How fraudulent rent-to-own property offers on Facebook collect option fees and deposits from people who never gain any legal interest in the property.
How fraudsters intercept real estate transactions by compromising email accounts and redirecting closing funds to bank accounts they control.
How fraudulent property listings on Facebook collect holding deposits or first-month rent for properties the lister does not own or that do not exist.
How callers persuade homeowners in financial distress to sign over property equity through deceptive sale-leaseback or loan arrangements that leave them with nothing.
How rogue moving companies provide low initial quotes by phone and then dramatically inflate charges on moving day, holding belongings hostage until the inflated fee is paid.
How callers market fraudulent rent-to-own property programmes by phone, collecting option fees and monthly rent premiums without providing any valid ownership pathway.
How fraudulent emails impersonating estate agents collect holding deposits from property buyers or renters for properties they have no authority to let or sell.
How fraudulent room listings and fake roommate searches on Facebook collect deposits and advance rent from people seeking shared housing.
How phishing emails collect fragments of real consumer data that are combined with fabricated details to create synthetic identities used for large-scale financial fraud.
How fraudulent callers specifically target older adults to steal personal and financial information that enables identity theft, fraudulent account opening, and benefits fraud.
How email-based data breaches and phishing campaigns targeting healthcare organisations expose detailed medical identity records used for prescription fraud and benefit claims.
How fraudsters submit change of address forms on behalf of victims to redirect financial mail, intercept statements, and enable identity theft and account takeover.
How thieves intercept physical mail from letterboxes, shared mail areas, and postal redirects to harvest financial documents and enable identity theft.
How fraudsters obtain the personal details of recently deceased individuals through obituaries and estate mail to open credit accounts and submit fraudulent claims.
How fraudulent job offer emails and fake employer onboarding processes harvest tax and banking details used to commit employment tax fraud and benefits theft.
How fraudulent work-from-home job offers land in inboxes, promising easy remote income while harvesting personal data or extracting upfront fees.
How email-delivered job offers require victims to pay registration, training, or membership fees with the false promise of earning it back through work.
How fraudulent 'parcel manager' or 'quality control inspector' job offers delivered by email turn victims into unwitting accomplices in stolen-goods trafficking.
How fraudulent recruiters on LinkedIn use convincing job interview processes to harvest personal data, extract fees, or deliver malware to job seekers.
How fraudulent LinkedIn job offers progress to forged employment contracts designed to extract personal data, upfront fees, or bank account access from victims.
How fraudulent job offers spread through Telegram channels and group chats, leading victims through fake work tasks before demanding cryptocurrency payments or trapping them in pig-butchering schemes.
How fake data entry job offers delivered by email extract upfront fees, harvest personal data, or deliver no work in exchange for registration payments.
How Telegram-based fake app and product review jobs entrap victims in escalating cryptocurrency deposit schemes disguised as task-completion work.
How multi-level marketing recruitment fraud spreads through Facebook groups, personal profiles, and Messenger to sign victims up for money-losing product distribution schemes.
How fraudulent government job offers delivered by email use official-looking branding and application processes to extract fees and personal data from job seekers.
How fake talent scouts and model agencies use Instagram to recruit victims into paying for unnecessary photoshoots, portfolio fees, and training that lead nowhere.
How a decades-old postal job fraud has migrated to email, still promising easy home-based earnings for stuffing envelopes while extracting starter kit fees and revealing the 'secret' is to recruit others.
How fraudulent nanny, caregiver, and elderly care job postings on Facebook extract fees, deliver fraudulent cheques, or expose victims to personal safety risks.
How fraudulent virtual and personal assistant job listings on LinkedIn extract personal data, fees, and access credentials from applicants under the guise of professional remote roles.
How fraudulent internship offers delivered by email require students and recent graduates to pay placement fees, insurance bonds, or administrative charges for non-existent positions.
How fraudulent job offers delivered by email require victims to purchase bogus certifications or training courses as a condition of employment that never materialises.
How Telegram-based fake AI data labelling and annotation jobs use small initial payments and task dashboards to trap victims in cryptocurrency deposit cycles.
How email-based fake logistics coordinator jobs recruit victims to receive and forward packages purchased with stolen payment cards, exposing them to criminal liability.
How misleading commission-only job listings on LinkedIn lure victims with implied salary promises before revealing the role has no base pay, while extracting personal data and sometimes upfront costs.
How AI-generated fake candidate profiles on LinkedIn deceive employers and how fraudulent AI CV creation services scam job seekers with false promises of guaranteed interviews.
How unlicensed notarios and fake immigration consultants use email to deceive immigrants with false legal authority, filing fraudulent documents and collecting fees for services they cannot legally provide.
How fraudulent attorneys and fake law firm emails deceive immigrants with fabricated legal credentials, collecting large fees for immigration applications they never file or file fraudulently.
How fraudulent online citizenship test preparation services use email to charge immigrants for unofficial study materials, fake practice exams, or guaranteed-pass schemes that provide no real benefit.
How phone-based fraudsters impersonate government immigration authorities to demand fees for fake work permits, visa extensions, or expedited processing that do not exist.
How fraudulent emails claim recipients are entitled to compensation from a legal settlement, then extract processing fees or personal data before any payout is released.
How bogus class action claim emails persuade recipients to submit personal data or pay processing fees for non-existent litigation payouts.
How fraudulent callers impersonate process servers, debt collection attorneys, or law enforcement to coerce immediate payment for supposed outstanding debts under threat of lawsuit or arrest.
How fraudulent online notarisation and apostille services collect fees for falsified or worthless document authentications that can cause serious legal and immigration consequences.
How phone-based fraudsters impersonate immigration officials or consultants to demand fees from asylum seekers for application processing, case acceleration, or status protection.
How fraudulent giveaway and competition posts on Facebook harvest personal data, charge claim fees, or steal account credentials from users who believe they have won a prize.
How fraudulent mystery shopper and prize-linked job offers arrive by email, combining a work opportunity with a prize notification to extract fees and deliver fraudulent cheques.
How fraudulent online raffle and charity draw posts on Facebook collect ticket payments for prizes that are never awarded, while often impersonating legitimate charities or fundraisers.
How mailers designed to look like official prize notification packages pressure recipients into purchasing magazine subscriptions or products to claim prizes they have not won.
How fraudulent Facebook messages claim recipients have been selected as lottery winners, requiring them to pay release fees or provide financial details to claim a non-existent prize.
How fraudulent emails impersonate National Savings and Investments (NS&I) to claim recipients have won a Premium Bond prize, then extract fees or banking details to release the funds.
How fraudulent emails mimic legitimate second-chance lottery promotions to extract ticket submission fees, personal data, or banking details from lottery players.
How automated robocalls deliver fake prize winner notifications to millions of numbers simultaneously, directing recipients to claim processes that extract fees and personal data.
How fraudulent SMS messages claim recipients have won a raffle or prize draw, directing them to click links or call numbers that lead to data harvesting or fee extraction.
How emails claiming recipients have won a foreign lottery or sweepstakes extract escalating advance fees for taxes, customs, legal clearance, and currency conversion before the promised prize.
How phone-based fraudsters posing as prize claim agents demand processing fees, taxes, or insurance payments from apparent winners before releasing prizes that do not exist.
How thieves steal physical mail to harvest identity documents, financial statements, and pre-approved credit offers used to commit identity fraud and open fraudulent accounts.
How thieves intercept cheques from outgoing mail and chemically alter the payee name or amount, depositing the modified cheque fraudulently while the original sender remains unaware.
How fraudsters intercept cheques in transit through the postal network or at the delivery point, diverting them for deposit into fraudulent accounts.
How fraudsters redirect in-transit parcels to their own addresses by exploiting delivery update systems, customer service channels, or compromised account access.
How fraudsters submit unauthorised change-of-address requests to redirect victims' mail, enabling identity theft and financial fraud while cutting off the victim's receipt of important correspondence.
How fraudulent online sellers and schemes sell fake postage stamps and labels, costing recipients unexpected postage fees and exposing buyers to legal risk.
How fraudulent email-marketed PO box and virtual mailbox services collect rental fees for mail addresses that do not exist or forward mail to unsecured or criminal operations.
How Facebook groups promote cash gifting circles — presented as mutual support networks or women's empowerment schemes — that are mathematically unsustainable pyramid structures.
How multi-level forex trading recruitment schemes use Instagram lifestyle content to recruit victims into paying for trading signals, mentorship packages, and downline recruitment structures.
How Facebook-promoted travel club memberships disguise multi-level recruitment structures as discounted holiday packages, generating income primarily from new member recruitment rather than genuine travel savings.
How Facebook-based MLM recruitment encourages distributors to purchase large quantities of product inventory — far beyond retail demand — to achieve rank or bonus thresholds that benefit upline members.
How email-based chain letter schemes disguise pyramid structures as investment opportunities or mutual support networks, requiring participants to forward money and the letter to recruit new victims.
How Facebook-promoted fake affiliate marketing networks use affiliate business framing to disguise pyramid recruitment structures that charge membership fees and pay primarily for recruiting rather than genuine product sales.
How scammers use email to enrol you in unwanted recurring charges, from fake free-trial confirmations to deceptive unsubscribe links.
Malicious browser extensions that pose as coupon or cashback tools to steal credentials, inject ads, and harvest payment details.
How scammers use Instagram Stories and posts with artificial countdown timers to pressure shoppers into impulse purchases from non-existent stores.
How scammers use Facebook Groups and Marketplace to sell non-existent wholesale or liquidation pallets, targeting resellers and small business owners.
How scammers create hype for upcoming products on social media, collect pre-order payments, and then vanish before delivering anything.
How scammers send fraudulent warranty registration emails after real purchases to harvest personal details and push unnecessary extended-warranty products.
How scammers exploit TikTok Shop livestreams to sell counterfeit goods, pocket payments for items never shipped, and manipulate viewers with fake auction pressure.
How counterfeit designer handbags, watches, and accessories are sold on Facebook Marketplace using convincing photos and authentication theater.
How scammers use email campaigns promoting charity-branded merchandise to collect donations or product payments that never reach any genuine cause.
How scammers create polished Instagram shop accounts to sell clothing, accessories, or homewares that are never delivered or are cheap counterfeits.
How scammers create fake official merchandise stores promoted through social media around major tours and events, selling counterfeits or nothing at all.
How scammers organise group-buy schemes in Facebook Groups to collect pooled payments from multiple buyers, then disappear before delivering any goods.
How scammers use stolen credit card data to fulfil your legitimate marketplace order while leaving the true cardholder defrauded and you at risk of chargeback.
How scammers advertise pets for free or at low cost on Facebook, then extort escalating shipping, insurance, and customs fees from victims.
How scammers respond to lost-pet posts on social media to falsely claim they have found the animal and extract reward money before it becomes clear they do not.
How scammers list rare or exotic animals on classifieds platforms to collect payment for creatures that do not exist or cannot legally be sold.
How scammers advertise fraudulent dog or cat stud services in Facebook Groups, taking fees from breeders for non-existent or unregistered animals.
How scammers fabricate or exaggerate pet medical emergencies on social media to raise money for non-existent veterinary bills.
How scammers sell worthless ESA certificates and registration documents through official-looking websites, misleading tenants and travellers about their legal standing.
How scammers operate unofficial microchip databases that accept registration fees but are not linked to any veterinary or rescue lookup network.
How romance scammers on dating apps create elaborate travel stories and crises to solicit money for flights or travel expenses to visit a victim they have no intention of meeting.
How scammers cold-call romance fraud victims pretending to be investigators or recovery specialists, extracting further payments in exchange for fake fund-recovery services.
How scammers pose as recently bereaved widows or widowers on Facebook to build sympathetic romantic relationships and extract money from lonely adults.
How fake or deceptive matchmaking agencies use email to sell expensive membership packages with fabricated profiles and no genuine matching service.
How scammers on dating apps build romantic relationships and then request financial help to cover visa or immigration sponsorship fees that do not exist.
How fraudulent psychics use personalised email sequences to convince lonely adults they can predict or restore romantic love, extracting ongoing payments for useless readings.
How scammers pose as deployed military personnel on Facebook to build romance and then request fees to fund emergency leave travel to visit their partner.
How scammers on dating apps propose marriage quickly and then request payment for fabricated marriage visa, legal, or registration fees.
How scammers fabricate sudden medical crises on Facebook — through direct messages or crowdfunding posts — to extract urgent money from friends, family connections, and strangers.
How deceptive apps use confusing app store subscription flows to lock users into recurring charges that are difficult to identify and cancel.
How deceptive auto-renewal schemes send late or misleading renewal notices by email, ensuring the charge is processed before the customer can cancel.
How scammers embed fraudulent unsubscribe links in spam emails that confirm your address is active, harvest credentials, or silently enrol you in additional marketing.
How fake or deceptive membership clubs enrol consumers via email offers and bill them repeatedly for access to benefits that are worthless, inaccessible, or non-existent.
How tampered public USB charging stations can install malware or extract data from connected devices while appearing to simply charge them.
How attackers set up fake Wi-Fi hotspots with names identical to legitimate public networks to intercept traffic and steal credentials from connected devices.
How attackers distribute harmful browser extensions through stores and third-party sites to steal data, hijack sessions, and inject advertising into every page you visit.
How attackers leave infected USB drives in car parks, offices, and public areas hoping someone will plug them in and inadvertently launch malware.
How attackers flood a victim's authentication app with approval requests then call them posing as tech support to convince them to approve access.
How fraudulent data broker removal services charge ongoing fees for automated opt-out processes that consumers can perform themselves for free.
How attackers create fraudulent captive portal login pages on rogue Wi-Fi hotspots to harvest email addresses, passwords, and payment card details.
How attackers use leaked email-password combinations from data breaches to access accounts at scale, often announcing their success through extortion emails.
How malware delivered through email attachments and links harvests banking credentials, card details, and session cookies from infected devices.
How scammers use phone calls to convince Android users to install malicious APK files outside the Play Store, granting attackers remote control of the device.
How phishing emails direct victims to attacker-controlled proxy sites that capture live authentication sessions and bypass multi-factor authentication in real time.
How scammers send threatening emails claiming to have obtained your personal data from a breach and demanding payment to prevent its publication or misuse.
How scammers impersonate telecom providers over the phone to lock consumers into fraudulent upgrade contracts, port their numbers, or obtain device insurance payouts.
How scammers send fake carrier SMS alerts about roaming data exhaustion to collect payment for top-ups that are never applied to the real account.
How scammers pose as phone insurance or carrier representatives to collect excess payments for fraudulent insurance claims or block legitimate claims to harvest sensitive details.
How unauthorised third-party charges for subscriptions and services are added to phone bills without the customer's genuine consent.
How fraudsters use social engineering calls to convince carrier staff to transfer a victim's number to an eSIM they control, then intercept all calls and SMS including two-factor authentication codes.
How scammers make single-ring calls from international premium-rate numbers, hoping the recipient will call back and incur high per-minute charges.
How scammers send fake hotel booking confirmation and payment-update emails to harvest card details from travellers who believe they are managing a real reservation.
How fraudulent visa application services use email to intercept travellers researching visas, charge unnecessary fees, and process applications that are never submitted.
How fraudulent travel insurance emails sell worthless policies that provide no real cover, leaving travellers unprotected when they most need it.
How scammers sell fake, invalid, or non-existent event tickets through social media, targeting buyers for sold-out events at elevated prices.
How phishing emails impersonate airline and hotel loyalty programmes to harvest account credentials and steal accumulated points or miles.
How fraudulent passport renewal services use email to intercept applicants with official-looking forms, charging unnecessary fees and risking the loss of sensitive identity documents.
How fraudulent cruise deal emails offer deep-discount packages that either do not exist or come with hidden conditions that make the headline price unachievable.
How fraudulent travel agencies use email marketing to sell package holidays, flights, or hotel bookings that are never confirmed with the actual suppliers.
How scammers advertise non-existent or unavailable vacation rental properties on Facebook and direct-pay platforms to collect deposits from holidaymakers.
How fraudulent websites and emails charge unnecessary fees for Global Entry, TSA PreCheck, or equivalent trusted traveller programme applications that applicants can submit for the official government fee alone.
How scammers target travellers with delayed or lost baggage by sending fake airline compensation emails that collect personal details and bank information under the guise of processing a claim.
How fraudulent car rental operators and misleading deposit practices leave travellers without vehicles or facing unexpected deductions from deposit holds.
How scammers sell non-existent travel packages bundling accommodation, transport, and tickets to major events, collecting full payment before delivering nothing.
How scammers impersonate Airbnb or other short-let platform hosts to collect security deposits outside the platform's payment system, then disappear.
How scammers send fake airline upgrade offer emails to collect payment card details or loyalty programme credentials under the cover of a legitimate-seeming seat improvement.
How scammers posing as energy brokers or comparison service agents over the phone switch households to higher-cost tariffs or charge commission fees without providing a genuine service.
How scammers pose as utility companies or government agencies over the phone to collect banking details under the cover of processing a refund or rebate.
How scammers pose as smart meter installation engineers to gain entry to homes, charge for unnecessary or non-existent work, or steal from properties.
How doorstep scammers exploit anxiety about tap water quality to sell expensive and unnecessary filtration equipment or service contracts.
How scammers impersonate government green energy schemes over the phone to charge upfront fees for grants that do not exist or to gather personal data for identity fraud.
How scammers impersonate broadband providers over the phone to switch customers to inferior contracts, collect router deposit fees, or install remote access malware under the guise of technical support.
How scammers sell worthless boiler cover policies over the phone that collect premiums but deny or ignore all claims.
How doorstep callers pose as meter readers to gain access to homes, charge for non-existent services, or carry out distraction theft.
How rogue traders arrive at the door claiming a tree poses an urgent safety risk, collect large upfront payments for removal, and perform inadequate work or disappear.
How doorstep callers pose as government-funded insulation scheme representatives, collecting upfront fees or fitting substandard insulation for grants that do not apply.
How scammers impersonate utility companies over the phone, threatening imminent disconnection to panic victims into immediate payment by gift card or wire transfer.
How doorstep callers sell overpriced, substandard, or non-existent solar panels and green energy systems under the cover of government schemes or guaranteed savings.
How sellers use WhatsApp's private messaging environment to market washed-title vehicles, exploiting the platform's informality and end-to-end encryption to avoid accountability.
How unlicensed vehicle dealers use Instagram profiles and Stories to sell cars as private individuals, bypassing dealer licensing, disclosure, and warranty obligations.
How fraudulent mobile mechanics use WhatsApp to approach vehicle owners, conduct informal assessments, and overcharge for fabricated repairs in untraceable cash transactions.
How unsolicited emails mimic official warranty expiry notices to pressure vehicle owners into purchasing worthless extended service contracts.
How sellers using WhatsApp to market vehicles share counterfeit or manipulated history reports in private conversations, exploiting the channel's informality to bypass buyer verification.
How Instagram accounts advertising heavily discounted breakdown cover sell fake or worthless policies to drivers who discover the fraud only when they need assistance.
How vehicle sellers using WhatsApp to market clocked cars exploit the private conversational format to prevent buyers from conducting proper mileage verification before purchase.
How ghost brokers use WhatsApp networks to sell fake or manipulated motor insurance policies at inflated or discounted prices to drivers who end up unknowingly uninsured.
How fraudulent veteran charity emails solicit donations and recurring pledges by impersonating registered military welfare organisations in official-looking communications.
How fraudulent animal welfare pages and posts on Facebook solicit urgent donations for animals in distress whose situations are fabricated, misrepresented, or permanently recycled.
How fraudulent religious appeals circulated through WhatsApp groups and broadcast lists exploit community trust and shared faith identity to collect donations for causes that do not exist.
How fraudulent children's welfare pages and posts on Facebook exploit parental empathy and community sharing dynamics to raise money for fabricated or misrepresented child welfare causes.
How fabricated or exaggerated medical situations are presented on Facebook to solicit donations through the platform's native fundraising tools and linked payment pages.
How fraudsters use WhatsApp to impersonate religious leaders and church treasurers, soliciting tithes and special collections from congregation members through trusted-seeming messages.
How fraudulent disaster relief emails impersonate major aid organisations to collect donations in the days following a major emergency, before donors have identified verified giving channels.
How fraudulent volunteer programme operators use Instagram to recruit fee-paying applicants for overseas placements that do not exist or are dramatically misrepresented.
How fraudulent grant award messages circulated through WhatsApp target individuals and community organisations with advance-fee fraud dressed as charitable funding.
How fraudulent charity lottery win notifications are circulated through WhatsApp to collect release fees for prizes that were never entered and do not exist.
How fraudulent disaster relief posts and pages on Facebook collect donations in the wake of major emergencies, exploiting the platform's sharing dynamics before donors can identify verified channels.
How fraudulent emails impersonating religious organisations solicit special collections, building fund contributions, and emergency donations for causes that do not exist.
How fraudulent service and guide dog charity pages on Facebook use compelling canine content to build engaged followings before launching donation appeals for training programmes that do not exist.
How fraudulent personal medical treatment campaigns on crowdfunding platforms use fabricated diagnoses and borrowed identities to raise funds for treatment costs that are non-existent or heavily overstated.
How fraudulent military charity emails impersonate established veteran welfare organisations to collect donations and set up recurring charges for programmes that direct little or nothing to service members.
How fraudulent conservation and environmental pages on Facebook build engaged audiences through compelling wildlife content before launching donation appeals for projects that do not exist.
Fraudsters use X/Twitter hype campaigns, fake celebrity endorsements, and coordinated bot activity to drive retail buyers into fraudulent NFT mints before rugging the project.
Attackers use Telegram to distribute lookalike wallet addresses, impersonate project admins, and trick users into sending funds to attacker-controlled addresses disguised as official deposit destinations.
Fake DeFi liquidity pools are promoted through Discord DeFi communities, using community trust and server authority to drive wallet approvals that drain victim funds.
Fraudulent token presales are marketed through Telegram channels and bots, collecting cryptocurrency from investors with a promise of early-access allocation that is never fulfilled.
Coordinated Telegram pump groups organize simultaneous buying of obscure memecoins to drive price spikes, then organizers dump their holdings into the retail buying wave they created.
Scammers promote fake or malware-laced crypto tax tools through Reddit posts and comments in tax and crypto communities, exploiting the platform's perceived peer trust to drive downloads and subscriptions.
Fraudulent cryptocurrency employment opportunities circulate through Facebook groups and ads, targeting job seekers with convincing remote work offers that lead to upfront deposit demands.
Fraudulent mining hardware listings on Facebook Marketplace and crypto groups use stolen photographs and compelling backstories to collect payments for equipment that never ships.
Fake copy-trading operations on Discord build community credibility through staged performance results before routing deposits to unregulated platforms that block all withdrawals.
Fraudulent cross-chain bridge links are distributed through Discord communities via compromised accounts, impersonated admins, and fake support bots, directing users to phishing sites that steal bridged assets.
Fraudsters construct romantic connections through Facebook profiles and groups before introducing fake crypto mining platforms, exploiting Facebook's identity cues to build deeper trust than anonymous apps allow.
Fake MEV protection tools and bots are promoted through Discord DeFi communities, collecting deposits or wallet approvals under the guise of shielding users from front-running attacks.
Fraudsters promote fake DeFi protocols with deliberately vulnerable price oracles on Discord, accumulating user deposits before triggering a self-inflicted oracle exploit to drain the treasury.
Attackers use Telegram to execute the social-engineering phase of dusting attacks, contacting victims whose wallet identities have been linked to their Telegram presence through on-chain analysis.
Attackers manipulate DAO governance outcomes by using Discord to suppress community opposition, create false consensus, and shepherd malicious proposals through voting with minimal scrutiny.
Fraudulent forex trading schemes use Facebook ads, groups, and personal profiles to recruit victims with lifestyle imagery and fabricated returns before collecting deposits on unregulated platforms.
Telegram pump-and-dump groups coordinate simultaneous buying of thinly traded securities or tokens, creating artificial price spikes that organizers exploit to sell pre-held positions at the expense of group members.
Fraudsters impersonate family members, bank officials, or trusted contacts on WhatsApp to create urgent payment scenarios that pressure victims into authorizing bank transfers.
Boiler room-style investment fraud has migrated to Facebook, using targeted ads, fake financial expert profiles, and investment groups to apply the same high-pressure tactics in a digital social context.
Fraudulent bullion investment opportunities are promoted through Telegram channels, combining safe-haven investment appeal with crypto payment mechanics and group social proof to extract deposits.
Fraudulent carbon credit investment programs use Telegram channels to recruit environmentally motivated investors with promises of regulatory tailwinds and green portfolio returns.
Fraudulent fractional real estate schemes use Facebook ads and investment groups to recruit deposits for properties that do not exist, are misrepresented, or are controlled by operators who divert funds.
Money flipping fraud spreads through WhatsApp chain messages and direct appeals, using the platform's trusted personal network context to make cash multiplication promises seem more credible.
Unlicensed financial influencers on X/Twitter use large followings, coordinated engagement, and undisclosed paid promotions to drive followers into high-risk or fraudulent investment products without required disclosures.
Fake AI trading bots are distributed through Discord servers as community tools or premium services, collecting deposits through an interface that simulates real trading while routing all funds to the operator.
Discord servers sell access to AI-generated trading signal channels that showcase cherry-picked wins while delivering inconsistent or fabricated signals that produce losses for subscribers.
Fake AI trading platforms are promoted through Telegram with referral-driven recruitment mechanics, collecting deposits from an expanding network of victims before blocking withdrawals and disappearing.
Scammers exploit mechanics within official and third-party in-game marketplaces to defraud players through item bait-and-switch, chargeback abuse, and counterfeit listings that bypass platform safeguards.
Streamers and chat participants on Twitch promote fraudulent boosting and account recovery services, using live gaming demonstrations and chat-based social proof to recruit paying victims.
Fake in-game currency generator links spread rapidly on X/Twitter through bot networks and viral post mechanics, targeting young players with promises of free Robux, V-Bucks, or equivalent currencies.
Telegram channels sell game activation codes purchased with stolen payment methods, and when chargebacks occur the keys are revoked, leaving buyers with cancelled games and potential account suspensions.
Streamers on Twitch are either compromised or paid to endorse fake mod tools and cheat programs, lending live-stream credibility to malware downloads that steal credentials and cryptocurrency.
Fraudulent esports betting sites and fake tournament operators use Twitch streams as a promotional and credibility channel, collecting viewer wagers and entry fees through live broadcast social proof.
Fraudulent fee structures embedded within or adjacent to official in-game trading systems deceive players into paying escalating charges that are never authorized by the game publisher.
How text messages impersonating immigration authorities create panic about fake visa violations and direct recipients to call back numbers or pay through unsafe links.
How callers impersonating census or statistical agency workers conduct fake surveys to harvest personal and financial information under the guise of an official population count.
How text messages impersonating child support enforcement agencies pressure parents with fake enforcement notices and urgent payment links.
How fraudulent emails impersonating health insurance marketplaces and government health programs enroll recipients in worthless plans or harvest Social Security numbers during open enrollment windows.
How text messages impersonating voter registration authorities warn of lapsed registrations and direct recipients to fake portals that collect personal information.
How text messages impersonating courts, traffic enforcement agencies, and toll authorities create urgent fine payment demands and direct recipients to fake portals.
How fraudulent emails impersonating FEMA and disaster relief organisations collect personal information and application fees from disaster survivors seeking legitimate assistance.
How callers impersonating court clerks and officers pressure recipients into paying fees to reschedule or resolve a supposed pending summons, exploiting the fear of missing a court date.
How fraudulent emails direct citizens to install malicious apps disguised as official government tax, benefit, or identity apps, enabling credential theft and device compromise.
How callers impersonating healthcare providers, insurers, and government health programs extract insurance member IDs and patient credentials that enable medical identity theft.
How fraudulent medical equipment emails promote deeply discounted or free devices that turn out to be counterfeit, non-functional, or never delivered.
How fraudulent emails targeting people seeking addiction treatment steer recipients toward unqualified or non-existent treatment facilities through compelling recovery narratives.
How email offers for dental and vision discount plans use persuasive plan summaries and low monthly costs to enroll consumers in memberships that deliver little or no real benefit.
How callers promoting health supplement offers enroll consumers in expensive recurring subscriptions without clearly disclosing the ongoing billing terms.
How email-based medical fundraising appeals exploit compassion and personal networks to solicit donations for fabricated or exaggerated medical emergencies.
How Facebook advertisements for weight loss programs use dramatic testimonials and celebrity-adjacent imagery to funnel users into expensive hidden subscription traps.
How callers posing as therapy intake coordinators enroll vulnerable people in counselling subscriptions backed by unlicensed practitioners or no genuine service at all.
How callers posing as clinical trial recruiters exploit patients' hope for new treatments to collect personal data, insurance details, and enrolment fees.
How fraudulent telehealth emails attract new patients with low-cost consultation offers, then collect insurance data and prescribe unnecessary products through the fake platform.
How callers impersonating healthcare billing departments collect card payments for manufactured debts and harvest insurance details to enable fraudulent claims.
How emails promoting prescription savings cards enroll consumers in paid memberships that deliver negligible savings compared to free alternatives.
How emails promoting free or subsidised medical alert devices for seniors collect Medicare numbers and personal information while hiding expensive monitoring contracts.
How fraudulent emails targeting homeowners in foreclosure offer loan modification and relief services that collect upfront fees and sensitive financial documents but deliver nothing.
How callers posing as mortgage relief specialists pressure financially stressed homeowners into paying upfront fees for loan modifications that are never pursued.
How fraudsters telephone real estate transaction parties to provide false wire instructions verbally, exploiting the trust placed in a familiar-sounding professional.
How fraudulent emails targeting homeowners with equity and financial distress propose deceptive sale-leaseback or refinance arrangements that strip home equity without delivering promised benefits.
How fraudulent moving company emails provide attractively low quotes, then dramatically inflate the final bill on moving day by manufacturing additional charges.
How fraudulent callers posing as estate agents or their representatives pressure buyers and renters into transferring holding deposits by phone under the threat of losing a desired property.
How fraudulent phone callers pose as government agencies, banks, and healthcare providers to collect Social Security numbers and personal details used to construct synthetic identities.
How phishing emails targeting older adults exploit Medicare, Social Security, and banking credentials to commit identity theft and benefits fraud.
How fraudsters use email-based account takeover and online address change forms to redirect digital financial correspondence and enable account fraud.
How fraudulent callers posing as employers and HR representatives harvest Social Security numbers and banking details for employment tax fraud and unemployment benefit theft.
How fraudulent work-from-home job offers spread through WhatsApp groups and direct messages, using personal messaging context to lower victim scepticism before extracting fees.
How fraudulent callers pose as recruiters to pressure job seekers into paying registration or training fees over the phone with the false promise of immediate employment.
How Facebook job postings and Marketplace listings recruit victims as package reshippers, turning them into unknowing participants in stolen-goods trafficking operations.
How fraudulent job interviews conducted entirely over WhatsApp use the personal messaging format to build trust before extracting fees, harvesting data, or delivering malicious links.
How fake job contracts shared over WhatsApp create a false sense of official commitment used to justify requests for personal data, upfront fees, or banking details.
How fake data entry job advertisements on Facebook and in community groups target job seekers with portal access fees and personal data collection under the guise of genuine remote work.
How SMS-delivered fake app and product review job offers use short urgent text messages to recruit victims into cryptocurrency deposit schemes.
How multi-level marketing schemes use Instagram lifestyle content and direct message outreach to recruit followers into buying starter kits and building recruitment downlines.
How fraudulent government job notifications delivered by text message impersonate official recruitment agencies to extract fees and identity documents from applicants.
How fake talent scouts post casting calls and agency notices in Facebook community groups to recruit victims into paying for portfolio shoots and registration fees.
How fraudulent nanny and caregiver job offers delivered by email use formal employment correspondence and cheque overpayment fraud to steal from caregiving job seekers.
How fraudulent internship listings on LinkedIn target students and graduates with placement fees and professional development charges for non-existent positions at credible companies.
How WhatsApp-based fake AI data labelling job offers use group chats and personal messaging to draw victims into cryptocurrency deposit schemes with fake earnings dashboards.
How fraudulent logistics coordinator job postings on Facebook Marketplace and in community groups recruit victims to handle stolen goods at their home address.
How misleading commission-only job advertisements on Facebook attract applicants with implied salaries before revealing no base pay while extracting starter kit costs.
How unlicensed notarios and fake immigration consultants use WhatsApp to reach Spanish-speaking immigrants with unofficial immigration help, collecting fees for services they cannot legally provide.
How fraudulent citizenship test preparation services reach immigrants through text messages impersonating official government notifications about naturalisation requirements.
How fraudulent emails impersonating immigration authorities demand fees for fake work permit approvals, renewals, or expedited processing that do not exist.
How fraudulent text messages claim recipients are owed a settlement payment, directing them to links that harvest personal data or charge processing fees.
How fraudulent callers impersonate settlement administrators to walk consumers through fake class action claim processes, extracting personal data and processing fees over the phone.
How fraudulent emails impersonating law firms or debt collectors threaten recipients with imminent legal action to coerce payment for fabricated debts.
How WhatsApp-based fraudsters target asylum seekers through community networks, demanding fees for case processing, legal representation, or application acceleration.
How fraudulent brand giveaway posts and fake competition accounts on Instagram collect follows, data, and fees from users who believe they have won prizes from impersonated brands.
How text messages offer recipients a mystery shopper assignment delivered as a prize notification, leading to cheque fraud and gift card extraction.
How fraudulent raffle and charity draw tickets are sold through WhatsApp community groups and personal messages, collecting payments for prizes that are never drawn.
How email versions of deceptive sweepstakes notifications use prominent prize announcements and urgency to pressure recipients into purchasing products or subscriptions.
How fraudulent Instagram direct messages claim recipients have won celebrity giveaways or social media lotteries, then extract fees and personal data to release non-existent prizes.
How fraudulent text messages impersonate state lottery second-chance programmes to harvest player credentials and charge entry fees for draws that do not exist.
How fake prize winner notifications delivered by text message direct recipients to call-back numbers where fees are extracted by live operators or automated systems.
How fraudulent raffle prize winner notifications sent via WhatsApp use personal messaging context to lower victim scepticism before collecting fees and personal data.
How phone calls impersonating foreign lottery commissions and international prize authorities extract escalating advance fees from targets told they have won international sweepstakes.
How fraudulent prize claim emails use official-looking correspondence and escalating fee sequences to extract payments from recipients who believe they are processing genuine prize claims.
How WhatsApp group-based cash gifting circles exploit community trust and private messaging to spread pyramid structures among friends, families, and colleagues.
How Telegram channels and groups promote multi-level forex trading recruitment schemes using signal subscriptions and group membership to disguise pyramid income structures.
How email-based travel club membership offers disguise pyramid recruitment structures as discounted holiday packages, using professional correspondence to reach a broad audience.
How Instagram-based MLM distributors use product lifestyle content and income posts to pressure downline members into purchasing more inventory than they can sell.
How WhatsApp-based chain letter money schemes spread rapidly through personal and community networks, using group forwarding to recruit new victims from trusted social circles.
How Instagram-promoted fake affiliate marketing programmes use income screenshot content and lifestyle posts to recruit followers into pyramid schemes disguised as digital business opportunities.
How scammers use text messages to enrol victims in unwanted recurring charges through fake prize claims, missed-delivery notices, and short-code billing fraud.
How Facebook ads and posts are used to push malicious coupon extensions that steal credentials and inject fraudulent checkout pages.
How TikTok videos and live streams use manufactured urgency through countdown timers and limited-stock warnings to push fraudulent purchases.
How WhatsApp groups and direct messages are used to pitch fraudulent wholesale or liquidation deals that result in lost payments and undelivered goods.
How fraudulent pre-order confirmation emails collect upfront payments for products that will never be manufactured, shipped, or refunded.
How cold calls impersonate warranty registration services to extract payment card details and personal information under the guise of completing a product warranty.
How Instagram Live shopping sessions are used to sell counterfeit, misrepresented, or non-existent products to viewers who pay through DMs or external links.
How Instagram accounts sell counterfeit designer goods using aspirational content, influencer aesthetics, and DM-based sales that bypass buyer protections.
How Facebook pages and sponsored posts sell merchandise under a charitable banner, keeping almost all proceeds while donating little or nothing.
How fraudulent boutique sellers who built credibility on Instagram now replicate the same tactics on TikTok to reach new victims through short-form video.
How fraudulent artist merchandise stores use email campaigns to sell fake or non-existent concert merchandise to fans, timed around tour announcements.
How WhatsApp groups are used to organise fake group purchasing schemes that collect upfront payments from multiple participants before the organiser disappears.
How phishing emails and fake order confirmations are used in triangulation fraud schemes where stolen card details fund legitimate purchases shipped to unknowing buyers.
How fraudulent pet sellers use email to request repeated shipping fees, insurance costs, and customs charges for pets that do not exist.
How scammers text pet owners who have posted lost-pet notices to extract money under the pretence of having found or being able to return the animal.
How Instagram profiles post curated content of rare and exotic animals to attract buyers, collect deposits, and disappear without delivering any animal.
How fraudulent breeding service operators use email correspondence to collect deposits for stud services, then provide excuses, delay indefinitely, and disappear with the money.
How email campaigns solicit donations for fabricated pet medical emergencies, using compelling stories and fake invoices to extract charitable donations.
How email marketing promotes fraudulent ESA registration services that issue meaningless certificates, charge annual fees, and leave consumers without legitimate accommodation rights.
How cold callers claiming to represent official microchip registries charge pet owners renewal or transfer fees for services that have no official standing.
How romance fraudsters migrate from dating apps to WhatsApp to request travel funds for meetings that will never take place.
How fraudsters target recent romance scam victims by email, posing as investigators, law firms, or recovery specialists who charge fees to retrieve lost funds.
How scammers use email to sustain long-running romantic relationships with recently bereaved individuals, building emotional dependency before making financial requests.
How phone-based matchmaking services charge high upfront fees for premium introductions that are either fabricated profiles or matches who were never informed.
How romance scammers use WhatsApp to sustain a relationship before requesting sponsorship funds, visa application fees, or immigration costs from overseas partners.
How telephone psychic lines exploit loneliness and romantic hopes to charge premium rates for romantic guidance, soulmate identification, and spell-casting services.
How scammers posing as deployed military personnel use WhatsApp to request fees for leave passes, communications access, or equipment deposits before asking to meet.
How scammers maintain WhatsApp-based romantic relationships and request successive marriage visa fees that are never applied toward any genuine immigration process.
How WhatsApp contacts — impersonating romantic partners, family members, or stranded acquaintances — fabricate medical emergencies to solicit urgent fund transfers.
How SMS-based subscriptions enrolled through text messages are deliberately made impossible to cancel, cycling through looping cancellation processes that extend billing.
How confirmation and renewal emails obscure the true nature of recurring charges, using deceptive framing to maintain billing that consumers did not intend to authorise.
How text message notifications are used to give the appearance of renewal notice while ensuring most consumers cannot act in time to cancel before the charge is taken.
How phone-based cancellation lines claim to process unsubscribe requests while instead enrolling callers in new subscriptions or harvesting payment details.
How cold callers enrol consumers in fictitious membership clubs or loyalty programmes with recurring billing, using verbal consent scripts that obscure the financial commitment.
How phishing emails push malicious browser extensions under the guise of security updates, productivity tools, or essential plugin upgrades.
How email phishing campaigns are used to harvest credentials that then trigger MFA push bombardments, combining email and push-notification attacks to bypass two-factor authentication.
How cold callers claim to have found your personal data on the dark web or data broker sites and charge for removal services they cannot or do not perform.
How SMS notifications — both legitimate and fraudulent — are exploited during credential stuffing campaigns to either assist attackers or misdirect victims.
How vishing calls impersonating banks or tech support trick victims into installing banking trojan software under the guise of resolving a fraudulent transaction.
How Telegram groups and direct messages are used to distribute malicious Android APK files disguised as exclusive apps, games, or investment tools.
How vishing calls are used to extract session cookies or one-time codes that allow attackers to hijack authenticated web sessions without ever knowing the victim's password.
How text messages deliver sextortion, password extortion, or data exposure threats to mobile numbers, exploiting the personal nature of SMS to extract payments.
How phishing emails impersonating mobile carriers offer irresistible upgrade deals that harvest personal and payment details or enrol victims in fraudulent contracts.
How phishing emails impersonate phone insurance providers to harvest claim details, or how fraudulent claims are coached through email to extract false compensation.
How email-based sign-up flows and account portals are used to enrol consumers in third-party telecom add-ons that result in cramming charges on their phone bills.
How SMS messages — both fraudulent phishing texts and legitimate carrier notifications — intersect with eSIM swap fraud, and what to do when you receive a SIM change notification.
How one-ring missed calls are increasingly supplemented with SMS follow-ups that increase callback rates by adding urgency or a plausible context for the missed call.
How SMS messages impersonating hotels or booking platforms redirect travellers to fraudulent payment pages or request card details for 'pre-authorisation' charges.
How phone-based visa consultants charge high fees for assistance that is either unnecessary, incomplete, or fraudulent, leaving applicants with rejected applications and lost money.
How cold callers sell fraudulent travel insurance policies that have no real coverage, leaving travellers unprotected and out of pocket when they need to claim.
How phishing emails and fraudulent ticket confirmation messages deliver fake event tickets, leaving buyers locked out of events and unable to recover their money.
How cold callers impersonating loyalty programme representatives trick frequent travellers into paying fees to unlock, protect, or transfer reward points.
How callers impersonating passport agencies or official government renewal services charge processing fees and collect personal data for identity theft or worthless assistance.
How cold callers offer exclusive cruise deals with high-pressure tactics that result in worthless bookings, hidden fees, or cabin categories dramatically different from what was described.
How fraudulent travel agencies operate telephone booking services that collect full holiday payments for trips that are never arranged or that collapse before departure.
How fraudulent listings on mainstream booking platforms harvest guest payments for properties that do not exist or are not available to let.
How callers impersonating US Customs and Border Protection or TSA charge fees for Global Entry or PreCheck enrolment assistance that provides no genuine value or service.
How callers impersonating airlines or compensation claims services charge fees to process lost luggage compensation claims that they do not file.
How phishing emails impersonating car rental companies generate fraudulent deposit requests or capture card details during the booking confirmation process.
How callers sell sports, concert, or festival travel packages over the phone, collecting full payment for flights, hotels, and event tickets that are fraudulent or do not exist.
How phone calls offer free holidays or holiday club trials to lure consumers into high-pressure timeshare or holiday membership sales presentations.
How fraudulent hosts move Airbnb or vacation rental communication to WhatsApp to solicit additional deposits or off-platform payments outside of any buyer protection.
How callers impersonating airlines offer upgrades or seat changes that never materialise, charging premium fees for nothing.
How email campaigns impersonating energy suppliers or brokers mislead businesses and households into switching to contracts with hidden terms, high exit fees, or no actual supply.
How phishing emails impersonating energy, water, or telecoms providers claim an overpayment is available, directing consumers to fraudulent refund pages.
How cold callers impersonating energy suppliers or government programmes charge fees for smart meter installations that are offered free of charge by law.
How phishing emails impersonating government energy efficiency schemes solicit application fees, surveys, or personal details under the guise of qualifying for insulation, heat pump, or renewable energy grants.
How phishing emails impersonating broadband providers mislead consumers into paying fraudulent bills, switching contracts under false pretences, or providing account credentials.
How phishing emails impersonating boiler cover providers collect renewal payments or policy details for cover that does not exist or will not pay out.
How cold callers impersonating energy suppliers collect meter readings, personal details, or payments under the pretence of a routine meter check or billing update.
How cold callers impersonate council tree departments or arborist services to charge upfront fees for tree inspections or removal work that is never performed.
How text messages impersonating energy, water, or telecoms providers threaten immediate service disconnection unless a payment is made within hours.
How cold callers sell solar panel installations, heat pumps, or green energy investments under the pretence of government grants or exceptional returns that do not materialise.
How cold callers impersonating government insulation grant schemes charge homeowners for surveys or deposits on insulation work that qualifies for free government funding.
How cold callers impersonating water authorities or health agencies claim local water supply problems and charge for filtration systems or water quality tests.
How vishing calls warn of fake juice jacking incidents to harvest banking credentials or push victims to download fake security tools.
How vishing calls impersonating hotel or venue IT support direct victims to connect to rogue Wi-Fi networks and accept malicious captive portal terms.
Why scammers specifically demand cryptocurrency for fraudulent investments, how the irreversibility of blockchain transactions works against victims, and what limited options exist after funds are sent.
How fraudulent sellers steer marketplace buyers toward Zelle, why its bank-to-bank speed means payments are nearly irreversible, and how to protect yourself when buying online.
How task scams collect 'deposit' payments through Cash App, why the platform's peer-to-peer model offers limited fraud recourse, and what to do if you've sent money.
Why fake tech support scammers demand payment in gift card codes, the specific retailers they target, and why any legitimate support call that mentions gift cards is a scam.
How fraudulent landlords use wire transfer requests to take security deposits and first month's rent for properties they do not own or that do not exist, and why wire transfers are particularly hard to recover.
How BEC fraud intercepts or impersonates business email to redirect legitimate bank transfers to scammer-controlled accounts, and the verification steps that prevent it.
How scammers exploit family crisis scenarios — impersonating grandchildren, friends, or officials — to pressure victims into buying gift cards and reading codes over the phone.
How pig-butchering investment fraud uses bank transfers as the payment entry point, the window for recovery that exists with bank-to-bank payments, and the protections that differ from crypto.
How fraudulent lottery notifications demand gift card payment for 'release fees' and 'taxes' before winnings that don't exist can be 'claimed' — and why no real lottery works this way.
How fraudulent asset-recovery services target people who have already lost money to scams, demanding upfront cryptocurrency fees to 'trace and recover' funds that they will never retrieve.
How attackers intercept or impersonate supplier invoices to redirect legitimate wire transfers to fraudulent accounts — and the verification step that stops it every time.
How fake vehicle listings use fraudulent escrow services to collect wire transfer deposits for cars, motorcycles, and boats that don't exist or aren't for sale.
How fraudulent appeals exploit disasters, conflicts, and causes to collect crypto donations that never reach any charitable purpose — and how to verify before donating.
How task scams exploit PayPal's familiarity and Friends and Family feature to collect deposits — and why the payment method choice matters for your ability to dispute a charge.
How fraudulent investment platforms collect bank transfers by mimicking legitimate financial intermediaries — the narrow recall window that makes early reporting critical, and the verification checks that stop payment before it leaves your account.
How romance fraud pivots from emotional grooming to cryptocurrency payment requests — why crypto is chosen over bank transfer, and what the irreversibility of blockchain transactions means for recovery.
How fake tech support callers escalate from gift card demands to wire transfers for larger amounts — the bank verification step that sometimes intercepts these payments, and what to do if a transfer has been sent.
Why pig-butchering scammers increasingly demand payment in USDT and other stablecoins, how stablecoin transfers differ from volatile crypto for the scammer's operational needs, and what victims should know about tracing.
How fraudulent buyers send overpayment cheques to sellers, exploit the gap between apparent clearance and actual verification, and collect a refund before the cheque bounces — leaving the seller out of pocket.
How fake landlords collect security deposits and first month's rent through Cash App — why the peer-to-peer platform offers no renter protection, and what to do if a payment has been sent.
How lottery advance-fee fraud escalates to wire transfer demands for larger 'release fees' — why the payment method shift from gift cards to wire signals the scammer believes significant funds are available, and what to do.
How emergency money request scammers send couriers to collect cash directly from victims' homes — why the in-person cash pickup is the highest-pressure variant of this fraud, and why no real emergency works this way.
How fraudulent investment platforms persuade victims to send initial deposits via Zelle — exploiting its bank-to-bank speed and near-zero dispute options — before transitioning to crypto for larger amounts.
How pig-butchering investment fraud uses international wire transfers to move large sums — the narrower recovery window compared to domestic bank transfer, and the timed steps that matter.
Why fake tech support callers specifically name Apple iTunes and Google Play gift cards — how the digital redemption chain works, and the card-specific steps that can stop funds from being spent.
How fraudulent marketplace sellers steer buyers toward Venmo, why the platform's social feed and peer-to-peer design create false confidence, and what the distinction between Venmo's payment types means for fraud recovery.
How romance scammers steer victims toward Cash App for financial transfers — using its instant peer-to-peer mechanics and limited dispute options — before escalating to cryptocurrency.
How fake security software pop-ups and cold calls create virus panic before demanding gift card codes as payment for 'removal' — and why genuine antivirus software never requests gift card payment.
How fraudulent investment platforms collect initial deposits through PayPal — exploiting the platform's familiarity while steering victims toward the Friends and Family option that removes all buyer protection.
How fraudulent marketplace sellers steer buyers toward bank transfer — exploiting its apparent formality while removing the chargeback rights that card payment would provide — and the narrow window for bank-level intervention.
How task scam operators collect 'upgrade deposits' and 'performance bonds' through gift card codes — and why the gift card demand is the clearest possible signal that a job offer is fraudulent.
How fake landlords collect security deposits and first month's rent through PayPal Friends and Family — the one PayPal option with no buyer protection — and why legitimate landlords never use it.
How fake tech support callers escalate from gift card requests to cryptocurrency demands for larger amounts — why crypto represents the highest-loss variant of this fraud, and what the irreversibility means for victims.
How some pig-butchering operators use PayPal Goods and Services for initial deposits — exploiting the apparent legitimacy of buyer-protected payments — and why the PayPal dispute window is narrow and often unsuccessful for investment fraud.
How romance scammers steer victims toward wire transfers — and why these payments are nearly impossible to recover once sent.
How task scams — fake app-rating or product-reviewing jobs — use crypto payments to complicate tracing and make fund recovery nearly impossible.
How investment fraudsters exploit Venmo's social feed, instant transfers, and peer-to-peer reputation to collect funds that cannot be charged back.
How romance scammers leverage Apple Pay's speed and familiarity to collect funds from victims before the payment can be questioned or reversed.
How fake job offers distributed on WhatsApp use gift-card payment requests to extract money from victims who believe they are completing legitimate employment tasks.
How recovery scammers — posing as fraud investigators or lawyers — use wire transfer requests to defraud people who have already lost money to a previous scam.
How tech-support fraudsters direct victims to Western Union branches to send cash as payment for fabricated repairs, tax debts, or ransom fees.
How tech-support and bank-impersonation scammers use Zelle's instant, bank-integrated transfers to extract funds that are nearly impossible to recover.
How fraudulent trading platforms use bank transfers — often to mule accounts — to collect deposits that are then laundered and impossible to trace.
How crypto fraudsters exploit Cash App's built-in Bitcoin feature and peer-to-peer transfers to collect non-recoverable payments for fake investments.
How romance scammers request Zelle payments for fabricated emergencies — and why the instant, bank-integrated transfer is nearly impossible to reverse.
How romance scammers exploit PayPal's Friends and Family feature to collect payments with no buyer protection, and what victims can do.
Romance scammers frequently steer victims toward Venmo for money transfers because the social payment app offers no buyer protection and transfers are near-instant. Victims lose funds they cannot reverse.
Task scam operators demand 'activation fees' or 'recharge deposits' be sent via Western Union before victims can access supposed earnings. Because Western Union transfers are near-impossible to reverse once collected, victims lose their money permanently.
Romance scammers in the United States increasingly request money via Google Pay, exploiting its ease of use and lack of a dispute mechanism for peer-to-peer personal transfers. Victims lose funds they cannot retrieve through the platform.
Investment scammers instruct victims to send 'regulatory fees,' 'profit tax,' or seed capital via MoneyGram because transfers are nearly impossible to reverse once collected and can be picked up globally with minimal identification.
Crypto scammers exploit Apple Pay's frictionless peer-payment feature to collect initial 'seed' deposits from victims on iPhones, blending the familiar banking interface with fraudulent crypto investment schemes.
Fraudulent marketplace sellers pressure buyers into using PayPal Friends and Family — which carries no buyer protection — instead of Goods and Services, leaving victims unable to dispute non-delivery or counterfeit items.
WhatsApp job scams that demand earnings unlocked by cryptocurrency deposits exploit the irreversible, pseudonymous nature of crypto payments to prevent victims from recovering funds after repeated recharge demands.
Phishing campaigns that successfully harvest credentials or create fear often pivot to demanding gift card payment — a method scammers prefer because it is anonymous, instant, and almost impossible to reverse.
Phishing attacks targeting businesses and high-value individuals often culminate in fraudulent wire transfer instructions — exploiting the appearance of legitimacy that international bank transfers carry.
Pig butchering scammers targeting US victims frequently request Zelle transfers in early investment stages because Zelle's bank-to-bank transfers are fast, frictionless, and lack the buyer protection of credit cards.
Pig butchering scammers use Venmo's social payment app to collect initial investment deposits from US victims, exploiting the app's trusted, casual payment context to reduce suspicion.
Some pig butchering scams — especially those targeting less technically confident victims — use gift card demands before transitioning to cryptocurrency, exploiting the same anonymity that makes gift cards attractive to all fraud types.
Task scammers targeting US victims request Zelle payments for the 'activation deposits' and 'upgrade fees' that characterise task fraud, exploiting the instant, non-reversible nature of Zelle transfers.
Task scammers use Venmo's familiar peer-to-peer payment interface to collect 'unlock fees' and 'upgrade deposits' from US victims, where the casual app context reduces suspicion compared to a wire transfer.
High-value task scam victims are often asked to make domestic or international wire transfers as deposit amounts escalate, mimicking legitimate business payment processes to extract large sums.
Fraudulent trading platforms targeting US users accept Zelle deposits framed as brokerage account funding, exploiting the bank-integrated transfer interface to make the payment feel like a legitimate investment.
Rental scammers increasingly request deposits and first month's rent via Zelle because transfers are instant, cannot be charged back by the sender, and arrive in the scammer's account before the victim can stop them.
Rental scammers target US renters with Venmo deposit requests, leveraging the app's casual familiarity to make fraudulent payments feel like a normal peer-to-peer transaction with a real landlord.
Romance scammers use gift card demands when a victim resists wire transfers or cryptocurrency, framing the untraceable payment as an emergency solution that will be 'paid back' once the crisis is resolved.
Fake recovery services target scam victims with promises to retrieve lost funds, then demand gift card payment as an 'administrative' or 'processing' fee before any recovery begins.
Recovery fraud operators targeting US victims collect upfront fees via Zelle, presenting the bank-integrated transfer as proof of their legitimate business status while exploiting its irreversibility.
Marketplace scammers — especially fake buyers and overseas seller scams — frequently demand gift cards as a payment alternative, knowing that codes are anonymous, instant, and untraceable.
Marketplace scammers use cryptocurrency payment requests to eliminate all buyer and seller protections, making transactions irreversible before the fraud is discovered.
Some investment fraudsters — particularly those targeting less financially experienced victims — request gift cards as an initial investment method, framing the untraceable payment as a simple entry point into a lucrative opportunity.
Large-scale investment fraud almost always involves wire transfers — domestic or international — because the amounts involved exceed peer-to-peer app limits and wires carry the veneer of formal business transaction.
Cash App's peer-to-peer instant transfers and Bitcoin functionality make it a dual-purpose payment tool for pig butchering scammers who first collect deposits as Cash App payments before transitioning to crypto.
Fraudulent trading platforms almost universally require cryptocurrency deposits because blockchain transactions are irreversible, cross-border, and cannot be charged back — making them ideal for fraud operators.
Marketplace scammers request Zelle payment to bypass platform buyer protections, taking advantage of the instant, bank-integrated transfer that cannot be charged back once the seller or buyer disappears.
Romance scammers frequently demand Western Union as a payment method because transfers are instant, cash-based, and nearly impossible to reverse, making it a preferred tool for extracting money from victims after a period of emotional grooming.
Task scammers occasionally use MoneyGram as a payout mechanism to appear more 'legitimate' than crypto — but victims must first send a deposit or fee before any MoneyGram payout materialises, making the payment method irrelevant to the fraud.
Tech support scammers instruct victims to purchase MoneyGram money orders or initiate transfers to pay for fictional virus removal services, computer protection plans, or account reinstatement fees.
Crypto scammers instruct victims to send funds via Venmo as an intermediate step — either to purchase cryptocurrency on their behalf or as a direct payment for a 'crypto investment account' — exploiting Venmo's social features to create false legitimacy.
Investment scammers increasingly direct victims to fund trading accounts via Apple Pay transfers to individual contacts or merchant accounts, exploiting the payment method's trusted branding to make fraudulent requests appear more credible.
Quishing (QR code phishing) tricks victims into scanning malicious QR codes that redirect to fake payment portals or login pages, harvesting bank credentials or directing crypto transfers to scammer wallets — appearing in physical spaces, emails, and social media.
Cryptocurrency scammers direct victims to send Google Pay transfers as an intermediate step in fake investment funding, exploiting the payment method's familiarity and trusted brand to make fraudulent requests appear routine.
Marketplace fraudsters request Apple Pay Cash transfers instead of platform-native payment, bypassing buyer protection and exploiting Apple Pay's trusted brand to make an unsafe payment method feel secure.
Investment scam platforms that mandate cryptocurrency as the only deposit method use the irreversibility and pseudonymity of crypto transfers to eliminate any practical path to recovery once funds are sent.
Some WhatsApp task job operations request advance deposits via bank transfer — framed as security bonds or training fees — exploiting bank transfer familiarity to appear more legitimate than crypto while still providing no recovery path for victims.
Some task scam operations request prepaid Visa or Mastercard numbers as the deposit or payment mechanism, exploiting the cards' anonymity and the victim's assumption that a widely used card type implies legitimacy.
Romance scammers targeting Canadian victims frequently request Interac e-transfer payments for fabricated emergencies, exploiting the payment method's dominance in Canadian peer-to-peer transactions and its lack of chargeback protection once funds are accepted.
Crypto investment scammers instruct victims to wire large sums to overseas accounts as a 'crypto purchase' step, using the international wire transfer's irreversibility and the procedural legitimacy of bank transactions to extract substantial funds.
Sellers on online marketplaces who demand Western Union payment are almost universally fraudulent — the payment method's irreversibility and cash-collection model make it a definitive red flag for any consumer goods transaction.
How fraudulent landlords pressure renters into paying deposits and first-month rent via Venmo, then disappear — leaving victims with no buyer protection and no property access.
How fake fund-recovery services target prior fraud victims by demanding Western Union wire fees to 'release' frozen assets or process a refund that does not exist.
How task scammers use Google Pay's instant transfers to collect commission deposits and fake upgrade fees from remote workers, then vanish.
How romance scammers steer victims toward MoneyGram wire transfers for financial requests, exploiting its global reach and limited consumer protection.
How advance fee fraud operators collect escalating bank transfer payments by promising a large sum that never arrives, leaving victims with irreversible losses.
How fraudulent trading platforms accept initial deposits via wire transfer to appear regulated, before transitioning victims to irreversible crypto funding.
How romance scammers move victims from emotional grooming to requesting direct bank transfers, and why this payment method is specifically chosen for larger financial requests.
How fake lottery and prize notification scammers extract escalating wire transfer fees from victims by promising a large cash prize that never materialises.
How fraudsters use account takeover to initiate unauthorised bank transfers, and how push payment fraud via stolen credentials differs from card fraud.
How cryptocurrency scammers use MoneyGram transfers to fund crypto purchases that are then sent to scammer wallets, bypassing exchange fraud controls.
How task scam operators use bank transfer payments to establish legitimacy before pivoting to cryptocurrency deposit demands from remote workers.
How fraudsters impersonate PayPal customer support to redirect refunds, steal account credentials, and install remote access tools during fake billing disputes.
How fake mystery shopper assignments use Cash App to receive fake overpayment cheques and instruct workers to send funds back via Cash App before discovering the cheque was fraudulent.
How remote access scammers gain control of Android devices to initiate Google Pay transfers, enrol new payment methods, and drain linked bank accounts.
How organised criminal networks exploit Bitcoin's irreversibility to drain victims in long-con investment fraud.
How sextortion and romance-based blackmailers demand untraceable Bitcoin payments to suppress intimate material.
Why fraudulent investment platforms favour USDT and USDC on Ethereum to obscure losses and impersonate legitimacy.
How malicious smart-contract approvals drain Ethereum wallets of all stablecoin and token holdings in seconds.
How fraudulent 'micro-task' employers use M-Pesa to collect deposits and withhold commissions from workers in Kenya and East Africa.
How sextortion fraudsters in East Africa use M-Pesa to collect untraceable extortion payments from victims.
How fraudulent employment agencies collect M-Pesa fees for non-existent jobs abroad or in major Kenyan cities.
How fraudulent sellers on Facebook Marketplace and OLX Kenya collect M-Pesa payments for goods that are never delivered.
How 'part-time online job' fraudsters in the Philippines use GCash to collect deposits and block withdrawals.
How long-con investment fraudsters in the Philippines use GCash as an on-ramp to funnel victims into sham crypto platforms.
How fraudulent Facebook and Instagram shops in the Philippines collect GCash payments for goods that never ship.
How fraudulent micro-task platforms in Bangladesh exploit bKash to collect deposits from workers seeking online income.
How inheritance, lottery, and aid-fund fraudsters in Bangladesh and the diaspora use bKash to collect processing fees.
How fraudsters impersonating bank and telecom support agents trick Indian consumers into sending UPI payments.
How fraudulent stock-market and crypto 'advisors' in India use UPI to collect deposits into unregistered platforms.
How fraudulent property listings on Indian portals collect UPI security deposits for properties the scammer does not own.
How long-con investment fraudsters in Brazil use Pix's instant transfers to move victim funds before any alarm is raised.
How fraudulent sellers on OLX and Facebook Marketplace Brazil use Pix to collect payment for goods that never arrive.
How fraudulent buyers exploit Wise transfers and fake payment confirmations to defraud international sellers.
How international sextortion fraudsters use Wise to collect cross-border extortion payments while evading domestic banking scrutiny.
How fraudulent investment platforms route victim deposits through Wise accounts to obscure the trail and add perceived legitimacy.
How fraudulent online shops exploit Klarna and buy-now-pay-later options to appear credible while leaving victims with debt for goods never received.
Why buy-now-pay-later services are increasingly exploited for high-value non-delivery fraud and how to raise an effective dispute.
How sextortion fraudsters targeting European victims demand Revolut payments to exploit the app's instant transfer speed.
How fraudulent investment advisors route victims through Revolut to feed unregistered crypto and trading platforms.
How fraudsters impersonating Revolut support engineers socially engineer victims into authorising large outbound transfers.
How fake crypto-recovery and refund services collect Skrill fees from prior fraud victims and vanish with the payment.
How unregistered trading platforms accept Skrill deposits to exploit consumer familiarity with the regulated payment brand.
Why advance-fee and government-impersonation fraudsters demand prepaid card payments — and how to recognise this universal red flag.
How sextortion fraudsters targeting North American victims demand iTunes, Google Play, or Visa prepaid card codes to avoid detection.
How tech-support and government-impersonation callers walk victims to retail stores to buy prepaid cards as 'payment'.
How fraudulent 'blockchain recovery' services collect Bitcoin upfront fees from prior scam victims and disappear.
How fraudsters impersonating disaster-relief and humanitarian charities exploit Bitcoin donations to siphon funds anonymously.
How foreign lottery fraudsters have modernised their fee-collection method from wire transfers to Bitcoin.
How criminals posing as romantic partners slowly migrate victims to Bitcoin transfers as a trust-exploitation payment rail.
How fraudulent Brazilian online sellers exploit Pix's instant settlement to collect payment for goods that are never dispatched.
How romance fraudsters in the Philippines use GCash to collect emergency loans and hardship funds from victims of fabricated relationships.
How fraudulent overseas employment agencies in the Philippines collect GCash processing fees for jobs that do not exist.
How fraudulent international property listings exploit Wise transfers to collect deposits from remote renters who never see the property.
How fraudulent fundraising campaigns in East Africa exploit M-Pesa to collect donations for fabricated disaster-relief and community causes.
How romance fraudsters in Brazil exploit Pix's 24/7 instant transfers to collect emergency loans and investment deposits from victims.
How fraudulent sellers on Bangladeshi online platforms use bKash to collect payment for electronics and goods that never arrive.
How lottery, prize, and government-scheme fraudsters in India exploit UPI's simplicity to collect processing fees from victims.
How international sextortion operations use Skrill to collect extortion payments from European and Middle Eastern victims.
How pump-and-dump operators, rug-pull projects, and NFT scams exploit Ethereum and stablecoin liquidity pools to exit with victim funds.
How fraudulent crypto trading platforms accept USDT and ETH deposits while showing fictional profits on manufactured dashboards.
How fraudulent overseas employment offers in Bangladesh collect bKash fees at every stage of a fabricated hiring process.
How fraudulent property listings in Brazil exploit Pix's speed to collect rental deposits for properties the scammer does not own.
How fraudsters impersonating Skrill support agents socially engineer online-gaming and digital-wallet users into transferring funds.
How fraudulent sellers on East African online platforms collect M-Pesa before shipping goods that never arrive.
How unregistered investment advisors and pyramid scheme operators in Brazil use Pix to collect deposits for fabricated financial products.
How inheritance and prize fraudsters target Revolut users in the UK and Europe with processing-fee demands via app-to-app transfer.
How fraudulent fundraising campaigns exploit Revolut's payment links to collect donations from UK and European users for fabricated causes.
How fraudulent online shops ask customers to pay with prepaid Visa or Mastercard codes to prevent any chargeback or recovery.
How fraudulent Bitcoin trading platforms display fictional profits while blocking all withdrawals with escalating fee demands.
How fraudsters impersonating GCash agents trick Filipino users into sharing OTPs or approving transfers under the guise of account security.
How pig-butchering operators use Wise as an initial trust-building deposit method before migrating victims to larger crypto transfers.
How government-impersonation and prize fraudsters in the Philippines exploit GCash to collect processing fees for benefits that do not exist.
How inheritance and business-partnership fraudsters target Wise users with multi-stage fee demands for non-existent windfalls.
How disaster-relief fraudsters demand prepaid card codes instead of direct charity donations to pocket funds anonymously.
How prize, inheritance, and government-benefit fraudsters in Brazil use Pix to collect processing fees from victims.
How fraudulent disaster-relief and temple-donation campaigns in India collect UPI payments for fabricated causes.
How fraudulent UK and European marketplace sellers use Revolut transfers to collect payment for goods that never ship.
How fraudulent property listings in the Philippines collect GCash deposits for apartments the scammer does not own.
How fraudulent employment agencies in North America demand prepaid card codes for background checks, training, and equipment fees.
How tech-support and government impersonators demand Bitcoin ATM deposits as the 'only safe' resolution to a fabricated computer or legal emergency.
How fraudulent UK and European online shops direct customers to pay via Revolut peer-to-peer transfers to circumvent platform buyer protection.
How fraudulent landlords in Dhaka and other Bangladeshi cities collect bKash security deposits for apartments they do not own.
How inheritance and prize fraudsters targeting European and Middle Eastern Skrill users collect sequential fees for a payout that never arrives.
Scammers impersonate wallet support teams or DeFi protocols to trick holders of ETH and stablecoins into revealing their 12- or 24-word seed phrase, granting complete wallet access.
Fraudsters advertise fake ETH or stablecoin airdrops to lure victims into connecting wallets and signing malicious approvals, resulting in asset theft rather than any payout.
Scammers impersonate celebrities or exchanges to promise doubled Bitcoin returns, collecting BTC sent by victims while delivering nothing in return.
Criminals pose as customer support agents for major Bitcoin exchanges to steal login credentials, 2FA codes, and direct Bitcoin transfers from victims seeking help.
Project founders drain liquidity pools funded by investors' ETH and stablecoins after a coordinated hype campaign, leaving token holders with worthless assets.
Fraudulent staking platforms promise high annual yields on ETH or stablecoins but either steal deposited funds outright or operate Ponzi structures that collapse when withdrawals exceed new deposits.
Fraudulent online pharmacies request wire transfers for prescription medication orders, then deliver counterfeit or no products at all while keeping the funds.
Fraudulent wholesale suppliers solicit wire transfers from businesses or individuals for bulk pharmaceutical orders, then deliver counterfeits or nothing at all.
Scammers list non-existent puppies or pets online, collect PayPal payments, and then demand additional payments for fake shipping, insurance, or vet fees before vanishing.
Fraudulent breeders collect non-refundable PayPal deposits to 'hold' puppies that do not exist, then disappear or manufacture excuses to avoid delivery.
Fraudsters impersonate well-known charities or create convincing fake ones and pressure donors to contribute via gift cards — a payment method that is untraceable and non-refundable.
Fraudsters exploit public generosity after natural disasters or humanitarian crises by soliciting gift card donations for fake relief funds that pocket all proceeds.
Victims receive unsolicited notifications that they have won a foreign lottery and must wire transfer fees and taxes to claim a prize that does not exist.
Scammers tell victims they have won a car, holiday, or cash prize and must pay taxes or release fees via gift cards before the prize can be delivered.
Criminals impersonate tax authorities and threaten arrest or penalties unless the victim immediately pays an alleged outstanding tax debt using gift cards.
Ghost brokers sell fraudulent auto insurance policies at below-market prices, collect Wise payments, and leave drivers uninsured and exposed to legal liability.
Scammers post convincing listings for vehicles that do not exist or are not for sale, collect wire transfers from buyers, and disappear with the funds.
Fraudulent vehicle sellers on US classified platforms pressure buyers to pay via Zelle — which transfers funds instantly and without buyer protection — then disappear before delivering the car.
Fraudulent charitable solicitors in the US push donors toward Zelle payments, which settle instantly and cannot be reversed, for causes that benefit no one but the scammer.
Fraudulent platforms promise high returns on deposited Bitcoin through fake staking, lending, or yield-farming products, stealing BTC deposits when victims attempt to withdraw.
Fraudulent online pharmacies accept PayPal payments for medications that arrive as counterfeits, are not delivered at all, or contain hazardous substitutes.
Fraudulent Bitcoin airdrop promotions trick holders into sending BTC to claim a 'reward,' or into revealing wallet credentials through a fake claim portal.
Project founders collect Bitcoin from investors for new crypto ventures or NFT projects, then disappear with the raised BTC once sufficient funds are accumulated.
Scammers list non-existent pets on classified platforms and demand Zelle payment, knowing funds will settle instantly with no buyer protection.
Ghost brokers collect Cash App payments for fraudulent auto insurance policies that leave drivers uninsured and potentially facing serious legal consequences.
Victims are told they have won a large cash prize or vehicle and must wire transfer processing fees, taxes, or insurance costs before the prize can be released.
Fraudsters impersonating tax authorities instruct victims to wire transfer large sums to settle fabricated tax debts, using threats of arrest or asset seizure to prevent the victim from pausing to verify.
Fraudsters promise to send double the ETH or stablecoins sent to a giveaway address, collecting participants' crypto while delivering nothing in return.
Impersonators posing as exchange support staff steal Ethereum wallets or on-exchange balances of ETH and stablecoins through fake account recovery processes.
Attackers use phishing sites, malicious browser extensions, and clipboard hijackers to redirect Bitcoin transactions or steal private keys, draining BTC wallets.
Fraudulent charitable solicitations collect PayPal donations for fake causes, exploiting the platform's reach and perceived legitimacy to steal from well-intentioned donors.
Fraudulent investment platforms instruct victims to send funds via Wise as part of a high-yield investment scheme, collecting deposits they will never return.
Illegal online pharmacies targeting prescription drugs or controlled substances accept Bitcoin to avoid regulated payment networks, delivering counterfeit products or nothing at all.
Fake disaster relief campaigns collect PayPal donations for crises that either do not need the funds or do not exist, pocketing contributions meant for genuine victims.
Lottery scammers targeting US victims direct them to send Cash App payments for 'processing fees' or 'tax deposits' to claim non-existent foreign lottery prizes.
Scammers list non-existent vehicles on US classified platforms and request Cash App payments, knowing the transfers are instant, non-refundable, and carry no buyer protection.
Unregulated online pharmacies across Europe and globally collect Revolut bank transfers for medication orders that arrive as counterfeits or do not arrive at all.
Ghost brokers operating across European markets collect Revolut payments for fraudulent motor insurance policies, leaving drivers unknowingly uninsured.
Fraudulent pet sellers request Apple Pay payments for animals that do not exist, exploiting the payment method's speed and the absence of buyer protection for peer-to-peer transactions.
Fraudulent charity campaigns in Brazil collect Pix instant payments for fake causes, exploiting the payment system's speed and familiarity to prevent donors from pausing to verify.
Fraudulent investment platforms targeting Brazilian users direct victims to send Pix deposits for high-yield crypto or forex schemes that steal the funds.
Scammers send fake KBC or lottery winner notifications to Indians and request UPI fee payments to release non-existent cash prizes.
Criminals impersonating exchange support staff instruct victims to transfer funds via Wise as part of a fake 'account protection' process, stealing the transferred amount.
Fake breeders pressure buyers to send Zelle deposits to hold a puppy, then manufacture delays and demands until they disappear with the funds.
Scammers create fake Bitcoin wallet restore portals and support sites to harvest the seed phrases of BTC holders, gaining instant access to their entire wallet balance.
Fraudulent vehicle sellers across European markets request Revolut transfers to secure cars that do not exist or will not be delivered, exploiting the platform's instant settlement.
Cryptocurrency-accepting ghost brokers collect Bitcoin for fraudulent auto insurance policies, leaving drivers uninsured with no payment recourse.
Fraudulent pharmaceutical suppliers accept PayPal for bulk medication orders, delivering counterfeits or nothing while buyers believe PayPal's presence means the transaction is safe.
Fraudulent high-yield investment platforms targeting Indians request UPI deposits for crypto or forex schemes promising returns far above market rates.
Scammers selling non-existent vehicles collect PayPal payments, then exploit Friends and Family requests or policy edge cases to prevent buyers from recovering funds.
Fraudsters direct vehicle buyers to fake PayPal escrow portals that collect full vehicle payment but have no actual connection to PayPal, disappearing with the funds.
Fraudsters posing as IRS or other tax authority agents demand immediate Cash App payments to settle fabricated tax debts, threatening arrest to override the victim's rational thinking.
Fraudulent investment projects collect startup capital from investors via Wise before disappearing with the funds, leaving investors with worthless assets or nothing at all.
Fraudulent airdrop claims instruct victims to pay 'verification' or 'processing' fees via Wise before receiving tokens that do not exist.
Fraudulent vehicle sellers direct US buyers to fake escrow sites and then request Zelle payment to fund the escrow, disappearing with the instant transfer.
Fraudulent relief organisations collect international wire transfers from donors shortly after disasters, routing funds to criminal accounts while providing no aid to victims.
Fraudsters posing as crypto exchange support staff instruct US victims to send Cash App payments as part of a fake 'account verification' or 'reversal fee' process.
Fraudulent investment platforms promise high weekly returns and request Cash App deposits from US victims, providing no returns and eventually blocking all withdrawals.
Fake breeders collect Apple Pay deposits to reserve puppies that do not exist, then manufacture endless delays and additional charges before disappearing.
Scammers claim victims have won cash prizes and demand immediate Cash App payments for taxes or processing fees before the non-existent prize can be released.
Scammers in the US list vehicles that do not exist and request Apple Pay deposits, relying on the payment method's instant settlement and lack of buyer protection.
Lottery scammers targeting US iPhone users request Apple Pay fee payments to release non-existent prizes, exploiting the payment method's instant settlement.
Fraudulent charities soliciting corporate or high-value personal donations request wire transfers to accounts the donor cannot subsequently recover funds from.
Callers impersonating the IRS or other tax authorities demand immediate Apple Pay settlements for fabricated debts, threatening arrest to prevent victims from verifying the claim.
Illegal pharmaceutical suppliers accept Bitcoin for bulk medication orders, exploiting the irreversibility and pseudonymity of BTC to collect payment while delivering counterfeits or nothing.
Fraudulent high-yield investment platforms targeting European users instruct victims to deposit via Revolut, collecting funds with no intention of providing returns.
Fraudsters impersonate law enforcement officers and demand immediate payment via gift cards, threatening arrest or legal consequences to pressure victims into compliance.
Scammers posing as police officers or federal agents demand wire transfers as bail or fine payments, using threats of immediate arrest to override the victim's judgment.
Fraudsters impersonating police officers exploit Zelle's speed and bank integration to pressure victims into immediate payments to avoid fabricated arrest warrants.
Fraudsters posing as tax officials instruct victims to send cash via Western Union as supposed tax arrears, exploiting the service's wide reach and near-instant cash availability.
Scammers impersonating court clerks or judges demand gift card payments as court fees or fines, threatening contempt proceedings or immediate detention to ensure compliance.
Criminals posing as court officials or legal representatives demand wire transfers for fabricated bail, civil penalties, or case settlement fees, targeting victims with larger financial assets.
Fraudsters impersonating immigration officials demand gift card payments to resolve fabricated visa issues or deportation threats, exploiting victims' fear of immigration consequences.
Criminals posing as immigration agents instruct victims to send MoneyGram transfers to pay for fabricated visa fees, bond releases, or penalty waivers.
Scammers inform victims they have won a prize and demand Western Union transfers as mandatory fees before the winnings can be released.
Fraudsters use prize winner notifications — often fake social media giveaways — to solicit Venmo payments as processing fees, exploiting the platform's informal social feel.
Scammers running fake sweepstakes demand MoneyGram transfers as advance fees before delivering fictional prizes, targeting victims across multiple rounds of payments.
Fraudsters running fake sweepstakes direct winners to purchase prepaid debit cards and share the card numbers as payment of fictitious processing and tax fees.
Scammers promise large inheritances or lottery winnings that can only be released after the victim wires advance fees covering legal, tax, or banking costs.
Fraudsters fabricate inheritance or lottery windfalls and demand domestic bank transfers as advance fees, framing the payment as a routine banking formality.
Fraudsters posing as Apple or tech support agents pressure victims into sending Apple Pay payments as 'security deposits' or 'verification fees' to resolve fabricated device issues.
Scammers impersonating tech support agents direct victims to send Cash App payments as fees or security deposits to resolve fabricated software, account, or device problems.
Scammers who gain remote access to victims' computers instruct the victim to purchase gift cards as payment for fabricated repair services or to 'protect' funds during a fake security incident.
Fraudsters with remote desktop access to victims' computers initiate wire transfers directly from banking portals, bypassing the need to convince the victim to pay manually.
Fraudsters selling non-existent or malicious antivirus software demand prepaid card payment, directing victims to share card numbers under the guise of subscription activation.
Scammers posing as antivirus vendors or tech support agents instruct victims to send Zelle payments to activate fake security software or receive fabricated refunds.
Fraudulent debt relief companies collect large upfront wire transfer fees promising to eliminate or negotiate debts, then disappear or deliver nothing of value.
Fraudulent debt settlement operators collect programme fees by bank transfer, presenting a professional billing appearance while delivering no genuine debt relief services.
Fraudulent lenders approve victims for loans they will never receive, then collect upfront gift card payments framed as insurance, collateral, or processing fees.
Fraudulent lenders demand wire transfer fees as collateral or insurance before disbursing loans that never materialise, targeting victims with urgent borrowing needs.
Fraudsters persuade pension holders to wire transfer funds out of their pensions into fraudulent investment schemes, resulting in loss of retirement savings and significant tax penalties.
Fraudulent pension advisers use domestic bank transfers to move retirement funds into worthless or fictitious schemes, exploiting authorised push payment systems to collect retirement savings.
Fraudulent trading platforms accept deposits by wire transfer, showing fabricated portfolio growth before refusing withdrawals and disappearing with investor funds.
Fraudulent brokers collect client funds via domestic bank transfer, issuing professional-looking statements before denying withdrawals and disappearing.
Fraudulent brokers direct victims to send funds via Western Union, exploiting the service's global reach to collect investment funds beyond the reach of most regulators.
Fraudulent pharmacy websites accept gift card payments for medications that are never delivered, counterfeit, or dangerous, exploiting victims seeking cheaper drug access.
Fraudulent overseas pharmacy websites direct victims to MoneyGram cash transfers as the only payment method for medications that are counterfeit, unsafe, or non-existent.
Scammers listing fake rental properties demand Zelle security deposits and first-month rent, then vanish before handing over keys to properties they do not own.
Fraudulent landlords collect Cash App payments for deposits and first-month rent on properties they do not own or control, leaving victims locked out on move-in day.
Fraudsters posing as recruiters collect advance fees by wire transfer for training materials, background checks, or visa sponsorship that are never provided.
Fraudulent recruiters invent equipment fees, onboarding costs, or registration charges payable via gift cards before a fabricated employment offer can be processed.
Scammers impersonating court officers demand Venmo payments for fabricated fines or bail, targeting younger adults comfortable with app-based payments.
Fraudsters posing as immigration attorneys or agents demand Western Union transfers for fabricated visa fees, fines, or deportation avoidance payments.
Scammers notify victims of large sweepstakes wins and demand wire transfers covering taxes and fees before the prize can be released, collecting substantial sums across multiple payments.
Fraudulent lenders approve victims for loans they will never receive, then demand prepaid debit card numbers as a supposed fee or collateral payment.
Scammers running fake inheritance or lottery notifications collect release fees by Western Union, exploiting the service's cash pickup accessibility for rapid fund collection.
Scammers impersonating police officers demand Cash App payments to resolve fabricated warrants or fines, targeting victims comfortable with mobile payment apps.
Scammers impersonating court clerks demand Cash App payments for fabricated fines or bench warrant fees, targeting victims who are comfortable with mobile payments.
Scammers who gain remote access to victims' devices guide them to send Cash App payments for fabricated repair services or staged 'banking errors.'
Scammers posing as immigration lawyers or agents collect bank transfer fees for fabricated visa applications, status adjustments, or deportation bonds.
Fraudsters impersonating tax authorities instruct victims to make bank transfers to resolve fabricated tax debts, exploiting the apparent formality of bank-to-bank payments.
Scammers notify victims of prize wins and demand prepaid card payments as processing or insurance fees before the prize will be released.
Fraudsters posing as tech support agents demand Venmo payments for fabricated device fixes, exploiting the app's casual social payment feel to lower victim suspicion.
Fraudulent antivirus vendors demand Western Union transfers as payment for non-existent security software, targeting victims who lack access to online payment methods.
Fraudulent debt relief operators collect Cash App fees for credit repair or settlement services they never deliver, targeting financially stressed consumers.
Scammers listing fake rental properties demand wire transfer deposits, presenting elaborate lease documentation that is convincing enough to justify the larger sums typical of wire transfer fraud.
Fraudsters posing as pension liberation specialists or HMRC officials instruct victims to send Western Union transfers representing fees required to release pension funds early.
Fraudulent trading platforms accept Cash App deposits from US victims, displaying fabricated returns before blocking withdrawals and disappearing.
Fraudulent investment brokers collect wire transfer deposits from investors, providing fictitious account statements before blocking withdrawals and disappearing.
Fraudulent recruiters demand Apple Pay fees for onboarding, licensing, or background screening before a fabricated job offer can be processed.
Scammers impersonating police or federal agents demand Western Union transfers as bail or fine payments, often targeting immigrants or elderly victims who associate Western Union with official transactions.
Scammers posing as immigration paralegals or community advisers collect Venmo fees for fabricated visa services, targeting immigrant communities through trusted networks.
Fraudulent credit repair operators collect prepaid card fees from financially stressed victims, promising debt elimination results they never deliver.
Fraudulent lenders collect advance fees by bank transfer for loans that never materialise, presenting professional-looking agreements and credible business banking details.
Fraudulent investment brokers accept Zelle transfers as initial deposits from US investors, leveraging the bank-integrated payment system to appear as a credible financial service.
Scammers impersonating police officers demand Venmo payments to resolve fabricated warrants, targeting younger adults who are accustomed to settling payments informally via the app.
Scammers notify victims of large inheritance or lottery wins and demand Cash App fee payments before the fictional windfall can be released.
Fraudsters impersonating court officers direct victims to send MoneyGram transfers to pay fabricated fines, bail, or settlement fees, targeting communities with lower formal banking engagement.
Fraudulent sweepstakes operators notify victims of wins and demand Venmo fee payments as the quickest way to process prize release, targeting social media users.
How blackmailers exploit GCash instant transfers to collect coerced payments from victims of intimate-image extortion in the Philippines and beyond.
How extortionists targeting Bangladeshi victims leverage bKash mobile money to collect coerced payments quickly and with limited traceability.
How romance blackmailers exploit India's UPI instant payment network to collect extortion demands and why the speed of UPI makes it particularly dangerous in these cases.
How romance extortionists in Brazil and abroad use Pix instant transfers to rapidly collect coerced payments from victims.
Why romance fraudsters specifically request gift-card numbers as payment and how the combination of emotional manipulation and untraceable redemption codes drains victims.
How romance scammers who start with gift-card demands pivot to Zelle bank transfers once trust is established, combining the emotional leverage of a long con with the irreversibility of instant US bank payments.
How romance fraudsters blend gift-card manipulation with Western Union wire transfers to drain victims, and why Western Union's global cash-pickup network is central to the scheme.
How romance scammers persuade victims to convert gift-card codes to Bitcoin or send Bitcoin directly, exploiting irreversibility and limited regulatory oversight.
How organised sextortion operations demand Bitcoin as their payment of choice and why the cryptocurrency's irreversibility makes it ideal for large-scale extortion campaigns.
How sextortion scammers targeting victims without crypto access demand retail gift-card codes and why the untraceable nature of card codes suits their operational needs.
How sextortion operators in the US exploit Zelle's bank-integrated instant payments to collect extortion money from victims before they can seek help.
How sextortion operators use Western Union's global cash-pickup network to collect extortion payments across borders without needing a local bank account.
How fraudsters posing as romantic partners drain Bangladeshi victims through bKash mobile money requests, exploiting trust built over social media.
How fake romantic partners in India request UPI transfers for fabricated emergencies and how the payment method's frictionless nature accelerates financial harm.
How fake 'sugar daddies' use Zelle's bank-to-bank immediacy to execute overpayment and advance-fee traps that leave victims out of pocket.
How fake wealthy benefactors use Western Union wire requests to advance-fee trap victims seeking online financial arrangements.
How fake benefactors in sugar-daddy allowance scams use gift-card advance fees to extract money from victims while promising allowances that never arrive.
How fraudsters posing as generous benefactors target Filipino users through GCash advance-fee and overpayment traps.
How fraudulent charity campaigns solicit GCash donations in the Philippines and how to verify a charity before sending any mobile-money donation.
How fraudulent charity appeals target Bangladeshi donors through bKash mobile money and what steps verify a charitable cause before sending.
How fake international charity appeals direct donors to Western Union wire transfers and what verification steps prevent losses.
How fraudsters exploit Philippine disasters to launch fake relief campaigns collecting donations through GCash personal numbers.
How fraudsters exploit Bangladeshi flood and cyclone disasters to solicit bKash donations for fake relief operations.
How fraudulent disaster relief collections in India exploit UPI's wide reach and how donors can verify campaigns before giving.
How fraudsters in East Africa exploit disaster news to launch fake M-Pesa relief collections, and how to donate safely via mobile money.
How fraudsters bypass crowdfunding platform safeguards by collecting donations directly via Zelle, removing any consumer protection layer.
How fake international crowdfunding appeals direct overseas donors to Western Union wire transfers and what red flags identify fraudulent campaigns.
How fraudulent fundraising campaigns leverage Bitcoin's irreversibility and pseudonymity to collect donations with zero accountability.
How fraudulent fundraising campaigns in Europe and globally direct donations to Revolut personal accounts to avoid crowdfunding platform scrutiny.
How fraudsters impersonating student loan relief programmes collect advance fees via Zelle from borrowers seeking debt cancellation.
How fraudulent student loan relief operators request Western Union wire fees from borrowers and why wiring money for loan services is always fraudulent.
How student loan relief fraudsters request gift-card codes as advance fees from financially stressed borrowers and why this demand is always a scam signal.
How student loan relief fraudsters request Bitcoin payments for fake processing fees and why cryptocurrency demands for government services are always fraudulent.
How fraudulent online course sellers collect payment via Zelle, bypassing platform dispute protections and leaving buyers without recourse.
How fraudulent online course sellers in the Philippines collect GCash payments for courses that deliver no value or never materialise.
How fraudulent course sellers in Europe use Revolut payment links to collect fees for worthless or non-existent digital education products.
How fraudulent trading and crypto courses request Bitcoin payment to eliminate any chargeback risk, leaving buyers with no recourse for worthless content.
How ghost broker car insurance fraudsters collect premiums via Zelle, leaving drivers with invalid policies they discover only when making a claim.
How ghost broker fraudsters in the UK, US, and internationally collect insurance premium payments via Western Union while delivering no valid coverage.
How ghost brokers targeting low-income or unbanked drivers collect fraudulent insurance premiums using retail gift-card codes.
How fraudulent health insurance plans collect premiums via Zelle, leaving policyholders uninsured when they need care.
How fraudulent health coverage schemes targeting unbanked or international consumers collect premiums via Western Union.
How fraudsters collecting fake health insurance premiums use gift-card codes and why this payment demand exposes the scam immediately.
How timeshare resale fraudsters collect advance fees via Western Union from owners desperate to exit their contracts.
How timeshare exit fraudsters have begun requesting Bitcoin advance fees, adding crypto irreversibility to an already well-established fraud.
How timeshare exit fraudsters operating within the US collect advance fees via Zelle, exploiting the payment method's familiarity and irreversibility.
How fake online car and motorcycle listings in the Philippines direct buyers to GCash deposits before vehicle inspection, resulting in lost funds and no vehicle.
How fake online vehicle listings request Bitcoin payment to eliminate any chargeback route for defrauded buyers.
How fraudulent second-hand vehicle listings in East Africa request M-Pesa reservation deposits, leaving buyers without vehicles or refunds.
How fake vehicle escrow services require buyers to wire Western Union funds before vehicle delivery, resulting in total financial loss.
How fake vehicle escrow services in Europe direct buyers to Revolut transfers as the payment rail for fraudulent purchase-protection schemes.
How fake vehicle escrow arrangements in the Philippines misuse GCash to collect full purchase prices from buyers who believe their funds are protected.
How fraudulent vehicle warranty sellers collect premiums via Zelle, bypassing chargeback rights that would expose the worthless policy.
How fraudulent warranty schemes targeting older adults request Western Union wire payments for coverage that does not exist.
How fake vehicle warranty callers request gift-card codes and why this demand immediately identifies the caller as a fraudster.
How a newer wave of extended warranty fraudsters request Bitcoin payment to target crypto-owning victims and eliminate any chargeback risk.
How fraudulent debt settlement companies collect Zelle fees upfront while doing nothing to reduce client debts.
How fraudulent debt settlement callers request gift-card codes as payment for services that never reduce any debt.
How fraudulent debt relief operators collect Western Union advance fees from financially distressed victims who never see any debt reduction.
How fake loan and debt relief operators in East Africa collect M-Pesa advance fees from borrowers under financial pressure.
How fake lenders in East Africa collect M-Pesa advance fees from borrowers who receive no loan funds in return.
How fake online lenders in the Philippines collect GCash advance fees from applicants while never disbursing any loan proceeds.
How fraudulent lenders in Bangladesh collect bKash advance fees from applicants seeking personal or business loans that never materialise.
How fake instant loan operators in India collect UPI advance fees and how UPI collect requests are weaponised against loan applicants.
How sextortion operators targeting European victims request Revolut payments as the collection vehicle for intimate-image extortion demands.
How fake wealthy benefactors in Europe exploit Revolut's payment features to execute advance-fee and overpayment traps against victims seeking online financial arrangements.
How fraudsters posing as grant agencies demand gift-card 'processing fees' to release a non-existent government award.
How grant impostors push victims to send 'release fees' through Cash App for an award that does not exist.
How fraudsters dress up a fake grant as official by demanding a bank wire transfer for taxes and clearance fees.
How grant impostors steer victims toward reloadable prepaid debit cards to collect untraceable processing fees.
How callers impersonating court officers threaten arrest for 'missed jury duty' unless a fine is paid in gift cards.
How impostors posing as court officials direct victims to send 'jury duty fines' through MoneyGram money transfers.
How fraudsters posing as court officers pressure victims into paying fake jury fines through instant Zelle transfers.
How callers claiming your Social Security number is 'suspended' demand gift cards to clear a fabricated legal problem.
How impostors posing as Social Security officials direct victims to 'secure' their money in Bitcoin via crypto ATMs.
How fraudsters posing as SSA officials direct victims to wire 'clearance fees' through Western Union money transfers.
How fraudsters posing as immigration agencies request bank wire transfers for fake visa and processing fees.
How impostors posing as immigration officials direct victims to send 'case fees' through MoneyGram transfers.
How impostors posing as court officials pressure victims into bank transfers to pay fabricated fines and bonds.
How fraudsters posing as court officers push victims to send fines through Apple Pay to a personal contact.
How pension fraudsters exploit instant Faster Payments to sweep retirement savings before victims can reconsider.
How bogus trading platforms collect deposits in Bitcoin and block withdrawals behind endless fees.
How bogus trading platforms ask victims to fund accounts through Wise transfers to collect deposits across borders.
How fraudulent binary options platforms collect deposits in Bitcoin and rig outcomes so traders always lose.
How fraudulent binary options sites take bank-transfer deposits and then refuse withdrawals behind invented fees.
How fraudulent binary options platforms take credit-card deposits and obstruct chargebacks to keep traders' funds.
How bogus debt-settlement operators collect 'enrollment fees' through Venmo and then provide no real service.
How bogus credit-repair operators demand upfront gift-card fees to 'fix' credit scores they cannot change.
How bogus credit-repair hustlers collect upfront fees through Cash App and deliver nothing of value.
How fraudulent credit-repair operators collect upfront fees through Zelle and disappear without results.
How fraudsters claiming a distant relative left you a fortune demand wired 'legal fees' to release it.
How inheritance fraudsters direct victims to send 'clearance fees' through Western Union to claim a fake bequest.
How modern inheritance scams demand Bitcoin 'release fees' for a non-existent estate that never pays out.
How fraudsters intercept home purchases by sending fake closing wire instructions to redirect down payments.
How impostors posing as lenders collect bogus 'application' or 'lock-in' fees by bank transfer from hopeful borrowers.
How fraudsters exploit cashier's checks in mortgage and closing scams, leaving victims liable when the checks bounce.
How fake breeders advertise adorable animals that do not exist and collect payment in untraceable gift cards.
How fake breeders push instant Zelle payments to take money for pets that will never be delivered.
How fake breeders collect deposits through Cash App for pets that are never delivered.
How fraudsters collect Venmo 'reservation deposits' for puppies and then stack endless fees before vanishing.
How fraudsters posing as breeders or shippers collect puppy deposits via MoneyGram for animals that never arrive.
How rogue online pharmacies harvest credit-card details and ship counterfeit or no medication.
How rogue overseas pharmacies request Wise transfers for medication that is counterfeit or never delivered.
How miracle-cure sellers use credit-card checkouts and hidden subscriptions to bill victims for worthless products.
How miracle-cure sellers push bank transfers for 'exclusive' treatments to avoid refunds and disputes.
How miracle-cure sellers insist on PayPal Friends and Family to strip away buyer protection on worthless products.
How counterfeit sellers push PayPal Friends and Family to remove buyer protection on fake branded products.
How counterfeit and bulk-goods scammers demand wire transfers for fake products that arrive substandard or never.
How counterfeit sellers require Bitcoin to take payment for fake goods with no chargeback or refund path.
How empty-box scammers take instant Zelle payments for high-value electronics, then ship an empty or weighted box.
How empty-box sellers collect Cash App payments for pricey gadgets, then deliver an empty or filler-stuffed box.
How empty-box sellers demand bank transfers for high-value goods, then ship an empty box and vanish.
How grant impostors push instant Zelle 'processing fees' for an award that will never be paid.
How impostors posing as court officers direct victims to pay 'jury duty fines' at Bitcoin ATMs to avoid arrest.
How impostors claiming your number is compromised pressure victims into instant Cash App payments to 'protect' it.
How bogus trading coaches collect 'starter deposits' via Apple Pay and then block withdrawals behind fees.
How bogus credit-repair hustlers collect upfront fees through Venmo and deliver no lasting results.
How fraudulent binary options platforms ask victims to fund accounts via Wise transfers across borders.
How fake breeders, often posing as overseas sellers, demand wire transfers for animals that never arrive.
How counterfeit sellers collect instant Cash App payments for fake branded items with no buyer protection.
How overseas miracle-cure sellers request Wise transfers for unproven treatments to avoid refunds.
How fraudsters posing as romantic interests use Skrill to extract money from victims who believe they are in a genuine relationship.
How fake online personas exploit Venmo's social payment features to extract money from romantically deceived victims.
How scammers using fake identities steer victims to MoneyGram for cash pick-up transfers that are near-impossible to recover.
How fake online personas convince victims to buy prepaid cards and share the codes to fund an imagined relationship.
How scammers who obtain intimate images exploit Skrill to collect ongoing blackmail payments while remaining hard to trace.
How sextortion operators use Cash App's instant peer-to-peer transfers to demand blackmail payments from victims holding intimate material hostage.
How sextortion scammers demand prepaid card codes from victims to avoid traceable payments while leveraging intimate content.
How sextortion operators exploit Venmo's instant transfers and social features to collect blackmail payments from victims.
How romance scammers pivot from demanding gift cards to requesting Skrill transfers when victims grow suspicious of card requests.
How romance scammers use Venmo's familiar interface to collect money alongside or instead of gift-card requests.
How romance scammers use Cash App transfers to collect money from victims who have been primed through weeks of false emotional intimacy.
How romance scammers targeting victims abroad use MoneyGram cash pick-ups to collect funds framed as emergency help for a loved one.
How fake sugar daddy or sugar mama accounts use Skrill to collect upfront fees from victims promised a recurring allowance.
How fake affluent patrons use Cash App to extract verification fees from victims chasing a promised weekly allowance.
How fraudulent patron accounts exploit Venmo's social payment features to collect fees from victims expecting a weekly allowance.
How romance-based allowance scammers direct victims to send MoneyGram transfers for fees before a promised allowance arrives.
How romance fraudsters weave inheritance stories into their scripts and use Western Union to collect release fees from victims.
How scammers fuse romance with inheritance stories and use bank transfers to collect 'release fees' that make losses appear legitimate.
How romance scammers use MoneyGram cash remittances to collect inheritance release fees that can never be recovered once collected.
How romance scammers use Bitcoin to collect inheritance release fees from victims, making tracing and recovery nearly impossible.
How impersonators of famous people use Cash App to collect money from fans who believe they are in a private relationship with a celebrity.
How celebrity impersonators exploit Venmo's familiarity to collect payments from fans led to believe they are in a private relationship.
How celebrity impersonators use Western Union's global reach to collect cash from fans who believe they are in a secret relationship with a star.
How celebrity impersonators exploit fans' interest in crypto by requesting Bitcoin payments under the guise of a private romantic relationship.
How fraudulent debt settlement companies use Skrill to collect upfront fees from people struggling with debt who never receive any relief.
How fraudulent debt settlement operators use MoneyGram cash remittances to collect fees that produce no debt relief for victims.
How fraudulent debt settlement companies use Apple Pay's speed and mobile convenience to collect advance fees that produce no results.
How fraudulent debt settlement operators use Neteller to collect advance fees from victims who receive no debt relief in return.
How fraudulent credit repair companies collect upfront fees in prepaid card codes from consumers hoping to improve their credit scores.
How credit repair fraudsters use MoneyGram cash remittances to collect advance fees from consumers with damaged credit.
How fraudulent credit repair operations use Western Union's brand recognition to make advance-fee collection seem routine.
How fraudulent credit score improvement services use Skrill to collect advance fees from consumers, then deliver nothing.
How fraudulent lenders use Skrill to collect advance fees from borrowers who are approved for loans that never materialise.
How fraudulent lenders use MoneyGram cash transfers to collect advance fees from loan applicants who never receive funds.
How fraudulent lenders use Venmo's peer-to-peer simplicity to collect advance fees from borrowers seeking personal loans.
How fraudulent lenders exploit Western Union's global cash network to collect advance fees from borrowers who receive nothing in return.
How pension liberation fraudsters use Skrill to collect upfront fees from savers persuaded to access their retirement funds early.
How pension fraudsters target younger workers with Cash App requests to unlock early pension access that is never delivered.
How pension fraudsters persuade savers to transfer pension funds into Bitcoin investments that are then stolen.
How pension fraudsters collect advance fees in prepaid card codes from savers before delivering no actual pension access or investment.
How unregulated fake brokers use Skrill to funnel investor deposits into accounts the broker controls and victims can never withdraw from.
How fraudulent trading platforms use Neteller to accept investor deposits while circumventing the oversight of regulated banking.
How fake trading platforms recruit US investors and collect deposits via Cash App before showing growing balances they can never withdraw.
How fraudulent trading platforms use Google Pay's speed and consumer trust to collect investment deposits that victims can never withdraw.
How unregulated binary options platforms use Skrill to accept deposits from traders who can never withdraw their supposed winnings.
How fraudulent binary options platforms use Neteller's trading associations to accept deposits they will never return.
How unregulated binary options platforms list Google Pay to attract mobile-first traders before locking in their deposits.
How fraudulent binary options platforms exploit Apple Pay's trusted brand to collect mobile investment deposits with no intention of allowing withdrawals.
How fraudulent online pharmacies exploit Klarna and buy-now-pay-later financing to sell counterfeit or non-existent medications.
How fraudulent pharmacy websites use Apple Pay's one-tap convenience to collect payments for medications that never arrive or are counterfeit.
How counterfeit pharmacy websites use Google Pay to collect payments for medications that are fake, dangerous, or never delivered.
How fraudulent pharmacies request prepaid card payments to avoid chargebacks on sales of counterfeit or non-existent medications.
How fake retailers offer buy-now-pay-later financing to sell counterfeit branded products, complicating consumer dispute rights.
How fake storefronts use Apple Pay's mobile convenience to complete purchases of counterfeit branded products before buyers examine them.
How fake online retailers integrate Google Pay to speed up purchases of counterfeit branded merchandise on Android devices.
How peer-to-peer sellers on social platforms use Venmo to collect payment for counterfeit branded goods with no chargeback protection.
How fraudulent sellers use BNPL financing to sell goods that arrive as empty packages, turning a theft into an instalment dispute.
How peer-to-peer sellers collect Venmo payments for items that arrive as empty packages, with no platform buyer protection.
How fraudulent sellers accept Google Pay for goods that arrive as empty or nearly empty packages.
How fraudulent sellers use Apple Pay's trusted brand and one-tap convenience to collect payment for items delivered as empty boxes.
How fake ticket sellers use Venmo's no-buyer-protection personal payments to collect money for tickets that are invalid or never delivered.
How ticket fraudsters use Cash App to collect payments for sold-out event tickets that are fake, duplicated, or already used.
How fake ticket sellers exploit Apple Pay's convenience to collect payments for invalid concert and event tickets.
How fraudulent ticket sellers use Google Pay on mobile to speed up sales of invalid or duplicate event tickets.
How fake car sellers use Venmo deposits to steal money from buyers who never take delivery of a vehicle.
How cross-border vehicle scammers use Skrill to collect deposits for cars that do not exist or are not for sale.
How vehicle listing scammers exploit MoneyGram's international cash network to collect deposits for non-existent cars.
How car listing fraudsters use Western Union's global cash network to collect vehicle deposits that victims can never recover.
How ghost brokers use Venmo to collect premiums for auto insurance policies that are fake, cancelled, or have fraudulent details.
How ghost insurance brokers use MoneyGram cash remittances to collect premiums for voided or falsified motor policies.
How ghost brokers use Skrill to collect motor insurance premiums while bypassing regulated insurer payment systems.
How ghost insurance brokers target mobile users with Apple Pay premium requests for car insurance that is void from the start.
How fraudsters use fake vehicle shipping companies and wire-transfer requests to steal money from buyers who pay to transport cars that do not exist.
How fraudsters use fake escrow accounts and bank-transfer deposit requests to steal money from car buyers before the vehicle is ever delivered.
How fraudsters repeatedly demand wire-transfer payments for fabricated shipping fees, customs charges, and insurance costs for vehicles that will never be delivered.
Attackers send tiny crypto transactions to poison a victim's wallet history with a lookalike address, hoping the victim will copy it for a future transfer.
Fraudulent tax-calculation tools ask users to pay with cryptocurrency, then harvest wallet credentials or deploy malware rather than delivering working software.
Sellers advertise non-existent or counterfeit cryptocurrency mining hardware, accept crypto payment to prevent chargebacks, then deliver nothing.
Fraudulent cross-chain bridge interfaces accept cryptocurrency deposits for supposed asset transfers between blockchains but never send tokens to the destination chain.
Malicious bots front-run and back-run on-chain swap transactions, extracting value from traders by sandwiching their transactions between manipulated orders.
Attackers exploit DeFi protocols that rely on manipulable price oracles, artificially distorting asset prices within a transaction to drain protocol liquidity or trigger fraudulent liquidations.
Attackers send tiny cryptocurrency amounts to many wallets to track fund flows and link wallet addresses to real-world identities, enabling targeted fraud or extortion.
Attackers accumulate governance tokens or exploit flash-loan voting power to pass malicious proposals that drain a DAO's treasury or modify protocol parameters in their favor.
Investment fraud operations collect funds through bank transfers, paying early investors with later investors' money to maintain the illusion of legitimate returns.
Fraudsters trick victims into authorizing bank transfers through impersonation, urgency, and social engineering, exploiting the instant and often irreversible nature of electronic bank payments.
Fraudulent bullion dealers or storage programs collect bank transfers for gold, silver, or platinum investments that do not exist or cannot be delivered or redeemed.
Fraudulent carbon credit brokers collect bank transfers for worthless or non-existent emission certificates, exploiting interest in ESG and climate investing.
Fraudulent fractional real estate schemes collect bank transfers for shares in properties that do not exist, are already sold, or are controlled by dishonest operators who pocket investor funds.
Fraudulent trading platforms claiming to use AI automation accept cryptocurrency deposits, display fabricated profits, then block all withdrawals and disappear with investor funds.
How small, obscurely labelled recurring bank debits accumulate unnoticed, originating from deceptive authorisations that victims signed without understanding they were agreeing to ongoing charges.
How fraudsters selling VIN-cloned stolen vehicles increasingly demand cryptocurrency payment, making stolen-car transactions nearly impossible to trace or reverse.
How fraudulent car buyers trick private sellers into accepting gift card payments for vehicles, a method that provides no buyer-side recourse and is almost always associated with fraud.
How fraudsters running fake vehicle shipping operations insist on cryptocurrency payment to eliminate any possibility of fund recovery after collecting fees for vehicles that will never be delivered.
How fraudulent vehicle escrow services exploit cryptocurrency's irreversibility to steal deposits from car buyers with no possibility of fund recovery.
How fee-extraction shipping scammers pivot to gift card demands when initial wire-transfer attempts fail, using the same multi-payment playbook with an even harder-to-trace payment method.
How fraudsters requesting viewing-slot deposits by bank transfer exploit the faster payments infrastructure to receive and immediately withdraw funds before the buyer can raise an alarm.
Fraudulent yield-farming contracts accept cryptocurrency deposits with promises of extreme APY returns, then exploit admin key privileges or malicious token mechanics to drain deposited funds.
Cryptocurrency-denominated Ponzi schemes use the technical complexity of DeFi or staking mechanics to disguise the classic structure of paying early investors with later investors' funds.
How pig-butchering investment scams target US residents — from initial contact through fake trading platforms — with US-specific reporting routes and consumer protections.
How smishing campaigns impersonate US toll authorities — E-ZPass, SunPass, FasTrak, and others — to steal payment card details and personal information from drivers.
How smishing messages impersonating Royal Mail, Evri, DPD, and other UK carriers are used to harvest card details and personal data — with UK-specific reporting routes.
How investment fraud targets Australians — from crypto romance scams to fake managed funds — and the specific Australian reporting routes through Scamwatch and ASIC.
How online task fraud targets workers in the Philippines — particularly through fake part-time job offers on Facebook and Telegram — and the Philippine-specific reporting routes through the PNP Anti-Cybercrime Group.
How cryptocurrency fraud targets Canadians — from fake exchanges to romance-linked investment schemes — and how to report to the Canadian Anti-Fraud Centre and FINTRAC.
How romance fraud affects US residents — from dating app contact through cryptocurrency demands — with US-specific reporting routes through the FTC and FBI IC3.
How investment fraud targets UK residents — from clone firm scams to crypto romance schemes — with UK-specific tools including the FCA ScamSmart checker and Action Fraud reporting.
How pig-butchering investment fraud targets Singapore residents, the ScamShield app available to Singaporeans, and how to report to the Singapore Police Force and MAS.
How fake tech support fraud targets Canadians — from Microsoft pop-up scams to CRA impersonation — and how to report to the Canadian Anti-Fraud Centre.
How online task fraud targets workers in India through WhatsApp and Telegram, the Indian reporting routes through cybercrime.gov.in and the 1930 helpline, and why part-time job deposits are always a scam signal.
How cryptocurrency fraud targets Australians — from social media investment pitches to superannuation crypto schemes — with reporting routes through Scamwatch, ASIC, and ReportCyber.
How smishing messages impersonating USPS, FedEx, UPS, and Amazon steal card details and personal information from US residents — with reporting routes through the FTC and FBI IC3.
How callers posing as Australian bank fraud teams and police convince victims to move funds to a 'safe account' — with reporting routes through Scamwatch, ReportCyber, and AFCA.
How romance fraud targets Australians across dating apps and social media — with Australian-specific reporting routes through Scamwatch, IDCARE, and the Australian Cyber Security Centre.
How investment fraud targets Canadians — from clone-firm pitches to pig-butchering — with provincial securities commission checks and reporting routes through the Canadian Anti-Fraud Centre.
How pig-butchering investment fraud targets UK residents — from clone firm tactics to bank transfer grooming — with the FCA ScamSmart checker, Action Fraud, and APP fraud reimbursement options.
How online task fraud targets US workers through fake part-time job offers on social media and messaging apps — with reporting routes through the FTC, FBI IC3, and state attorneys general.
How cryptocurrency fraud targets Singapore residents — from fake MAS-licensed platforms to social media investment pitches — with MAS verification tools, ScamShield, and SPF reporting routes.
How callers posing as UK bank fraud teams and police officers manipulate victims into authorising transfers — with the 159 hotline, APP fraud reimbursement rules, and Action Fraud reporting.
How fake tech support fraud targets US residents — from Microsoft pop-up alerts to IRS impersonation — with FTC and FBI IC3 reporting routes and the payment methods most commonly demanded.
How smishing texts impersonating Australia Post, DHL, and Toll Group steal card details and personal information from Australians — with reporting routes through Scamwatch, ReportCyber, and the ACCC.
How smishing texts impersonating SingPost, DHL, and Ninja Van steal card details and personal information from Singapore residents — with ScamShield, SPF reporting, and the official carrier domains.
How fraudulent investment platforms target Indian investors through WhatsApp groups and Telegram channels — with SEBI verification, the 1930 Cyber Crime Helpline, and cybercrime.gov.in reporting routes.
How romance fraud targets Canadians — from dating app contact through crypto ATM and wire transfer demands — with reporting routes through the Canadian Anti-Fraud Centre and provincial support.
How fake tech support fraud targets Australians — from NBN and Telstra impersonation to Microsoft pop-ups — with Scamwatch and ReportCyber reporting routes and the Australian-specific variants.
How pig-butchering investment fraud targets Filipinos via dating apps and Facebook — with GCash deposit mechanics, PNP Anti-Cybercrime Group reporting, and SEC Philippines verification.
How online task fraud targets UK workers through WhatsApp job offers and Telegram groups — with Action Fraud and the 159 hotline as reporting routes, and the UK-specific payment patterns.
How fraudulent investment platforms target Singapore residents with fake MAS-licensed credentials — with ScamShield protection, the MAS Investor Alert List, and SPF reporting routes.
How romance fraud targets Filipinos through Facebook and dating apps — with GCash and Maya payment mechanics, PNP Anti-Cybercrime Group reporting, and NBI Cybercrime Division as the primary reporting routes.
How online task fraud targets Canadian workers through WhatsApp and Telegram — with Interac e-Transfer and crypto ATM payment mechanics, and reporting routes through the Canadian Anti-Fraud Centre.
How cryptocurrency fraud targets UK residents — from clone firm crypto platforms to social media investment pitches — with the FCA ScamSmart checker, Action Fraud, and the 159 hotline.
How smishing texts impersonating India Post, Amazon India, and courier services steal card details and personal data from Indian consumers — with cybercrime.gov.in and the 1930 Cyber Crime Helpline as reporting routes.
How callers posing as Canadian bank fraud teams and RCMP officers convince victims to move funds to 'safe accounts' — with CAFC reporting, the Canadian banking industry's anti-scam messaging, and what to do after a transfer.
How cryptocurrency fraud targets Indian investors — from UPI-linked fake exchanges to WhatsApp investment groups — and the reporting routes available.
How romance fraud affects Nigerian victims — from dating-app grooming to blackmail — and the local reporting routes available.
How SMS smishing campaigns impersonating Canada Post and major couriers deceive Canadian recipients into handing over card details and personal information.
How tech-support fraudsters target UK residents by impersonating HMRC, BT, Sky, and major banks — and the Action Fraud reporting process.
How crypto fraud targets Filipino residents — from fake play-to-earn schemes to pig-butchering operations — and where to report to the BSP and NBI.
How fraudsters specifically target Australian self-managed super fund holders and retirement savers with fake investment schemes and unlicensed advisers.
How SMS fraud impersonating DHL, FedEx, and local couriers targets Nigerian phone users with parcel fee demands and credential-harvesting links.
How fake app-rating and product-review jobs targeting Australian workers via WhatsApp and Telegram use OSKO transfers and crypto to extract money.
How romance fraud targets Indian users on matrimonial sites, Facebook, and Instagram — from dowry-related advance-fee requests to pig-butchering grooming.
How long-term investment romance fraud targets Canadian residents via WhatsApp and dating apps, and the CAFC and RCMP reporting pathways.
How investment fraud — from pyramids to fake forex platforms — targets Filipino investors and OFWs, and the SEC Philippines and NBI reporting routes.
How cryptocurrency fraud targets US residents — from pig-butchering to Bitcoin ATM scams — and the FTC, IC3, and SEC reporting routes.
How long-term romance investment fraud targets Australians via dating apps and WhatsApp, and the Scamwatch and AFCA reporting pathways.
How fake asset-recovery firms and impersonators targeting US fraud victims extract additional fees — and the FTC reporting process.
How pyramid schemes, fake forex platforms, and ponzi operations target Nigerian investors and savers — and the SEC Nigeria and EFCC reporting routes.
How fraudsters clone FCA-registered firm details to operate fake UK crypto trading platforms — and how to use the FCA register and Warning List to verify.
New Zealand residents face a rising tide of investment fraud, including pig-butchering schemes and fake managed funds that impersonate FMA-registered entities. Victims have collectively lost tens of millions of New Zealand dollars.
South Africa has seen several large-scale crypto fraud schemes, including Ponzi operations that collectively defrauded tens of thousands of South Africans. Scammers exploit currency volatility and limited formal crypto regulation to lure victims.
Fraudsters send SMS and WhatsApp messages impersonating An Post and private couriers, directing Irish recipients to pay fake customs or redelivery fees on phishing websites that harvest card details.
After suffering investment or crypto fraud, UK victims are often re-targeted by 'asset recovery' firms that charge large upfront fees but have no legitimate ability to retrieve lost funds. These firms frequently impersonate the FCA or Action Fraud.
Indian consumers are frequently targeted by fraudsters impersonating bank representatives and demanding KYC (Know Your Customer) updates over phone. Victims who comply hand over OTPs and credentials that drain their accounts.
New Zealand consumers receive fraudulent SMS messages impersonating NZ Post and NZ Customs demanding small fees to release parcels. The links lead to card-skimming sites that capture full payment details.
Nigerian citizens and diaspora members are increasingly targeted by pig-butchering investment fraud originating from Southeast Asian scam compounds, using the promise of overseas income and crypto returns to lure victims.
Singapore's well-educated, high-income population makes it a prime target for romance scams that blend emotional manipulation with investment fraud. The Singapore Police Force (SPF) consistently ranks romance scams among the top fraud categories by financial loss.
Irish consumers are targeted by investment firms that clone the identity of CBI-authorised companies or create convincing new brands. Victims are lured by social media ads and cold calls promising returns that legitimate funds cannot match.
Task scams targeting Nigerians promise daily income for rating apps, reviewing products, or boosting social media accounts, then demand escalating recharge deposits that are never refunded. Victims lose savings chasing promised withdrawals.
Fraudsters send bulk SMS and email messages impersonating Australia Post, AusPost Express, and private couriers to harvest card details from Australians through fake redelivery and customs-fee pages.
Canadians are frequently targeted by fraudsters impersonating the Canada Revenue Agency and major Canadian banks, using arrest threats and account-freeze stories to pressure immediate payments via gift cards or Interac e-Transfer.
US rental fraud costs Americans millions of dollars annually, with fraudulent listings appearing on Craigslist, Facebook Marketplace, and Zillow. Scammers clone legitimate listings and collect deposits from multiple victims for properties they have no right to rent.
Nigeria's vibrant crypto community has been repeatedly targeted by Ponzi schemes, fake exchanges, and P2P marketplace fraud. The SEC Nigeria has issued multiple warnings and enforcement actions, but new operations emerge faster than regulation can respond.
Australian fraud victims are re-targeted by fake asset recovery firms that impersonate ASIC, the AFCA, or law enforcement to collect upfront fees. ScamWatch data shows Australians lose significant sums to this secondary layer of fraud.
The United States sees more reported investment fraud losses than almost any other country, with billions lost annually to crypto investment scams, pig-butchering, and unregistered securities offerings. The SEC and FTC actively pursue perpetrators but prevention requires consumer vigilance.
Fraudulent rental listings on Rightmove, Zoopla, Facebook Marketplace, and SpareRoom target UK renters facing a competitive housing market, collecting deposits via bank transfer for properties the scammer has no right to let.
Romance fraud is one of the highest-value scam categories in the United Kingdom by total losses, with victims losing millions collectively each year. Action Fraud reports significant under-reporting due to shame, meaning real losses are likely far higher.
Irish consumers have lost significant sums to cryptocurrency fraud, including fake exchange platforms, celebrity-endorsed deepfake investment ads, and pig-butchering schemes that target the country's growing crypto-curious population.
India's rapidly growing crypto and stock market investor base has been targeted by pig-butchering operations that blend romance and investment fraud. SEBI and CERT-In have both issued alerts as Indian losses from these schemes accumulate.
Filipino workers and OFWs are targeted by pig-butchering operations that exploit the remittance-sending culture and aspiration for passive income. Some Filipinos are also trafficked into scam compounds to operate these schemes against other victims.
Singapore residents receive impersonation calls from people claiming to be Singapore Police Force officers, MAS representatives, or CPF Board staff, using authority and arrest threats to coerce immediate payments.
Canadians lose hundreds of millions of dollars annually to cryptocurrency fraud, with investment scams topping the list. Scammers exploit gaps in FINTRAC's real-time visibility and the lack of a central crypto investor protection fund.
Australia's ACCC ScamWatch data consistently shows romance-based investment fraud as one of the highest-loss categories. Pig-butchering operations specifically target Australian seniors and middle-aged adults via dating sites and social media.
South Africans face a persistent threat from binary options fraud, Ponzi schemes, and fake property investment platforms. The FSCA's warning register is updated regularly but cannot keep pace with new fraudulent entities.
Australians face high volumes of phishing attacks impersonating myGov, the ATO, major banks, and Australia Post, with SMS and email phishing among the most reported scam types to Scamwatch.
UK phishing campaigns impersonate HMRC, Royal Mail, NHS, and high-street banks with sophisticated SMS and email attacks that exploit PAYE tax deadlines, parcel delivery seasons, and NHS appointment confirmations.
US phishing attacks impersonate the IRS, USPS, Social Security Administration, major banks, and popular tech brands — with spear-phishing and business email compromise among the highest-cost variants.
India's rapid digital financial adoption — driven by UPI, NEFT, and digital banking — has created a large attack surface for phishers impersonating NPCI, major banks, and government tax and pension portals.
Canadian phishing attacks target CRA, Service Canada, Canada Post, and major banks — with tax season and CERB-related campaigns among the highest-volume attacks reported to the Canadian Anti-Fraud Centre.
Australians lose hundreds of millions of dollars annually to fake trading platforms promoted via social media, celebrity deepfake ads, and WhatsApp groups — ASIC maintains a warning list of unlicensed platforms.
The UK's FCA maintains an active warning list of fraudulent trading platforms and has run sustained ScamSmart campaigns, yet UK investors lose hundreds of millions of pounds annually to clone firms and fake brokers.
Task scams operating in German-speaking markets recruit via WhatsApp and Telegram, targeting job-seekers and part-time workers with offers of remote task work paid in cryptocurrency or bank transfer.
Malaysia is a primary source and target market for task scams, with organised crime groups operating from Kuala Lumpur and Johor Bahru running operations that exploit high youth unemployment and familiarity with digital payments.
Task scams targeting South Africans exploit high unemployment by offering credible-sounding remote income through WhatsApp-based 'digital marketing' or 'social media' work, with cryptocurrency payment introduced once trust is established.
Germany's strong tech adoption and large crypto-curious population make it a target for fake exchange scams, deepfake celebrity investment promotions, and BaFin-impersonation fraud.
Malaysia's growing crypto adoption is targeted by unlicensed exchanges, pig butchering scams, and fake mining platforms promoted through Malaysian social media and messaging apps.
Germany's large online dating user base and cultural openness to international relationships make it a significant target for romance fraud, with losses increasingly involving cryptocurrency and bank wire transfers.
Malaysia is both a major target and a significant source country for romance fraud, with pig butchering operations actively recruiting Malaysian operators and targeting Malaysian victims through dating apps and social media.
Nigerian internet users face a high volume of phishing attacks targeting bank account credentials, BVN numbers, and mobile money wallets, with criminals using cloned banking portals and SMS spoofing to harvest financial access.
American investors are targeted by fraudulent online trading platforms that mimic legitimate brokerages, display fabricated profits, and block all withdrawals — often discovered only after victims have invested tens of thousands of dollars.
Pig butchering investment fraud is growing rapidly in South Africa, where scammers recruit victims via social media and dating apps before steering them toward fake crypto trading platforms denominated in ZAR or USD, often operating out of Southeast Asian scam centres.
Australian rental seekers — particularly in tight metropolitan markets like Sydney and Melbourne — are targeted by fake listings on Domain, Gumtree, Facebook Marketplace, and Flatmates.com.au, losing bond deposits and first-month rent to scammers who never owned the property.
New Zealanders are disproportionately targeted by romance and investment hybrid scams — particularly pig butchering — given the country's high internet usage, affluent demographics, and relatively small, trusting online communities.
South African banking customers face targeted phishing attacks impersonating FNB, Standard Bank, Absa, Nedbank, and Capitec, with criminals harvesting internet banking credentials, OTPs, and card PINs through fake SMS alerts and cloned login portals.
German investors are targeted by boiler-room operations, fake crypto trading platforms, and clone firms that impersonate BaFin-regulated brokers, often recruiting victims through social media investment groups and cold calls in German and English.
German consumers receive fraudulent SMS messages impersonating DHL, DPD, Hermes, and Deutsche Post, directing them to phishing pages that harvest payment card details or install malware under the guise of rescheduling a delivery.
India's retail trading boom has attracted fraudulent platforms that mimic SEBI-registered brokers, recruit through WhatsApp investment groups and Telegram channels, and promise guaranteed returns through fraudulent stock tips, options trading, and crypto schemes.
Despite mainland China's ban on cryptocurrency trading, crypto scams remain prevalent among Chinese nationals through underground OTC markets, pig butchering operations, and fake mining or staking platforms — with overseas Chinese communities facing particularly high targeting rates.
Ireland's severe housing shortage and high rental prices create a target-rich environment for scammers who post fake listings on Daft.ie, Rent.ie, and Facebook Marketplace, collecting deposits from multiple victims for properties they do not own or control.
German residents are targeted by pig butchering operations that present as crypto or forex investment opportunities through social media contacts and dating apps, with platforms mimicking BaFin-regulated brokers to bypass initial suspicion.
Malaysian investors are targeted by Macau scam variants, fake forex and crypto platforms, and pig butchering operations that exploit strong social media usage and high financial aspirations among working-age Malaysians.
Irish consumers receive fake Microsoft, Apple, and bank support calls claiming their devices or accounts have been compromised, and are directed to pay for non-existent fixes via gift cards, wire transfer, or cryptocurrency.
Malaysian mobile users receive fraudulent delivery notifications impersonating Pos Malaysia, DHL Malaysia, and J&T Express, directing them to phishing sites that harvest banking credentials or install malicious APKs under the guise of parcel tracking.
Canadian rental seekers — particularly in Vancouver, Toronto, and Calgary — face a surge of fake listings on Kijiji, Facebook Marketplace, and Craigslist, where fraudsters collect deposits and first-month rent before the victim discovers the property was never theirs to rent.
Canadian fraud victims who have lost money to investment, crypto, or romance scams are re-targeted by fake recovery services claiming affiliation with the RCMP, CAFC, or legal firms, charging upfront fees for fund recovery that never occurs.
Singaporean investors are targeted by fraudulent trading platforms that falsely claim MAS licensing, recruit through Telegram investment groups and social media, and typically form part of larger pig butchering or romance scam operations.
South African consumers face romance fraud through Facebook, Instagram, and dating apps, with scammers posing as overseas professionals and quickly steering relationships toward financial requests or fake investment platforms.
Singapore residents are targeted by phishing attacks impersonating DBS, OCBC, UOB, Singpass, and CPF, using SMS spoofing and fake login portals to harvest banking credentials and MyInfo personal data.
South African job seekers encounter advance-fee task fraud through WhatsApp and Telegram, with operations promising daily earnings in rands for simple online tasks that ultimately require deposits the victim never recovers.
Irish consumers are targeted by pig butchering operations through social media and dating apps, with scammers posing as overseas Irish or European professionals before steering victims toward fake investment platforms using EUR-denominated dashboards.
Philippine mobile users receive fraudulent delivery notifications impersonating LBC Express, J&T Philippines, Lazada, and Shopee logistics, directing them to phishing sites that harvest GCash, Maya, and bank login credentials.
New Zealand consumers receive fake Microsoft, Apple, and bank fraud department calls, as well as pop-up computer scares, that trick victims into paying for non-existent fixes or granting remote access to their devices.
Romance scams targeting Chinese nationals operate through WeChat, Tantan, Momo, and international dating apps, with pig butchering operations based in Southeast Asian compounds specifically recruiting Chinese-speaking operators to target Chinese-speaking victims globally.
Rental scams in India's major cities — Bengaluru, Mumbai, Hyderabad, Pune — target relocating professionals and students with fake listings on NoBroker, Housing.com, and Facebook, collecting advance deposits and brokerage fees for properties the scammer does not own or control.
Philippine mobile users face high-volume phishing targeting GCash, Maya (PayMaya), BDO, BPI, and Metrobank, using SMS spoofing, Facebook Messenger links, and cloned e-wallet portals to harvest account credentials and OTPs.
New Zealand investors face a growing volume of cryptocurrency fraud through fake trading platforms, celebrity endorsement scams on social media, and pig butchering schemes that the FMA has specifically flagged as high-risk for the New Zealand market.
Nigerian fraud victims — particularly those who lost money to advance-fee, investment, or romance scams — are re-targeted by fake recovery services posing as EFCC investigators, international law firms, or specialised cyber forensics companies.
Fraudulent trading platforms targeting New Zealanders impersonate FMA-regulated brokers or claim to be FMA-licensed to solicit cryptocurrency and forex investments, with the FMA's investor alert list growing consistently as new operations are identified.
Filipino investors face a surge of investment fraud through social media, messaging apps, and pig butchering operations, with the SEC Philippines and BSP issuing repeated warnings about unregistered platforms and HYIP (high-yield investment program) schemes.
South African mobile users receive fraudulent delivery notifications impersonating Postnet, Aramex, DHL South Africa, and The Courier Guy, directing them to phishing pages that harvest banking credentials and card details.
Irish consumers are targeted by phishing attacks impersonating AIB, Bank of Ireland, Revolut, Revenue Commissioners, and An Post, using SMS spoofing and cloned login portals to capture banking credentials and Revenue MyAccount access.
South African consumers receive fake Microsoft, Apple, and bank fraud department calls that harvest remote access credentials, OTPs, and banking PINs, sometimes overlapping with 'vishing' operations specifically designed for the South African banking environment.
Malaysia has become a high-frequency target for pig butchering operations, with Chinese-speaking networks specifically crafting culturally resonant approaches for Malaysian-Chinese victims through WhatsApp, WeChat, and dating apps.
Singapore's high property costs and competitive rental market attract scammers who post fake HDB and condominium listings on PropertyGuru, 99.co, and Facebook Marketplace, collecting deposits from victims who cannot afford to lose their housing search funds.
Chinese mobile users receive fraudulent SMS and WeChat messages impersonating SF Express, JD Logistics, Cainiao, and other carriers, directing them to phishing pages that harvest Alipay, WeChat Pay, and bank credentials.
Filipino fraud victims — particularly those who lost money to task scams, pig butchering, or GCash fraud — are re-targeted by fake recovery services impersonating NBI investigators, BSP officials, or international cybercrime units.
How romance scammers target people in Ireland across dating apps, social media, and messaging platforms, with specific patterns reflecting Irish digital habits and financial systems.
How investment fraud targets New Zealanders through social media ads, cold-call boiler rooms, and crypto platforms, with reporting routes to FMA and Netsafe.
How phishing attacks in Malaysia target Maybank, CIMB, and e-wallet users through fake banking SMS, Macau scam phone calls, and social media impersonation.
How fake tech support scammers target German residents through browser lockscreen alerts, phone calls impersonating Microsoft and Telekom, and remote access schemes.
How cryptocurrency fraud targets South Africans through high-profile investment schemes, WhatsApp investment groups, and fake exchange platforms.
How task-based job scams recruit New Zealanders via WhatsApp and Telegram, then demand cryptocurrency deposits to unlock commission payouts.
How SIM swap fraud operates in the US, targeting crypto holders and high-value account owners by socially engineering mobile carriers to transfer phone numbers.
How pig-butchering investment fraud has emerged as a major threat in New Zealand, with the FMA issuing specific warnings about crypto trading platforms targeting Kiwi investors.
How fraudulent rental listings on German platforms like Immoscout24 and WG-Gesucht target apartment hunters with advance payment requests and fake landlord profiles.
How WhatsApp task and job scams target UK residents with commission work offers that escalate into cryptocurrency deposit demands.
How scammers in India impersonate CBI, ED, TRAI, and courier companies to threaten victims with fake arrest warrants, extorting payments to avoid non-existent legal proceedings.
How fraudulent QR codes are used in Australia to redirect payments, steal myGov credentials, and enable fake parking and dining payment fraud.
How romance scammers target South Africans through dating apps, Facebook, and Instagram, exploiting EFT payment infrastructure and the country's large unbanked population dynamics.
How investment fraud targets Singaporeans through social media ads, messaging app investment groups, and clone firm scams, with SPF and MAS reporting routes.
How fraudulent organisations exploit US natural disasters and emergencies to divert charitable donations and impersonate FEMA assistance programmes.
How scammers impersonate Singapore Police Force officers and government officials to extort payments from residents under threat of arrest or legal proceedings.
How fraudsters impersonate HMRC through phone calls, SMS, and emails to extort tax debt payments or harvest self-assessment login credentials from UK taxpayers.
How investment fraud targets Canadians through exempt market offerings, social media crypto ads, and affinity group scams, with IIROC and CSA reporting routes.
How cryptocurrency investment fraud targeting Jamaicans operates through social media, WhatsApp, and fake trading platforms.
Understanding how advance fee fraud operates in Jamaica, including lottery fraud, inheritance schemes, and employment-related variants.
How fake foreign lottery notifications target Jamaican residents and how to recognise and avoid them.
Romance scams in Jamaica — how fraudsters use fake romantic relationships on social media to extract money from victims.
How criminals target previous fraud victims in Jamaica by posing as recovery specialists and charging fees to retrieve lost funds.
How fake online job platforms defraud Jamaicans by asking them to complete paid tasks that require cryptocurrency deposits.
How sextortion and romance blackmail scams target Jamaicans on social media and dating platforms, and what to do if targeted.
How long-con cryptocurrency investment fraud targets Moldovan residents through social media and fake trading platforms.
How fraudulent job recruiters exploit Moldova's high emigration rates to defraud jobseekers with fake overseas employment offers.
How sextortion and romance blackmail scams operate in Moldova, targeting individuals on dating platforms and social media.
How fraudulent investment schemes target Moldovans with promises of high returns through Ponzi structures and fake brokers.
How advance fee fraud targets Moldovans with fake inheritance, grant, and prize notifications demanding upfront payments.
Romance scams in Moldova — how fraudsters use fake relationships to extract money from victims on dating platforms and social media.
How fake micro-task platforms target Moldovans seeking online income by requiring cryptocurrency deposits to access earnings.
Why Laos has become both a source country for pig butchering scam operations and a country where Lao residents are targeted.
How fraudulent cryptocurrency and forex trading platforms target Lao residents with fabricated returns and blocked withdrawals.
How micro-task fraud targeting Lao residents extracts cryptocurrency deposits through fake online job platforms.
How fraudulent job offers in Laos lead to financial fraud and in the most serious cases to labour trafficking.
How cryptocurrency fraud operates in Laos, from fake wallets and exchanges to social-media-driven investment schemes.
How fraudulent job offers sent via WhatsApp target Lao workers with fake income opportunities requiring upfront payments.
How romance scams targeting Lao residents use fabricated relationships to extract money through investment pitches and emergency requests.
How advance fee fraud targeting Hondurans operates through fake government grants, inheritance notices, and business offers.
How fraudulent job offers exploit Honduras's high unemployment and emigration pressures to defraud jobseekers.
How fraudulent job offers spread via WhatsApp target Hondurans with fake income opportunities requiring upfront fees or deposits.
How fake parcel delivery SMS messages trick Hondurans into paying fees or providing personal data.
How fraudsters impersonating police officers in Honduras extort money from residents under threat of arrest or prosecution.
How fraudulent investment schemes operate in Honduras, targeting residents with promises of high returns through unregulated platforms.
How fraudulent charity appeals exploit humanitarian needs in Honduras to solicit donations that never reach genuine beneficiaries.
How cryptocurrency fraud targets Salvadorans in the context of Bitcoin's legal tender status, exploiting public familiarity with digital currency.
How fraudulent investment schemes target Salvadorans, often exploiting remittance income and Bitcoin familiarity.
How fraudulent forex and crypto trading platforms defraud Salvadorans with fabricated returns and blocked withdrawals.
How long-con crypto investment fraud targets Salvadorans through manufactured relationships and fake trading platforms.
How fraudulent job offers targeting Salvadorans exploit emigration pressures and high unemployment with promises of overseas work.
How advance fee fraud operates in El Salvador through fake government benefits, inheritance offers, and business-deal notifications.
How fake online task platforms defraud Salvadorans by requiring cryptocurrency deposits to unlock earnings.
How advance fee fraud targets Batswana with fake business deals, inheritance notifications, and government grant schemes.
How fraudulent charity appeals exploit community generosity in Botswana to collect donations that never reach intended beneficiaries.
How fake foreign lottery notifications target Batswana with prize claims requiring upfront fees to release winnings.
How romance scams target Batswana on social media and dating platforms with fabricated relationships designed to extract money.
How fraudulent investment schemes target Batswana with high-return promises through unregulated online platforms and pyramid schemes.
How scammers impersonating the Botswana Unified Revenue Service (BURS) extract payments from residents through fake tax demands.
How fraudulent job offers distributed via WhatsApp target Batswana with fake income schemes requiring deposits.
How fraudulent investment schemes target Zimbabweans with promises of high returns amid a challenging economic environment.
How fraudulent forex and cryptocurrency trading platforms defraud Zimbabweans with fabricated account balances and blocked withdrawals.
How advance fee fraud targets Zimbabweans with inheritance claims, government benefit notifications, and business deal offers.
How fake foreign lottery notifications target Zimbabweans with prize claims that require fees to release.
How fraudulent charity appeals exploit Zimbabwe's humanitarian challenges to collect donations that never reach genuine beneficiaries.
How cryptocurrency fraud targets Zimbabweans seeking dollar-stable assets and inflation protection through digital currency.
How fraudulent job offers exploit Zimbabwe's high unemployment with fake overseas employment opportunities requiring upfront fees.
How advance fee fraud targets Zambians through fake mining contracts, inheritance notices, and government grant schemes.
How fraudulent charity appeals exploit Zambia's genuine humanitarian needs to collect donations that never reach beneficiaries.
How fraudulent investment schemes target Zambians with pyramid structures, fake forex platforms, and high-return crypto promises.
How fake foreign lottery notifications target Zambians with prize claims conditional on paying upfront fees.
How fraudulent job offers distributed via WhatsApp target Zambians seeking flexible income with fake task-based platforms.
How fraudulent job offers targeting Zambians exploit high unemployment with fake overseas and domestic employment opportunities.
How scammers impersonating the Zambia Revenue Authority (ZRA) extort payments from individuals and businesses.
How fraudulent investment schemes target Rwandans amid the country's rapid economic growth and digital transformation.
How long-con cryptocurrency investment fraud targets Rwandans through fabricated relationships and fake trading platforms.
How fraudulent job offers targeting Rwandans exploit employment aspirations with fake overseas and domestic work opportunities.
How advance fee fraud targets Rwandans through fake government grants, business-deal notifications, and inheritance claims.
How fraudulent charity appeals exploit Rwanda's post-genocide recovery context to collect donations that never reach genuine beneficiaries.
How fake online task income schemes reach Rwandans via WhatsApp and extract deposits under the guise of digital employment.
How cryptocurrency fraud targets Rwandans through fake exchanges, investment groups, and wallet-draining schemes.
How advance fee fraud targets Ethiopians through fake government grants, business-deal invitations, and inheritance notifications.
How fraudulent job offers targeting Ethiopians exploit high unemployment and migration aspirations with fake overseas work opportunities.
How fake online task income schemes reach Ethiopians via WhatsApp and Telegram with promises of flexible digital income.
How fraudulent charity appeals exploit Ethiopia's humanitarian profile to collect donations that never reach genuine beneficiaries.
How fraudulent investment schemes target Ethiopians and the diaspora with fake forex, crypto, and property investment opportunities.
How fake foreign lottery notifications target Ethiopians and the diaspora with prize claims requiring upfront fees.
How romance scams targeting Ethiopians use fabricated relationships to extract money through emergency requests and investment pitches.
How advance-fee fraud targets Mozambique residents and diaspora with promises of large windfalls in exchange for upfront payments.
Fraudulent recruitment agencies in Mozambique charge upfront fees for overseas jobs that do not exist, leaving workers out of pocket and stranded.
Fraudulent job offers spread through WhatsApp in Mozambique promise easy income for simple online tasks but ultimately drain victims' mobile-money wallets.
Romance scammers create false relationships with people in Mozambique over weeks or months before manufacturing crises that require money transfers.
Fraudulent investment schemes in Mozambique promise outsized returns from forex, mining, or natural-gas ventures and target savers with limited access to regulated financial products.
After cyclones and other disasters, fraudulent charity appeals target both international donors and local Mozambicans, siphoning relief money meant for genuine victims.
Cryptocurrency fraud is growing in Mozambique as scammers exploit limited regulatory oversight and rising interest in digital assets among urban youth.
Advance-fee fraud targets Tunisians and the diaspora with promises of European visa assistance, unclaimed funds, or business contracts requiring upfront payments.
Fraudulent forex and cryptocurrency trading platforms target Tunisian savers by showing fabricated profits before blocking all withdrawals.
Sextortion scammers target Tunisian men and women through fake online relationships, threatening to share intimate content with family and employers unless money is paid.
Fraudulent recruiters in Tunisia charge young job-seekers upfront fees for non-existent European jobs, exploiting demand for legal emigration opportunities.
Fraudulent holiday-rental and hotel-booking sites target tourists visiting Tunisia's coastal resorts, collecting payments for accommodation that does not exist.
Online task scams recruit Tunisian freelancers and job-seekers to complete simple paid tasks, then demand deposits to unlock earnings that are never paid out.
Scammers impersonating Tunisian tax authorities contact taxpayers and businesses demanding immediate payment of fabricated arrears under threat of legal action.
Fraudulent online trading platforms exploit Algeria's foreign-exchange restrictions to lure savers with promises of offshore investment returns that never materialise.
Advance-fee fraud in Algeria targets citizens with fake inheritance claims, government contract opportunities, and emigration assistance requiring upfront payments.
Fraudulent employment agencies in Algeria collect fees from job-seekers for non-existent European and Gulf-state positions, exploiting high demand for legal emigration.
Cryptocurrency scams in Algeria thrive in a legal grey area where the official prohibition on digital assets increases the appeal of 'secret' investment opportunities.
Sextortion scammers target Algerians through fabricated online relationships, threatening to share intimate content with family and contacts unless payments are made.
Fraudsters impersonate Algerian police or customs officers to extort payments from citizens by threatening arrest, fines, or asset seizure.
Pig-butchering scams combine romance and fake investment to systematically extract large sums from Algerians, often over months of carefully cultivated deception.
Advance-fee fraud targets Fijians with fake lottery wins, overseas inheritance claims, and business contracts requiring upfront payments.
Fraudulent accommodation and tour-booking sites steal deposits from tourists planning Fiji trips, leaving them without reservations on arrival.
Fraudulent investment schemes in Fiji promise high returns from agriculture, property, or digital trading, targeting savers in a market with limited regulated investment options.
Romance scammers target Fijians and tourists via social media, building emotional relationships over weeks before engineering financial crises that require money transfers.
Fake job offers circulate through Fiji's WhatsApp networks, promising easy income for simple online tasks before demanding deposits that are never returned.
After cyclones and floods, fake charitable appeals exploit Fiji's disaster vulnerability and donors' generosity to collect funds that never reach affected communities.
Smishing messages impersonating courier and postal services trick Fiji residents into paying fake clearance fees or entering payment details on phishing sites.
Fraudulent resort and liveaboard booking sites steal substantial deposits from travellers planning Maldives trips, leaving them without accommodation on arrival.
Fraudulent investment schemes in the Maldives target hospitality workers and diaspora savers with fake resort development projects and high-yield trading platforms.
Sextortion and romance blackmail affect residents of the Maldives, where social conservatism amplifies the coercive power of threats to expose intimate content.
Fraudulent recruitment agencies target Maldivian workers and incoming expatriates with fake hospitality and construction jobs requiring upfront placement fees.
Pig-butchering fraud combines cultivated online relationships with fake investment platforms to drain Maldivian savers over months of carefully staged deception.
Romance scammers target Maldivian residents and hospitality workers through social media, building false emotional bonds before engineering financial requests.
Advance-fee fraud targets Maldivian residents and diaspora with fake lottery wins, business contract offers, and unclaimed estate claims requiring upfront payments.
Fraudulent employment agencies in Uzbekistan charge workers seeking jobs in Russia, South Korea, and the Gulf states upfront fees for positions that do not exist.
Fraudulent investment schemes in Uzbekistan exploit economic liberalisation and growing investor interest to sell fake forex, crypto, and business venture opportunities.
Online task scams spread through Uzbekistan's Telegram ecosystem, promising easy supplementary income before extracting deposits that are never returned.
Romance scammers target Uzbekistani residents through social media, building false relationships before requesting money for manufactured emergencies.
Advance-fee fraud targets Uzbekistani residents with fake government grant schemes, business contracts, and overseas inheritance claims requiring upfront payments.
Pig-butchering fraud combines cultivated online relationships with fake trading platforms to drain Uzbekistani savers over weeks or months.
Cryptocurrency fraud is growing rapidly in Uzbekistan as official crypto regulation develops and scammers exploit early adopter enthusiasm and knowledge gaps.
Fake online job offers in Uzbekistan spread through WhatsApp and Telegram, promising easy income for digital tasks before extracting deposits from willing participants.
Advance-fee fraud targets residents of Trinidad and Tobago with fake lottery wins, overseas business deals, and inheritance claims requiring upfront payments.
Fraudulent investment schemes in Trinidad and Tobago exploit enthusiasm for forex trading and passive income, targeting savers through social media and community networks.
Sextortion scammers target residents of Trinidad and Tobago through fake online relationships, threatening to share intimate content with family and contacts unless paid.
Romance scammers target residents of Trinidad and Tobago through social media, building false relationships over weeks before manufacturing crises that require money.
Cryptocurrency fraud is rising in Trinidad and Tobago as scammers exploit growing digital asset interest and a developing regulatory environment.
Fraudulent recruitment agencies in Trinidad and Tobago charge job-seekers upfront fees for non-existent positions, particularly in oil and gas, healthcare, and hospitality.
Fraudulent online shops targeting Trinidadian and Tobagonian shoppers collect payment for electronics, clothing, and household goods that are never delivered.
Advance-fee fraud targets Belizeans with fake lottery notifications, inheritance claims, and business contract offers that demand upfront payments before any benefit is delivered.
Fraudulent booking sites steal deposits from travellers planning Belize trips by impersonating genuine eco-lodges, dive operators, and tour companies.
Fraudulent investment schemes target Belizean savers with fake real-estate, forex, and cryptocurrency opportunities, exploiting limited regulated investment options.
Romance scammers target Belizeans and diaspora members through social media, cultivating emotional bonds before engineering financial crises that require money transfers.
Cryptocurrency fraud in Belize exploits limited regulated investment options and growing digital-asset interest, with fake trading platforms and token schemes circulating on social media.
Fraudulent recruitment agencies in Belize collect fees from job-seekers for non-existent tourism, agriculture, and overseas positions.
Fake job offers circulating through Belize's WhatsApp networks promise easy online income before extracting deposits that are never returned.
Fraudulent holiday accommodation sites steal deposits from tourists planning Montenegro trips by impersonating real coastal villas and apartment rentals.
Fraudulent investment schemes in Montenegro target locals and foreign residents with fake real-estate, forex, and crypto opportunities in a market experiencing significant property interest.
Pig-butchering fraud combines cultivated online relationships with fake investment platforms to drain Montenegrin residents and expatriates over extended periods.
Fraudulent recruitment agencies in Montenegro charge job-seekers fees for non-existent positions in Western Europe and the Gulf states.
Advance-fee fraud targets Montenegrin residents with fake business contracts, property-sale proceeds, and EU grant schemes requiring upfront payments.
Romance scammers target Montenegrin residents and tourists through social media, building emotional bonds before manufacturing financial crises.
Albania has historical experience of devastating Ponzi scheme collapses and continues to see investment fraud targeting savers through forex, crypto, and fake business ventures.
Fraudulent accommodation booking sites steal deposits from tourists planning trips to Albania's Riviera and historic cities by impersonating real guesthouses and hotels.
Advance-fee fraud targets Albanian residents and diaspora with fake business grants, EU funding opportunities, and inheritance claims requiring upfront payments.
Fraudulent recruitment agencies in Albania charge job-seekers fees for non-existent positions in Western Europe and the Gulf, exploiting high demand for legal emigration.
Cryptocurrency fraud is growing in Albania as scammers exploit limited regulatory oversight and the appeal of digital assets among younger, digitally connected Albanians.
Pig-butchering fraud combines cultivated online relationships with fake investment platforms to drain Albanian residents and diaspora members over extended periods.
Romance scammers target Albanian residents and diaspora through social media, cultivating emotional bonds before engineering financial crises.
Long-con romance-plus-investment fraud targeting Brazilian users through WhatsApp and Instagram, ending in devastating crypto losses.
Fraudulent investment platforms mimicking regulated Brazilian fintechs or foreign exchanges that fabricate profits then vanish with deposited funds.
Fraudulent job offers sent via WhatsApp promising remote work or quick earnings that funnel victims into task-based money-laundering or upfront fee traps.
SMS and WhatsApp phishing messages impersonating Brazilian couriers such as Correios, Mercado Livre, or Shopee to harvest credentials and banking data.
Sextortion schemes that begin as romantic connections on dating apps or social media, then threaten to share intimate images unless payments are made.
Classic prepayment fraud adapted for Brazilian audiences, promising lottery prizes, inheritance windfalls, or business contracts that require upfront fees to release.
Criminals hijack Brazilian mobile numbers by fraudulently porting them to a new SIM, then drain bank accounts and crypto wallets that rely on SMS authentication.
Fraudulent e-commerce sites that mimic legitimate Brazilian retailers, collect payment via boleto or PIX, and never deliver the ordered goods.
Long-con romance-investment fraud targeting Mexican users through WhatsApp and Facebook, ending in large cryptocurrency losses.
Fraudulent online task schemes promising easy peso earnings for liking videos or rating apps that require escalating deposits to unlock accumulated balances.
Fraudsters impersonating Mexican federal police, FGR prosecutors, or INTERPOL demand immediate payments to resolve fabricated legal violations or arrest warrants.
Fraudulent travel and accommodation booking sites targeting tourists visiting Mexico with non-existent rentals, tours, or hotel reservations.
Unlicensed investment schemes promising above-market returns in pesos or dollars that collapse and vanish with investor funds.
Fraudsters impersonating Mexico's SAT (Servicio de Administración Tributaria) demand immediate tax payments or threaten criminal prosecution for fabricated tax debts.
Sextortion schemes targeting Mexican users through dating apps and social media by building romantic trust and then threatening to expose intimate images.
Fake apartment and house rental listings targeting domestic movers and expats in Mexico with non-existent or misrepresented properties requiring upfront deposits.
Long-con romance-investment fraud spreading through WhatsApp and Telegram in Indonesia, exploiting crypto enthusiasm and online dating culture to steal large sums.
Fake online task platforms in Indonesia luring workers with rupiah earnings for liking videos or writing reviews, then demanding escalating deposits to withdraw accumulated balances.
Fraudulent job recruiters targeting Indonesian workers with fabricated overseas job offers — some leading to trafficking situations in Southeast Asian scam compounds.
Fraudulent cryptocurrency schemes targeting Indonesian investors through Telegram pump-and-dump groups, unregistered exchanges, and fake token launches.
Fraudulent Indonesian e-commerce stores and social commerce sellers collecting payment via bank transfer or QRIS then failing to deliver goods.
Criminals hijacking Indonesian mobile numbers to intercept OTP codes and drain mobile banking and e-wallet accounts.
Long-con romance-investment fraud targeting Vietnamese users through Zalo, Facebook, and Telegram with fake crypto trading platforms.
Fake Vietnamese online task platforms promising VND earnings for simple online work that require escalating deposits to unlock accumulated balances.
Fraudulent overseas job recruiters targeting Vietnamese workers with illegal employment offers — some leading to forced labor in Southeast Asian scam compounds.
Sextortion schemes targeting Vietnamese users through Facebook and Zalo with fabricated romantic relationships ending in threats to share intimate content.
Fraudsters impersonating Vietnam's General Department of Taxation (TCT) or Ministry of Finance to demand immediate tax payments under threat of legal action.
Unlicensed securities, forex, and virtual asset investment schemes targeting Vietnamese investors with high promised returns and no regulatory oversight.
Long-con romance-investment fraud targeting Korean users through KakaoTalk and investment-themed SNS communities with fake crypto and stock trading platforms.
Fraudulent stock and crypto trading platforms mimicking FSC-licensed Korean brokerages that fabricate gains then refuse withdrawals.
Voice phishing (boice phishing) fraudsters impersonating Korean prosecutors, police, or FSS officials demand urgent fund transfers to fabricated 'safe accounts'.
Sextortion schemes targeting Korean users through social media and dating apps, rapidly escalating to threats to share intimate recordings with contacts.
Fraudulent cryptocurrency schemes targeting Korean investors through Telegram trading groups, unregistered VASPs, and pump-and-dump operations on low-cap tokens.
Prepayment fraud targeting Korean victims with lottery wins, government subsidies, or inheritance claims requiring upfront fees before funds can be released.
Long-con romance-investment fraud targeting Japanese users through Line, Instagram, and matchmaking apps with fake crypto and FX trading platforms.
Fraudulent FX and crypto trading platforms targeting Japanese investors by mimicking FSA-licensed brokerages and fabricating yen-denominated returns.
Ore ore sagi (it's me fraud) and kanreisha sagi (related-person fraud) calls impersonating police, prosecutors, or family members to steal cash or bank transfers from Japanese victims, especially the elderly.
Sextortion targeting Japanese users through social media and dating apps, with threats to distribute intimate content to contacts or employers.
Fraudulent travel and accommodation booking sites targeting inbound visitors to Japan with non-existent ryokan, hotels, and tour bookings.
Prepayment fraud targeting Japanese victims with lottery prizes, foreign inheritance, and government subsidy claims that require successive upfront fees.
Long-con romance-investment fraud targeting Thai users through Line and Facebook, often operated from scam compounds near Thailand's borders.
Fraudulent job offers targeting Thai workers with overseas positions — some leading to trafficking into scam compounds in Myanmar, Laos, and Cambodia.
Sextortion schemes targeting Thai users and foreign visitors through dating apps and social media with threats to share intimate content unless payment is made.
Unlicensed investment and cryptocurrency schemes targeting Thai investors with high promised returns in baht, exploiting growing retail investor appetite.
SMS and Line phishing messages impersonating Thai couriers like Kerry Express, Flash Express, or Thailand Post to harvest banking credentials.
Fraudsters impersonating Thai police or DSI agents via call center operations, claiming victims are implicated in crimes and demanding immediate baht payments.
Long-con romance-investment fraud targeting Egyptian users through WhatsApp and Facebook with fake crypto and forex trading platforms.
Fraudsters impersonating Egyptian police, prosecutors, or tax officials to extort payments from citizens by threatening fabricated criminal investigations.
Unlicensed forex, gold, and pyramid investment schemes targeting Egyptian investors seeking EGP-inflation hedges with promises of high guaranteed returns.
Prepayment fraud targeting Egyptians and diaspora members with foreign lottery prizes, Gulf inheritance claims, or government grant notifications requiring upfront fees.
Fraudulent fundraising campaigns impersonating Egyptian charities, Islamic giving platforms, or regional humanitarian causes to divert zakat and sadaqah donations.
Fraudulent job offers circulated via WhatsApp targeting Egyptian job-seekers with Gulf work promises or domestic remote positions requiring upfront fees.
Criminals hijacking Korean mobile numbers to intercept OTP codes and drain online banking and crypto exchange accounts.
Fraudulent job offers and part-time work scams distributed through KakaoTalk in South Korea, including task-deposit schemes and fake corporate recruiters.
Fraudulent Korean e-commerce sites and social commerce sellers collecting payment then failing to deliver goods or sending counterfeits.
Fraudulent Vietnamese e-commerce stores on Shopee, TikTok Shop, and standalone sites collecting payment via bank transfer then delivering nothing or counterfeits.
Criminals hijacking Thai mobile numbers to intercept OTP codes and drain PromptPay and mobile banking accounts.
Fraudulent Egyptian e-commerce shops on Facebook and Instagram collecting payment via Vodafone Cash or bank transfer for goods never delivered.
Fraudulent cryptocurrency schemes targeting Egyptian investors through Telegram and WhatsApp groups with unlicensed platforms and pump-and-dump operations.
SMS phishing messages impersonating Egyptian couriers or Aramex to harvest banking credentials or collect fake customs fees.
Sextortion schemes targeting Indonesian users through dating apps and social media with threats to distribute intimate content unless payment is made.
Prepayment fraud targeting Indonesians with lottery wins, foreign inheritance, and government subsidy notifications requiring upfront fees to release promised funds.
SMS and Zalo phishing messages impersonating Vietnamese couriers such as Giao Hang Nhanh, Vietnam Post, or J&T Express to harvest banking credentials.
Fraudulent job offers distributed via WhatsApp targeting Indonesian job-seekers with remote work or overseas positions requiring advance fees.
Fraudulent travel and accommodation booking sites targeting Indonesian domestic tourists and foreign visitors with fake hotel and villa reservations.
Criminals hijacking Japanese mobile numbers to intercept OTP codes and drain mobile banking and investment accounts.
Fraudulent travel and accommodation booking sites targeting tourists and domestic travelers in Thailand with non-existent hotel, resort, and tour reservations.
Prepayment fraud targeting Thai victims with lottery wins, government welfare notifications, and inheritance claims that require upfront fees before funds are released.
SMS and WhatsApp phishing messages impersonating Indonesian couriers JNE, J&T, or SiCepat to harvest mobile banking credentials or collect fake delivery fees.
Fraudulent fund recovery services targeting Brazilian victims of prior investment and crypto scams, charging fees to 'recover' lost funds that are never returned.
How long-con cryptocurrency investment fraud operates in Turkey, targeting victims through social media and fake trading platforms.
How fraudulent investment schemes exploit Turkey's high-inflation economy to steal savings from individuals seeking better returns.
The landscape of cryptocurrency fraud in Turkey, from fake exchanges to pump-and-dump schemes targeting retail investors.
How fraudulent forex and crypto trading websites deceive Turkish investors with fabricated dashboards and impossible returns.
How sextortion and romance-based blackmail schemes target Turkish individuals online, exploiting social stigma to extract money.
How fraudsters impersonating Turkish police officers and prosecutors frighten victims into transferring money to 'secure accounts'.
How fraudulent job offers targeting Turkish jobseekers lead to financial loss, data theft, or trafficking into forced scam operations.
How advance fee fraud — including fake inheritance and prize schemes — targets Turkish residents and expatriates.
How criminals in Turkey hijack mobile numbers to bypass SMS two-factor authentication and drain bank and crypto accounts.
How long-con crypto investment fraud targets Saudi residents and expatriate workers through WhatsApp and Telegram.
Fraudulent investment schemes targeting Saudi residents, from unlicensed forex platforms to fake real-estate investment opportunities.
How sextortion schemes exploit Saudi social norms and digital platforms to extort money from individuals through threats of exposure.
How fraudsters impersonating Saudi authorities intimidate residents into transferring money or revealing account details.
How fake job offers via WhatsApp target Saudi residents and expatriates, leading to fee theft and data harvesting.
How fake micro-task job platforms in Saudi Arabia defraud participants by requiring deposits to unlock promised earnings.
How fraudulent e-commerce sites targeting Saudi shoppers take payment for goods that are never delivered.
How fraudsters targeting Saudi fraud victims offer fake fund recovery services to steal a second time.
How long-con cryptocurrency investment fraud targets Kenyans through social media and fake trading apps, often linked to M-Pesa payments.
Fraudulent investment schemes targeting Kenyans, from Ponzi structures using M-Pesa to fake savings and loan platforms.
How fake micro-task platforms defraud Kenyan participants by requiring M-Pesa deposits to unlock promised earnings.
How fake job offers via WhatsApp exploit Kenyan jobseekers with fee demands, data theft, and false overseas employment promises.
How romance fraudsters build fake relationships with Kenyans on Facebook and dating apps to solicit money and personal data.
How fraudulent SMS and WhatsApp delivery notifications phish Kenyan recipients for M-Pesa payments and personal data.
How advance fee fraud — from fake inheritance offers to government grant scams — targets Kenyan individuals via phone and email.
How long-con cryptocurrency investment fraud targets Pakistani residents and overseas Pakistanis through WhatsApp and Telegram.
Fraudulent investment schemes in Pakistan, from unlicensed forex brokers to pyramid schemes spreading through WhatsApp networks.
How fake job offers circulating on WhatsApp target Pakistani jobseekers with fee demands and false overseas employment promises.
How fraudulent recruiters in Pakistan extract fees from jobseekers and, in the most serious cases, traffic individuals abroad.
How criminals in Pakistan use SIM hijacking to take over mobile banking and accounts, exploiting weak SIM replacement controls.
How sextortion scams target Pakistani individuals using fake romantic personas and exploit social stigma to extort money.
How fraudsters impersonating Pakistani law enforcement frighten residents into paying false fines or revealing banking credentials.
How long-con crypto investment fraud targets Bangladeshis through Facebook and WhatsApp, often tied to bKash payment flows.
How fake micro-task platforms target Bangladeshi workers with bKash deposit demands disguised as unlocking earned commissions.
How fraudulent WhatsApp job offers exploit Bangladeshi jobseekers with fee demands and false overseas employment promises.
How fraudulent recruitment operators in Bangladesh exploit overseas employment aspirations, including trafficking into forced labour.
How sextortion schemes exploit Bangladeshi victims through fake online relationships and social stigma to demand bKash payments.
How long-con crypto investment fraud targets Colombians through WhatsApp and Instagram using fake trading platforms.
Fraudulent investment schemes in Colombia, from pyramid operations to fake real estate and commodity trading platforms.
How sextortion operations target Colombian victims through fake online relationships and threats of content exposure.
How fraudsters impersonating Colombian police or DIAN officials intimidate residents into paying fabricated fines or taxes.
How fraudulent e-commerce sites targeting Colombian shoppers collect payment for goods that are never delivered.
How advance fee fraud targets Colombians through fake inheritance claims, prize notifications, and government grant impersonation.
How long-con cryptocurrency investment fraud exploits Argentina's inflation crisis and dollar appetite to trap Argentine investors.
Fraudulent investment schemes targeting Argentines with promises of dollar returns, from fake brokers to pyramid structures.
How fraudulent e-commerce sites targeting Argentine shoppers collect payment for goods that are never delivered.
How sextortion schemes target Argentine victims through fake online relationships on social media and dating apps.
How SIM hijacking enables criminals in Argentina to take over WhatsApp accounts, mobile banking, and crypto wallets.
How long-con cryptocurrency investment fraud targets Hong Kong residents through WhatsApp and dating apps, with high average losses.
How fraudulent investment schemes targeting Hong Kong residents range from fake licensed brokers to sophisticated Ponzi structures.
How sextortion schemes target Hong Kong residents on dating apps and social media, with high financial and reputational stakes.
How fraudulent crypto and forex trading websites deceive Hong Kong investors by cloning real SFC-licensed exchange branding.
How SIM hijacking in Hong Kong enables attackers to bypass banking OTPs and drain HKD accounts via faster payment systems.
How fraudsters target Hong Kong scam victims with fake fund recovery services to steal a second and larger time.
How fraudulent hotel and travel booking websites target Hong Kong travellers with payments for non-existent reservations.
How long-term crypto investment fraud targets Italian residents through WhatsApp, Telegram and fake piattaforme di trading.
Fraudulent investment portals impersonating CONSOB-regulated Italian brokers rob victims of savings through high-pressure online trading schemes.
Fraudulent apartment and holiday rental listings on Italian portals extract deposits from tenants who never receive keys or access.
Fraudsters impersonating the Agenzia delle Entrate demand urgent tax payments or personal data from Italian residents by phone, email and SMS.
Sextortion and romance blackmail operations target Italian men and women on dating apps and social platforms, threatening to expose intimate content to family and colleagues.
Smishing messages posing as BRT, SDA, GLS or Poste Italiane trick Italian shoppers into surrendering card data or installing malware.
Classic 419-style advance-fee fraud reaches Italian residents through email, WhatsApp and social media, promising inheritances, lottery prizes or business deals.
Bogus job offers on LinkedIn and local Italian platforms extract personal data and fees from job-seekers under the guise of employment screening.
Criminals convince Italian mobile operators to transfer a victim's number to a new SIM card, bypassing SMS-based two-factor authentication to drain bank accounts.
Crypto investment fraud targeting Spanish residents via WhatsApp and Telegram, using fake CNMV-branded platforms to steal retirement savings.
Fraudulent holiday and long-term rental listings on Spanish portals extract deposits from tenants who never receive keys or access to properties.
Criminals impersonating the Agencia Tributaria (AEAT) demand immediate payments or personal data from Spanish taxpayers via email, SMS and phone.
Sextortion operations use dating apps and social media to blackmail Spanish victims with intimate content, demanding crypto or bank transfer payments.
Fraudulent investment schemes targeting Spanish savers promise high returns on Forex, crypto and real estate while stealing capital through unregulated platforms.
Smishing messages impersonating Correos, MRW and DHL steal card data from Spanish shoppers with fake parcel-release payment demands.
Cloned hotel and holiday booking platforms steal payments from tourists planning trips to Spain by intercepting bookings outside legitimate platforms.
Work-from-home task fraud recruits Spanish workers through WhatsApp and Telegram with simple microtask promises that require upfront crypto deposits.
Criminals impersonating Policía Nacional or Guardia Civil officers coerce Spanish residents into paying fabricated fines or surrendering banking details.
Classic 419-style fraud reaches Spanish residents through email and WhatsApp, promising inheritances, lottery winnings or business commissions to solicit advance fees.
Long-term crypto romance investment fraud targets French residents through LinkedIn, WhatsApp and Telegram with platforms mimicking AMF-regulated brokers.
Fraudsters impersonating the Direction Générale des Finances Publiques (DGFiP) steal payments and personal data from French taxpayers via phishing emails and fake tax portals.
Fraudulent apartment listings on Le Bon Coin and PAP extract caution deposits from French renters and students seeking accommodation in tight urban markets.
Smishing campaigns impersonating La Poste, Colissimo and DPD steal card details from French online shoppers with fake parcel-release fee demands.
Fraudulent investment schemes targeting French savers through social media ads, cold calls and clone brokers steal retirement savings under the guise of regulated financial products.
Sextortion operations target French men and women through dating apps and social media, threatening intimate content disclosure to solicit crypto and bank-transfer payments.
Criminals impersonating Police Nationale or Gendarmerie officers coerce French residents into paying fabricated fines or transferring funds to fake 'secure accounts'.
Long-term crypto investment romance fraud targets Dutch residents via WhatsApp and LinkedIn, using fake AFM-branded platforms to steal retirement savings.
Smishing campaigns impersonating PostNL and DHL steal banking credentials from Dutch online shoppers with fake parcel tracking links.
Fraudulent housing listings on Funda and Kamernet steal deposits from Dutch renters in one of Europe's most competitive rental markets.
Fraudulent investment firms target Dutch savers with high-yield crypto and Forex promises, exploiting the Netherlands' high financial literacy with credible professional facades.
Crypto investment romance fraud targets Polish residents through Facebook, WhatsApp and fake KNF-regulated platforms, with losses concentrated among mid-career professionals.
Smishing campaigns impersonating InPost, DHL and Poczta Polska steal BLIK codes and banking credentials from Polish online shoppers.
Bogus job offers on Polish portals and LinkedIn extract PESEL numbers, identity documents and fees from job-seekers under the guise of international employment screening.
Classic 419-style fraud reaches Polish residents through email and social media with fabricated inheritance, lottery and business deal offers requiring advance fees.
Crypto investment romance fraud targets Romanian residents and diaspora through Facebook and WhatsApp, with fake ASF-regulated trading platforms stealing savings.
Classic and evolved 419-style fraud reaches Romanian residents through email, Facebook and OLX with fake prizes, inheritances and business opportunities.
Fraudulent job offers in Romania and abroad extract identity data and fees from Romanian job-seekers through fake HR processes and illegal employment agencies.
Crypto investment romance fraud targets Ukrainian residents and refugees through Telegram and Viber with fake NSSMC-branded platforms and promises of financial stability.
Fraudulent overseas employment offers target Ukrainian job-seekers and displaced persons with upfront fees and identity data collection that leads to exploitation.
Online micro-task fraud on Telegram recruits Ukrainians with simple paid tasks before demanding crypto deposits that are never returned.
Criminals hijack Ukrainian mobile numbers from Kyivstar, Vodafone Ukraine and lifecell to intercept banking OTPs and drain Monobank and PrivatBank accounts.
Crypto investment romance fraud targets Greek residents via Facebook and WhatsApp, using fake HCMC-licensed platforms to steal retirement savings and property equity.
Fraudulent holiday and long-term rental listings on Greek portals and Airbnb target tourists and residents in Athens, Thessaloniki and the Greek islands.
Fraudsters impersonating the Independent Authority for Public Revenue (ΑΑΔΕ) target Greek taxpayers with fake refund notifications and urgent payment demands.
Sextortion operations target Greek men on social media and dating apps, threatening to share intimate content with family and employers unless crypto payments are made.
Classic 419-style fraud reaches Greek residents through email and social media with fake inheritances, EU grants and lottery prizes requiring advance fees.
Clone travel-booking platforms targeting tourists to Greece's islands steal holiday payments with fake hotel and villa confirmations.
Fraudulent Forex, crypto and real-estate investment schemes steal Greek savings through social media advertising and cold-call brokers using fake HCMC credentials.
Smishing campaigns impersonating ΕΛΤΑ and DHL steal card details from Greek online shoppers with fake parcel customs-fee demands.
Unsolicited WhatsApp messages offer Italian residents paid micro-tasks and part-time remote work before steering them into crypto-deposit task-scam schemes.
Fraudulent remote-work offers in French reach victims through WhatsApp and Telegram, converting initial micro-task participation into crypto-deposit schemes.
Fraudulent crypto investment schemes and fake token sales target Dutch investors through Telegram, Discord and Instagram with promises of rapid wealth.
Fraudulent asset-recovery services target Italian victims of prior investment fraud with false promises of fund retrieval in exchange for upfront fees.
Fraudulent humanitarian-aid and military-support collection schemes exploit donors both inside Ukraine and internationally, diverting funds intended for genuine relief.
How long-con cryptocurrency investment fraud targets residents and visitors in the UAE, exploiting its status as a global finance hub.
Fraudulent investment schemes exploiting Dubai's reputation as a global financial centre and high-net-worth expatriate community.
Sextortion and romance fraud targeting expatriates in the UAE, where cultural and legal sensitivities amplify victims' fear of exposure.
Fraudulent job offers exploiting demand for UAE employment, targeting workers from South Asia, the Philippines, and Africa.
Fraudulent hotel and holiday booking platforms targeting tourists visiting Dubai, Ras Al Khaimah, and Abu Dhabi.
How fraudsters hijack UAE phone numbers to bypass two-factor authentication and drain bank accounts.
Classic advance-fee fraud dressed in Gulf wealth narratives, targeting victims with promises of inheritance transfers, oil revenues, or frozen assets.
Fraudulent micro-task and app-rating schemes targeting unemployed residents and new arrivals in the UAE.
Cryptocurrency fraud targeting UAE residents and investors, from fake VARA-licensed exchanges to NFT rug pulls promoted at Dubai events.
Long-con crypto investment fraud targeting Sri Lankans through WhatsApp and Viber, exploiting economic hardship and aspirations for overseas income.
Fraudulent overseas employment offers exploiting Sri Lankans' high rates of labour migration to the Middle East and Southeast Asia.
Sextortion and online romance fraud in Sri Lanka, targeting men on social media with cultural shame amplifying compliance.
Fraudsters impersonating the Inland Revenue Department of Sri Lanka to extort money from businesses and individuals.
Fraudulent investment schemes exploiting Sri Lanka's post-crisis desire for dollar-denominated returns and passive income.
Fake part-time job offers spread via WhatsApp targeting Sri Lankan smartphone users with small upfront fees and escalating deposit demands.
Fraudulent overseas employment agencies in Nepal defrauding migrant workers seeking jobs in the Gulf and Malaysia.
Long-con crypto investment fraud in Nepal, with a disturbing overlap with human trafficking as scam compounds recruit Nepali workers under false pretences.
Fake micro-task and app-rating fraud targeting Nepali users via Telegram and WhatsApp, draining savings through escalating deposit demands.
Classic advance-fee fraud and lottery scams targeting Nepalis with promises of large remittances or foreign prize winnings.
Sextortion and online romance fraud targeting Nepali men via Facebook and Instagram, exploiting cultural shame and limited cyber-crime awareness.
Cambodia has become a global epicentre for pig-butchering operations, with compounds in Sihanoukville, Bavet, and Poipet running industrial-scale crypto investment fraud worldwide.
Fraudulent job offers in Cambodia that lead to trafficking into scam compounds, targeting workers from Vietnam, Myanmar, China, and elsewhere in Southeast Asia.
Cryptocurrency fraud in Cambodia targeting expats and tourists, from fake USDT trading platforms to NFT rug pulls promoted in Phnom Penh circles.
Romance fraud in Cambodia targeting expats and tourists on dating apps, often as a precursor to investment or blackmail scams.
Long-con crypto investment fraud targeting Taiwan residents through LINE, Facebook, and dating apps, with Chinese-language platforms mimicking global exchanges.
Phone scams impersonating Taiwan police, prosecutors, or government officials to extort money from victims under threats of arrest.
Fraudulent investment schemes targeting Taiwan's active retail investor community through LINE groups, social media, and fake financial advisers.
Sextortion and online romance fraud targeting Taiwanese users on social media and dating apps, often linked to regional organised crime networks.
Fraudulent job offers targeting workers from South Asia and Africa seeking employment in Qatar, often linked to kafala-system exploitation.
Long-con cryptocurrency investment fraud targeting Qatar's wealthy expatriate and high-net-worth resident community through WhatsApp and LinkedIn.
Fraudulent accommodation and event booking platforms targeting visitors to Qatar, particularly during major sporting and cultural events.
SIM swap fraud targeting Qatar residents by hijacking Ooredoo or Vodafone Qatar numbers to bypass two-factor authentication.
Israel has a documented history of binary-options and boiler-room investment fraud exported globally and targeting Israeli residents domestically.
Long-con crypto investment fraud targeting Israeli residents and diaspora through WhatsApp, Telegram, and Hebrew-language social media.
Sextortion and romantic fraud targeting Israeli users on dating apps and social media, with scammers exploiting professional and family reputation concerns.
Fake asset-recovery services in Israel targeting previous investment fraud victims with false promises of retrieving lost funds.
Advance-fee fraud targeting Qatar residents with fabricated Gulf wealth, government contract, and oil-payment narratives.
Fake part-time and remote work offers targeting Qatar's large migrant worker population through WhatsApp, promising supplementary income.
Fraudulent investment schemes in Nepal targeting remittance savings and growing domestic investor interest in stocks and real estate.
Smishing scams impersonating Chunghwa Post and major courier services to steal banking credentials from Taiwan smartphone users.
Fraudsters impersonating the Ministry of Finance and National Taxation Bureau of Taiwan to extort immediate payments from residents.
Fraudulent forex and crypto trading platforms targeting Israeli investors with fabricated ISA licences and AI-trading claims.
SIM swap fraud in Israel targeting bank and crypto accounts by hijacking Cellcom, Partner, or Hot Mobile numbers.
Counterfeit riad, hotel, and tour booking platforms targeting tourists visiting Marrakech, Fes, and other Moroccan destinations.
Sextortion and romantic fraud targeting tourists and foreign visitors in Morocco, often with an in-person element in tourist areas.
Classic advance-fee fraud originating from or targeting Morocco, exploiting diaspora transfer narratives and business opportunity stories.
Fraudulent overseas employment offers targeting Moroccans seeking work in Europe, the Gulf, and Canada, collecting fees for non-existent positions.
Long-con cryptocurrency investment fraud targeting Moroccan residents and diaspora via Facebook, WhatsApp, and Arabic-language platforms.
Fraudulent charity appeals exploiting Moroccan earthquake, poverty, and orphan narratives to solicit donations from diaspora and international donors.
SIM swap fraud in Morocco targeting Maroc Telecom and Inwi users to hijack mobile banking and CIH/Attijariwafa accounts.
Fake rental listings in Marrakech, Casablanca, and Agadir targeting foreign renters and returning diaspora with non-existent properties.
Fake online micro-task schemes targeting Cambodian workers and expats through Telegram and WhatsApp with deposit-cycle fraud.
Scammers impersonating Nepal's Inland Revenue Department to demand immediate payment from individuals and small businesses.
Cryptocurrency fraud in Sri Lanka, where limited regulation and economic hardship combine to make fake crypto exchanges and yield schemes damaging.
Smishing scams in Sri Lanka impersonating courier and postal services to steal banking credentials from smartphone users.
Fake international lottery and prize notifications targeting Nepalis with demands for advance processing fees.
Fraudulent charity appeals exploiting Nepal earthquake and poverty narratives to steal donations from diaspora and international donors.
Scammers impersonating Moroccan police and customs officers to extort money from tourists and residents under threat of arrest.
Fraudulent e-commerce platforms selling Moroccan handicrafts, argan products, and fashion to international buyers who receive nothing.
Fraudulent real-estate, cryptocurrency, and business investment schemes targeting expatriates and diaspora investors in Cambodia.
Scammers impersonating the Qatar General Tax Authority (GTA) to extort payments from businesses and expatriates under threat of penalties.
Fraudulent e-commerce websites and social media shops targeting Taiwan buyers with discounted goods that are never delivered.
Cryptocurrency fraud targeting Nepalis through Facebook and Telegram, exploiting limited regulation and diaspora remittance narratives.
Phone and online scams impersonating Israeli Police or the Anti-Money Laundering Authority to extort residents.
Classic advance-fee fraud using Cambodian government contract and NGO fund narratives to extract fees from international victims.
Fraudulent charity and orphanage appeals exploiting Cambodia's development sector reputation to steal donations from well-meaning foreigners.
Fake apartment and villa rental listings targeting expatriates in Phnom Penh and Siem Reap, collecting deposits for non-existent properties.
Scammers impersonating the Israeli Tax Authority (ITA) to demand immediate payments or harvest personal tax credentials.
Fake remote job offers targeting Nepali smartphone users via WhatsApp and Facebook with escalating deposit demands.
Smishing campaigns in Israel impersonating Israel Post and courier services to steal banking credentials.
Criminals port Danish mobile numbers to intercept MitID authentication and drain Danish bank accounts or access government services.
Fraudulent charity appeals targeting Danish donors with fake MobilePay or card donation pages that divert DKK from legitimate causes.
Unlicensed brokers and fake trading platforms targeting Danish savers via social-media celebrity ads and cold calls, draining DKK from bank accounts.
Fraudulent rental listings on BoligPortal and Facebook Marketplace targeting Danish house-hunters with below-market apartments that collect deposits for inaccessible properties.
Romance fraudsters build false relationships with Swiss residents on dating apps to extract CHF through fabricated emergencies or investment funnels.
Fraudulent crypto schemes targeting Swiss residents, exploiting the 'Crypto Valley' brand to lend false credibility to fake exchanges and token offerings.
Fraudulent charity appeals impersonating Swiss humanitarian organisations to collect CHF donations that fund scammers rather than legitimate causes.
Classic advance-fee fraud targeting Swiss residents through email and WhatsApp, promising large CHF inheritances or business windfalls in exchange for upfront fees.
Fraudulent cryptocurrency schemes targeting Norwegian residents through social media and fake exchanges, exploiting Norway's high crypto-awareness.
Fake micro-task job offers targeting Swedish residents on WhatsApp and Telegram, requiring upfront deposits that are never returned.
Fraudulent accommodation and experience booking platforms targeting tourists and expats in Portugal, collecting EUR payments for stays or activities that do not exist.
Classic advance-fee fraud targeting Czech residents via email and social media, promising large CZK windfalls contingent on upfront fee payments.
Fraudulent rental ads on Sreality.cz and Facebook targeting Czech house-hunters, collecting CZK deposits for properties that are not available.
Fraudsters impersonate Policie ČR or Europol officers to extort CZK payments from Czech residents under threat of arrest.
Criminals port Swedish mobile numbers to their own SIMs to intercept BankID authentication and drain Swedish bank accounts.
Fraudulent job offers targeting Belgian jobseekers on LinkedIn and Indeed, collecting personal data or advance fees under the guise of EU-sector or multinational recruitment.
Fake work-from-home job offers targeting Austrian residents on WhatsApp, requiring upfront deposits disguised as equipment fees or training costs.
Unlicensed investment platforms and boiler-room operations targeting Czech savers with fraudulent CZK and EUR trading products.
Fraudulent cryptocurrency schemes targeting Czech investors through fake exchanges and pump-and-dump token projects denominated in CZK.
Romance-investment fraud targeting Czech residents via WhatsApp and dating apps, steering CZK and EUR into fraudulent crypto platforms.
Fraudsters impersonate the Czech Finanční správa (Financial Administration) to steal online banking credentials or extort CZK payments from Czech residents.
Fraudulent e-commerce sites targeting Czech shoppers with deep discounts on goods that never arrive, using Czech-language interfaces and CZK pricing.
Criminals port Portuguese mobile numbers to intercept SMS banking OTPs and drain EUR from Multibanco and online banking accounts.
Fraudulent cryptocurrency schemes targeting Portuguese investors and expats, exploiting Portugal's growing fintech profile and NHR crypto tax treatment.
Unlicensed investment platforms and boiler-room operations targeting Portuguese savers and expats through social-media ads and cold calls.
Fraudsters impersonate PSP, GNR, or PJ officers to extort EUR payments or steal banking credentials from Portuguese residents under threat of arrest.
Romance-investment fraud targeting Portuguese residents and expats on WhatsApp and Instagram, steering EUR into fake crypto platforms with Portuguese-language interfaces.
Fraudsters impersonate the Autoridade Tributária e Aduaneira (AT) to steal Portal das Finanças credentials or extort EUR from Portuguese residents.
Fraudulent rental ads on OLX and Idealista targeting Portuguese house-hunters and expats, collecting deposits for properties that are not available.
Criminals port Austrian mobile numbers to intercept SMS banking OTPs and drain EUR from Austrian e-banking accounts.
Fraudulent cryptocurrency schemes targeting Austrian investors through fake exchanges and celebrity-endorsed token projects, exploiting growing crypto interest.
Fraudulent SMS impersonating Österreichische Post and DHL Austria, directing Austrian residents to phishing pages that steal card data or banking credentials.
Fraudulent rental ads on willhaben.at and Immobilienscout24 targeting Austrian house-hunters with below-market listings that collect deposits for inaccessible properties.
Fraudsters impersonate cantonal police or federal authorities in Switzerland to extort CHF payments or steal e-banking credentials from Swiss residents.
Romance-investment fraud targeting Austrian residents through dating apps and WhatsApp, funnelling EUR into fraudulent crypto platforms via EPS and bank transfer.
Fraudsters impersonate Austrian Bundespolizei or Europol officers over the phone, pressuring victims into handing over cash or bank credentials under threat of arrest.
Unlicensed brokers and fake trading platforms targeting Austrian savers via social-media ads and cold calls, exploiting trust in German-language financial branding.
Fraudulent cryptocurrency schemes targeting Belgian investors through fake exchanges and celebrity-endorsed token projects, exploiting Belgium's fintech growth.
Criminals port Belgian mobile numbers to intercept itsme authentication and drain EUR from Belgian bank accounts.
Fraudulent SMS impersonating bpost and DHL Belgium, directing Belgian residents to phishing pages that steal itsme credentials or card data.
Fake rental ads on Immoweb and Facebook Marketplace targeting Belgian house-hunters, collecting deposits for properties that do not exist or are not available.
Fraudsters impersonate Belgian Federal Police or local police zones to extort EUR payments or steal itsme credentials under threat of arrest.
Long-con romance-investment fraud targeting Belgian residents in French and Dutch, funnelling EUR into fake crypto platforms via Bancontact and bank transfer.
Fraudsters impersonate the SPF Finances / FOD Financiën to extort EUR payments or steal itsme credentials from Belgian residents.
Unlicensed investment firms targeting Belgian savers with fraudulent trading platforms and boiler-room calls, exploiting trust in EU financial branding.
Romance-investment fraud targeting Danish residents on social apps, steering DKK into fake crypto platforms under the guise of professional investment mentorship.
Fraudsters impersonate SKAT (Danish Tax Agency) to steal MitID credentials or extort DKK payments from Danish residents.
Fraudulent e-commerce sites targeting Danish shoppers with steep discounts on goods that never arrive, using Danish-language interfaces and DKK pricing.
Fraudsters construct false romantic relationships with Norwegian residents on dating apps to extract NOK and personal data before disappearing.
Classic advance-fee fraud targeting Norwegian residents with fabricated oil-sector contract windfalls or lottery prizes requiring NOK fees to release.
Unlicensed brokers and fake trading platforms targeting Norwegian savers via social-media celebrity ads and cold calls, draining NOK from bank and pension accounts.
Fraudulent SMS impersonating Posten Norge and private couriers in Norway, directing recipients to phishing sites that steal Vipps credentials or card data.
Romance-investment fraud targeting Norwegian residents through social apps, exploiting Vipps payment familiarity to drain NOK into fake crypto platforms.
Fraudsters impersonate Skatteetaten (Norwegian Tax Administration) to extort payments or steal BankID credentials from Norwegian residents.
Fake rental ads on Finn.no and Facebook Marketplace swindling Norwegian house-hunters out of deposits for properties that do not exist or are not available.
Romance fraudsters build false relationships with Swedish residents on dating apps to extract SEK through fabricated emergencies.
Classic advance-fee fraud targeting Swedish residents with fake lottery prizes, EU grants, or business windfalls requiring SEK upfront payments.
Fraudulent charity campaigns targeting Swedish donors with fake appeals for humanitarian causes, diverting SEK donations to scammers.
Fraudulent SMS impersonating PostNord and private couriers in Sweden, directing recipients to phishing sites that steal card details or Swish credentials.
Fake rental listings on Blocket and Facebook Marketplace targeting Swedish house-hunters, collecting deposits for properties that are unavailable or non-existent.
Long-horizon romance-investment fraud hitting Swedish residents via Messenger, WhatsApp, and Bumble, funnelling SEK into fake crypto portals.
Scammers impersonate Skatteverket (Swedish Tax Agency) demanding urgent payments or stealing BankID credentials from Swedish residents.
Unlicensed brokers and fake trading platforms targeting Swedish savers through social media ads and boiler-room calls.
Fraudulent e-commerce sites targeting Swiss shoppers with heavily discounted goods that never arrive, using Swiss-looking domains and payment pages.
Criminals port Swiss mobile numbers to their own SIMs to intercept SMS authentication codes and drain e-banking accounts.
Fraudulent SMS messages impersonating Swiss Post and private couriers, directing recipients to phishing sites that steal card data or install malware.
Long-con romance-investment fraud targeting Swiss residents through WhatsApp and LinkedIn, funnelling CHF into fake crypto platforms.
Fraudulent investment schemes exploiting Switzerland's reputation for financial privacy and stability to defraud residents and expatriates.
Fraudsters impersonate the Swiss Federal Tax Administration (ESTV) to extort payments or steal bank credentials from Swiss residents.
Sextortion schemes targeting Swiss users on dating apps and social platforms, threatening to expose intimate images unless CHF payments are made.
Ghana has long been associated with advance-fee fraud, where victims are promised large sums in exchange for upfront payments that are never returned.
Ghanaian romance-blackmail operations use fake online relationships to obtain intimate images, then threaten exposure unless victims pay.
Fraudulent job offers targeting Ghanaian jobseekers promise overseas or high-paying local roles in exchange for upfront fees, leaving victims out of pocket and unemployed.
Ponzi schemes and fraudulent investment platforms have caused catastrophic losses in Ghana, targeting savers with promises of extraordinary returns.
Cryptocurrency fraud is growing rapidly in Ghana as low regulatory oversight and rising smartphone penetration create fertile ground for fake exchanges and coin promotions.
Task scams targeting Ghanaian workers offer easy online micro-jobs but ultimately trick participants into making deposits they can never recover.
SIM swap fraud allows criminals to take over a victim's mobile number in Ghana and drain linked mobile money wallets and bank accounts.
Fraudulent charity appeals exploit Ghanaian generosity and communal values, diverting donations meant for flood victims, orphans, and disaster relief.
Advance-fee fraud in Tanzania preys on the aspiration for sudden wealth, using inheritance stories, contract windfalls, and lottery notices to extract repeated upfront payments.
Pig-butchering scams reach Tanzanian victims through WhatsApp and Facebook, combining fake romantic relationships with fraudulent crypto investment platforms.
Fraudulent job offers circulate widely in Tanzania, promising positions in the Gulf, Europe, and South Africa while collecting fees from desperate jobseekers.
SIM swap fraud in Tanzania exploits M-Pesa and other mobile money wallets, allowing criminals to drain victims' savings after taking over their phone number.
Fraudulent investment schemes in Tanzania promise extraordinary returns via forex, crypto, and savings clubs, then collapse and disappear with participants' money.
Romance scams in Tanzania exploit emotional vulnerability on Facebook and dating apps, eventually leading to fabricated emergencies that require the victim to send money.
Fraudulent job offers spread through Tanzanian WhatsApp groups, promising flexible online income that ultimately extracts registration fees or deposits.
Fraudsters impersonate the Tanzania Revenue Authority to threaten businesses and individuals with penalties unless immediate payments are made.
Fake parcel-delivery SMS messages trick Tanzanian recipients into paying customs or redelivery fees for packages that do not exist.
Advance-fee fraud in Uganda exploits mobile money infrastructure, luring victims with promises of business contracts, inheritances, and cash prizes that require upfront payments.
Ugandan savers lose millions of shillings annually to Ponzi schemes, fake forex platforms, and fraudulent savings clubs promising returns that legitimate markets cannot deliver.
Fraudulent job agencies in Uganda promise lucrative overseas positions while collecting processing fees from applicants who never receive employment.
Sextortion operations in Uganda use fake romantic relationships to obtain intimate images and then threaten victims with exposure unless they pay.
Cryptocurrency fraud is growing in Uganda as social media promotions for fake tokens and unregulated trading platforms target first-time investors.
Fake online task jobs spread through Ugandan WhatsApp and Telegram groups, promising income for simple clicks before extracting deposits that are never returned.
Fraudulent online shops on social media target Ugandan consumers with deep discounts on electronics, clothes, and appliances, then fail to deliver anything.
Pig-butchering fraud reaches Ugandan victims through Facebook and WhatsApp, combining fabricated romantic interest with fake crypto investment platforms.
Fake foreign lottery notifications target Ugandans with implausible prize claims, requiring a series of fees before a prize that does not exist can be collected.
Advance-fee fraud in Senegal exploits Orange Money and Wave mobile payment networks to collect fees from victims promised inheritances, contracts, and lottery prizes.
Fraudulent investment platforms and Ponzi schemes targeting Senegalese savers promise extraordinary returns via forex, crypto, and community savings networks.
Fraudulent job agencies in Senegal promise positions in Europe and the Gulf while collecting processing fees, leaving applicants out of pocket and unemployed.
Sextortion networks in Senegal use fabricated online relationships to obtain intimate material and extort victims via Orange Money and Wave.
Pig-butchering scams reach Senegalese victims via Facebook and WhatsApp with romantic overtures that lead to fraudulent crypto investment platforms.
Romance fraud in Senegal targets emotionally vulnerable people on Facebook and dating apps, building fake relationships before soliciting money for fabricated emergencies.
SIM swap fraud in Senegal hijacks Orange Money and Wave accounts by taking over victims' mobile numbers, enabling instant drainage of their mobile wallets.
Fake online task jobs circulate on Senegalese WhatsApp and Telegram networks, promising easy income for clicks and reviews before demanding deposits that vanish.
Cryptocurrency fraud is increasing in Senegal as fake exchanges and influencer-promoted tokens target savers with promises of rapid wealth.
Fraudulent investment schemes in Bahrain target both local residents and the large expat community with unlicensed forex platforms, Ponzi products, and unregistered funds.
Pig-butchering operations target Bahrain's well-educated expat and local professional community through social media, combining romance and crypto investment fraud.
Fraudulent job offers targeting people seeking Gulf employment promise positions in Bahrain while collecting visa and processing fees that lead nowhere.
Advance-fee fraud in Bahrain targets residents with fabricated inheritance and contract stories, exploiting the country's financial hub status to add credibility.
Cryptocurrency fraud targets Bahrain's affluent professional community through fake exchanges, unregulated token sales, and social media promotions.
Criminals impersonating Bahraini police officers and government officials pressure residents into making immediate payments to avoid fabricated legal consequences.
Sextortion networks target Bahrain's residents and expats through social media, exploiting intimate images to extort payments using Gulf social stigma as leverage.
Fraudulent e-commerce stores and social media shops in Bahrain collect payments for electronics, luxury goods, and clothing that are never delivered.
Fraudulent property rental listings in Bahrain advertise appealing apartments at below-market rates, collecting deposits from victims who discover the property was never available.
Unlicensed investment platforms and Ponzi schemes target Oman's residents and expats, exploiting the country's conservative financial culture with promises of Sharia-compliant returns.
Fraudulent job offers targeting people seeking employment in Oman collect visa fees and processing charges while providing no genuine positions.
Advance-fee fraud targeting Oman's residents uses fabricated inheritance stories, government contract windfalls, and charitable donations to extract repeated upfront payments.
Pig-butchering scams target Oman's professional community on WhatsApp and Instagram with fabricated romantic relationships leading to fake crypto investment platforms.
Criminals impersonating Royal Oman Police officers and government officials pressure residents into immediate payments to avoid fabricated legal consequences.
Fraudulent social media shops and cloned websites target Oman's consumers with discounted electronics and luxury goods that are never delivered after payment.
Sextortion networks target Oman's residents by building fake online relationships then threatening to share intimate images unless victims pay.
Criminals impersonate the Oman Tax Authority to threaten residents with penalties unless immediate payments are made via phone or online transfer.
Fake job offers spread via WhatsApp in Oman targeting both locals and expats with promises of easy flexible income that end in deposit traps.
Fraudulent investment schemes target Kuwait's high-income population and large expat community with unlicensed forex platforms, fake funds, and crypto Ponzi products.
Pig-butchering operations target Kuwait's affluent population through Instagram and WhatsApp, building fake romantic or professional relationships before directing victims to fraudulent crypto platforms.
Fraudulent job agencies target people seeking employment in Kuwait with lucrative-sounding positions, then collect processing fees before disappearing.
Advance-fee fraud in Kuwait uses fabricated inheritance and government contract stories to extract repeated payments from residents and their overseas contacts.
Criminals impersonating Kuwait police and government officials pressure residents and expats into immediate payments to avoid fabricated legal consequences.
Cryptocurrency fraud targets Kuwait's affluent residents through social media promotions for fake exchanges and unregistered token offerings.
Sextortion networks exploit Kuwait's conservative social values to extort residents by threatening to share intimate images with family and employers.
Fraudulent Snapchat and Instagram shops in Kuwait offer discounted electronics, luxury goods, and branded items that are never delivered after payment.
Fake apartment and villa rental listings in Kuwait collect deposits from newcomers seeking accommodation, with properties that are unavailable or non-existent.
Kazakhstan's growing digital economy and active retail investor community are targeted by Ponzi schemes, fake forex brokers, and unregistered investment platforms promising extraordinary returns.
Kazakhstan is a significant crypto mining and trading hub, and its high crypto adoption rate is exploited by fake exchanges, fraudulent token sales, and mining investment scams.
Pig-butchering fraud targets Kazakhstan's professional class via Telegram and Instagram, combining fake romantic or professional relationships with fraudulent crypto investment platforms.
Advance-fee fraud targets Kazakhstani residents with inheritance stories, government grant notices, and international business deals that all require upfront fee payments.
Fraudulent job advertisements targeting Kazakhstanis promise overseas or high-paying domestic positions while collecting processing fees from applicants who receive nothing.
SIM swap fraud in Kazakhstan hijacks Kaspi Bank and mobile banking accounts by taking control of the victim's phone number to bypass SMS authentication.
Fraudulent online shops and Instagram accounts in Kazakhstan collect Kaspi payments for electronics and clothing that are never shipped.
Criminals impersonate the State Revenue Committee of Kazakhstan to threaten residents and businesses with penalties unless immediate payments are made.
Fake online task jobs spread via WhatsApp and Telegram in Kazakhstan with promises of easy income that end in Kaspi deposit traps.
Long-con crypto investment fraud targeting Finnish residents through dating apps and messaging platforms, fattening victims with fake profits before draining their savings.
Fraudsters impersonate Verohallinto (the Finnish Tax Administration) by text, email, and phone, demanding payments or harvesting bank credentials through fake refund notices.
Smishing texts impersonating Posti and parcel couriers tell Finnish recipients a package is held pending a small fee, leading to card theft and recurring charges.
Bogus recruiters approach Finnish jobseekers on LinkedIn and messaging apps with remote roles that exist only to harvest personal data or extract upfront equipment fees.
Sextortion rings befriend Finnish users on dating apps and social media, obtain intimate images, then threaten to expose them to family and colleagues unless paid.
Fraudsters re-target Finnish scam victims by posing as recovery agents, lawyers, or regulators who promise to retrieve lost funds in exchange for upfront fees.
Fake apartment listings in Helsinki, Tampere, and other cities lure renters and students into paying deposits for homes that are not available or do not exist.
Counterfeit webshops advertised to Finnish shoppers on social media take payment for discounted goods that never arrive or are worthless imitations.
Unlicensed brokers and fake funds pitch Finnish investors guaranteed returns through cold calls and online ads, then block withdrawals once money is deposited.
Callers impersonating Hungarian police or prosecutors tell victims their bank account is compromised and pressure them to move savings to a 'safe account' or hand cash to a courier.
Fraudsters impersonate Hungary's NAV tax authority with fake refund and arrears messages designed to steal banking logins or extract immediate payments.
Long-con crypto investment fraud reaches Hungarian victims through dating apps and messaging platforms, building trust before steering them into fake trading platforms.
Unsolicited WhatsApp messages offer Hungarian jobseekers easy part-time online work, then trap them in task schemes that demand deposits to unlock fake earnings.
Smishing texts impersonating Magyar Posta and couriers tell Hungarian recipients a parcel is held pending a fee, capturing card details and enrolling victims in hidden charges.
Sextortion operations befriend Hungarian users on dating apps and social media, obtain intimate images, then threaten exposure to contacts unless payment is made.
Unlicensed brokers and fake funds pitch Hungarian investors guaranteed returns through ads and cold calls, then block withdrawals behind invented fees.
Counterfeit webshops advertised to Hungarian shoppers on social media take payment for discounted goods that never arrive or are worthless imitations.
Victims in Hungary are promised inheritances, lottery prizes, or business windfalls that require upfront fees, taxes, or 'clearance' payments that are never returned.
Fraudulent accommodation listings and cloned booking pages target tourists heading to the Croatian coast, taking payment for apartments and villas that do not exist.
Fake long-term rental adverts in Zagreb, Split, and coastal cities lure tenants and seasonal workers into paying deposits for apartments that are not available.
Long-con crypto investment fraud targets Croatian victims through dating apps and messaging, building trust before steering them into fake trading platforms.
Smishing texts impersonating Hrvatska posta and couriers tell Croatian recipients a parcel is held pending a fee, capturing card details and triggering hidden charges.
Unsolicited WhatsApp messages offer Croatian jobseekers easy online work, then trap them in task schemes demanding deposits to unlock fake earnings.
Sextortion operations befriend Croatian users on dating apps and social media, obtain intimate images, then threaten exposure to contacts unless payment is made.
Unlicensed brokers and fake funds pitch Croatian investors guaranteed returns through ads and cold calls, then block withdrawals behind invented fees.
Counterfeit webshops advertised to Croatian shoppers on social media take payment for discounted goods that never arrive or are worthless imitations.
Callers impersonating Croatian police or prosecutors warn victims their account is compromised and pressure them to move savings to a 'safe account' or hand over cash.
Long-con crypto investment fraud targets Slovenian victims through dating apps and messaging, building trust before steering them into fake trading platforms.
Fraudsters impersonate Slovenia's FURS tax authority with fake refund and arrears messages designed to steal banking logins or extract immediate payments.
Smishing texts impersonating Posta Slovenije and couriers tell Slovenian recipients a parcel is held pending a fee, capturing card details and hidden charges.
Bogus recruiters approach Slovenian jobseekers on LinkedIn and messaging apps with remote roles that exist only to harvest data or recruit money mules.
Sextortion operations befriend Slovenian users on dating apps and social media, obtain intimate images, then threaten exposure to contacts unless payment is made.
Unlicensed brokers and fake funds pitch Slovenian investors guaranteed returns through ads and cold calls, then block withdrawals behind invented fees.
Fake apartment listings in Ljubljana, Maribor, and coastal towns lure tenants and students into paying deposits for homes that are not available.
Counterfeit webshops advertised to Slovenian shoppers on social media take payment for discounted goods that never arrive or are worthless imitations.
Victims in Slovenia are promised inheritances, lottery prizes, or business windfalls that require upfront fees, taxes, or 'clearance' payments that are never returned.
Callers impersonating Slovak police or prosecutors warn victims their account is compromised and pressure them to move savings to a 'safe account' or hand cash to a courier.
Fraudsters impersonate Slovakia's Financial Administration with fake refund and arrears messages designed to steal banking logins or extract immediate payments.
Long-con crypto investment fraud targets Slovak victims through dating apps and messaging, building trust before steering them into fake trading platforms.
Unsolicited WhatsApp messages offer Slovak jobseekers easy online work, then trap them in task schemes demanding deposits to unlock fake earnings.
Smishing texts impersonating Slovenska posta and couriers tell Slovak recipients a parcel is held pending a fee, capturing card details and hidden charges.
Sextortion operations befriend Slovak users on dating apps and social media, obtain intimate images, then threaten exposure to contacts unless payment is made.
Unlicensed brokers and fake funds pitch Slovak investors guaranteed returns through ads and cold calls, then block withdrawals behind invented fees.
Counterfeit webshops advertised to Slovak shoppers on social media take payment for discounted goods that never arrive or are worthless imitations.
Bogus recruiters approach Slovak jobseekers on LinkedIn and messaging apps with remote roles that exist only to harvest data or recruit money mules.
Long-con crypto investment fraud targets Latvian victims through dating apps and messaging, building trust before steering them into fake trading platforms.
Fraudsters impersonate Latvia's VID tax authority with fake refund and arrears messages designed to steal banking logins or extract immediate payments.
Smishing texts impersonating Latvijas Pasts and couriers tell Latvian recipients a parcel is held pending a fee, capturing card details and hidden charges.
Unlicensed brokers and fake funds pitch Latvian investors guaranteed returns through ads and cold calls, then block withdrawals behind invented fees.
Sextortion operations befriend Latvian users on dating apps and social media, obtain intimate images, then threaten exposure to contacts unless payment is made.
Unsolicited WhatsApp messages offer Latvian jobseekers easy online work, then trap them in task schemes demanding deposits to unlock fake earnings.
Counterfeit webshops advertised to Latvian shoppers on social media take payment for discounted goods that never arrive or are worthless imitations.
Victims in Latvia are promised inheritances, lottery prizes, or business windfalls that require upfront fees, taxes, or 'clearance' payments that are never returned.
Fraudsters re-target Latvian scam victims by posing as recovery agents, lawyers, or regulators who promise to retrieve lost funds in exchange for upfront fees.
Long-con crypto investment fraud targets Lithuanian victims through dating apps and messaging, building trust before steering them into fake trading platforms.
Fraudsters impersonate Lithuania's VMI tax authority with fake refund and arrears messages designed to steal banking logins or extract immediate payments.
Smishing texts impersonating Lietuvos Pastas and couriers tell Lithuanian recipients a parcel is held pending a fee, capturing card details and hidden charges.
Unlicensed brokers and fake funds pitch Lithuanian investors guaranteed returns through ads and cold calls, then block withdrawals behind invented fees.
Sextortion operations befriend Lithuanian users on dating apps and social media, obtain intimate images, then threaten exposure to contacts unless payment is made.
Unsolicited WhatsApp messages offer Lithuanian jobseekers easy online work, then trap them in task schemes demanding deposits to unlock fake earnings.
Counterfeit webshops advertised to Lithuanian shoppers on social media take payment for discounted goods that never arrive or are worthless imitations.
Callers impersonating Lithuanian police or prosecutors warn victims their account is compromised and pressure them to move savings to a 'safe account' or hand over cash.
Victims in Lithuania are promised inheritances, lottery prizes, or business windfalls that require upfront fees, taxes, or 'clearance' payments that are never returned.
Long-con crypto investment fraud targets Estonian victims through dating apps and messaging, building trust before steering them into fake trading platforms.
Fraudsters impersonate Estonia's Tax and Customs Board with fake refund and arrears messages designed to steal banking logins or extract immediate payments.
Smishing texts impersonating Omniva and couriers tell Estonian recipients a parcel is held pending a fee, capturing card details and hidden charges.
Unlicensed brokers and fake funds pitch Estonian investors guaranteed returns through ads and cold calls, then block withdrawals behind invented fees.
Sextortion operations befriend Estonian users on dating apps and social media, obtain intimate images, then threaten exposure to contacts unless payment is made.
Unsolicited WhatsApp messages offer Estonian jobseekers easy online work, then trap them in task schemes demanding deposits to unlock fake earnings.
Counterfeit webshops advertised to Estonian shoppers on social media take payment for discounted goods that never arrive or are worthless imitations.
Callers impersonating Estonian police or prosecutors warn victims their account is compromised and pressure them to move savings to a 'safe account' or hand over cash.
Fraudsters re-target Estonian scam victims by posing as recovery agents, lawyers, or regulators who promise to retrieve lost funds in exchange for upfront fees.
Long-con investment-romance scams are reaching Bolivian victims through social media and messaging apps, fattening trust before draining savings into fake crypto platforms.
Fraudulent high-yield schemes and unlicensed investment 'clubs' target Bolivian savers with promises of fixed returns that no legitimate product can sustain.
As crypto adoption grows in Bolivia, fraudsters exploit newcomers with fake exchanges, bogus mining and staking offers, and impersonation of well-known platforms.
Unsolicited WhatsApp messages offering easy part-time work lure Bolivian jobseekers into task-based schemes that ultimately demand deposits and vanish.
Fraudsters impersonate Bolivian police, prosecutors, or judges to frighten victims into paying fictitious fines or transferring money to avoid arrest.
Sextortion schemes target Bolivians on dating apps and social media, coaxing intimate images and then threatening to share them unless victims pay.
Fraudulent shops on social media and standalone websites advertise discounted goods to Bolivian shoppers, then deliver nothing or send counterfeit items.
Victims in Bolivia are promised large sums — inheritances, prizes, or grants — that require upfront 'fees' which only multiply and never release any money.
Smishing messages posing as couriers or customs ask Bolivians to pay a small fee or log in on a fake page, harvesting card details and personal data.
Unlicensed high-yield schemes and bogus investment funds target Paraguayan savers with promises of fixed returns that collapse once new money slows.
With Paraguay known for crypto mining and growing digital-asset interest, scammers push fake exchanges, mining contracts, and giveaway frauds at newcomers.
Slick but fraudulent forex and crypto 'trading' platforms target Paraguayans with fake dashboards, manipulated wins, and withdrawals blocked behind endless fees.
Paraguayans are recruited for simple online 'tasks' that pay small at first, then demand deposits to unlock higher earnings that can never be withdrawn.
Fraudulent recruiters offer Paraguayan jobseekers attractive local or overseas roles, then extract fees for visas, training, or processing before disappearing.
Sextortion schemes in Paraguay use fake online romances to obtain intimate images, then threaten to expose victims unless they pay.
Scammers impersonate Paraguay's tax authority to claim unpaid taxes, refunds, or penalties, pressuring victims into paying or revealing financial details.
Fraudulent shops on social media and standalone sites advertise cheap goods to Paraguayan shoppers, then deliver nothing or send counterfeits.
Fraudulent rental ads in Paraguay lure tenants with attractive apartments, then demand deposits to 'reserve' a property the scammer does not control.
With cryptocurrency widely used in Venezuela to preserve value, scammers exploit reliance on digital assets through fake exchanges, P2P fraud, and giveaway schemes.
Long-con investment-romance scams target Venezuelans at home and in the diaspora, building trust before steering them into fake crypto platforms.
Romance scammers build fake relationships with Venezuelans online, then invent emergencies to extract money over weeks or months.
Recovery scams target Venezuelans who already lost money to fraud, posing as recovery agents or officials who promise to retrieve funds for an upfront fee.
Sextortion schemes target Venezuelans on dating apps and social media, coaxing intimate images and then threatening exposure unless victims pay.
Unsolicited WhatsApp messages offering easy remote work lure Venezuelan jobseekers into task schemes that ultimately demand deposits and vanish.
Victims in Venezuela are promised large sums — prizes, grants, or aid — that require upfront fees which only multiply and never release any money.
Fraudsters exploit humanitarian need and the diaspora's goodwill with fake charity appeals that pocket donations meant for Venezuelans in hardship.
Attackers hijack Venezuelan phone numbers via SIM-swap fraud to intercept verification codes and seize bank, wallet, and messaging accounts.
Unlicensed high-yield schemes and bogus funds target Ecuadorian savers with fixed-return promises that collapse once new money slows.
As crypto interest grows in Ecuador, scammers exploit newcomers with fake exchanges, bogus investment apps, and giveaway and impersonation schemes.
Fraudsters impersonate Ecuadorian police, prosecutors, or judges to frighten victims into paying fictitious fines or transferring money to avoid arrest.
Ecuadorians are recruited for simple online 'tasks' that pay small at first, then demand deposits to unlock higher earnings that can never be withdrawn.
Smishing messages posing as couriers or customs ask Ecuadorians to pay a small fee or log in on a fake page, harvesting card details and personal data.
Sextortion schemes target Ecuadorians on dating apps and social media, coaxing intimate images and then threatening exposure unless victims pay.
Fraudulent shops on social media and standalone sites advertise cheap goods to Ecuadorian shoppers, then deliver nothing or send counterfeits.
Fraudulent travel and accommodation sites target visitors to Ecuador, taking payment for hotels, tours, or Galapagos trips that do not exist.
Attackers hijack Ecuadorian phone numbers via SIM-swap fraud to intercept verification codes and seize bank, wallet, and messaging accounts.
As a regional financial hub, Panama draws both genuine investors and fraudsters running unlicensed high-yield schemes that promise fixed returns and collapse.
As crypto adoption grows in Panama, scammers exploit newcomers and investors with fake exchanges, bogus funds, and giveaway and impersonation schemes.
Long-con investment-romance scams reach Panamanian victims through social media and messaging apps, building trust before draining savings into fake platforms.
Slick but fraudulent forex and crypto 'trading' platforms target Panamanians with fake dashboards, manipulated wins, and withdrawals blocked behind endless fees.
Recovery scams target Panamanians who already lost money to fraud, posing as recovery agents or officials who promise to retrieve funds for an upfront fee.
Fraudulent recruiters offer Panamanian jobseekers attractive local or overseas roles, then extract fees for visas, training, or processing before disappearing.
Fraudulent rental ads in Panama lure tenants and relocating expatriates with attractive apartments, then demand deposits for properties the scammer does not control.
Scammers impersonate Panama's tax authority to claim unpaid taxes, refunds, or penalties, pressuring victims into paying or revealing financial details.
Fraudsters in Panama exploit goodwill with fake charity and disaster-relief appeals that pocket donations meant for people in genuine need.
Unlicensed high-yield schemes and bogus funds target Guatemalan savers with fixed-return promises that collapse once new money slows.
Fraudsters impersonate Guatemalan police, prosecutors, or judges to frighten victims into paying fictitious fines or transferring money to avoid arrest.
Unsolicited WhatsApp messages offering easy remote work lure Guatemalan jobseekers into task schemes that ultimately demand deposits and vanish.
Sextortion schemes target Guatemalans on dating apps and social media, coaxing intimate images and then threatening exposure unless victims pay.
Fraudulent shops on social media and standalone sites advertise cheap goods to Guatemalan shoppers, then deliver nothing or send counterfeits.
Smishing messages posing as couriers or customs ask Guatemalans to pay a small fee or log in on a fake page, harvesting card details and personal data.
Victims in Guatemala are promised large sums — prizes, inheritances, or grants — that require upfront fees which only multiply and never release any money.
As crypto interest and remittance use grow in Guatemala, scammers exploit newcomers with fake exchanges, bogus investment apps, and giveaway schemes.
Lottery and prize scams tell Dominicans they have won a draw they never entered, then demand fees and taxes before a prize that never arrives.
Fraudulent travel and accommodation sites target visitors to the Dominican Republic, taking payment for resorts, villas, or tours that do not exist.
Sextortion schemes target people in the Dominican Republic on dating apps and social media, coaxing intimate images and then threatening exposure unless victims pay.
Romance scammers build fake relationships with people connected to the Dominican Republic, then invent emergencies to extract money over weeks or months.
Unlicensed high-yield schemes and bogus funds target Dominican savers with fixed-return promises that collapse once new money slows.
Fraudulent shops on social media and standalone sites advertise cheap goods to Dominican shoppers, then deliver nothing or send counterfeits.
Attackers hijack Dominican phone numbers via SIM-swap fraud to intercept verification codes and seize bank, wallet, and messaging accounts.
Victims connected to the Dominican Republic are promised large sums that require upfront fees which only multiply and never release any money.
Unlicensed high-yield schemes and bogus funds target Uruguayan savers with fixed-return promises that collapse once new money slows.
As crypto interest grows in Uruguay, scammers exploit investors with fake exchanges, bogus investment apps, and giveaway and impersonation schemes.
Slick but fraudulent forex and crypto 'trading' platforms target Uruguayans with fake dashboards, manipulated wins, and withdrawals blocked behind endless fees.
Uruguayans are recruited for simple online 'tasks' that pay small at first, then demand deposits to unlock higher earnings that can never be withdrawn.
Scammers impersonate Uruguay's tax authority to claim unpaid taxes, refunds, or penalties, pressuring victims into paying or revealing financial details.
Smishing messages posing as couriers or customs ask Uruguayans to pay a small fee or log in on a fake page, harvesting card details and personal data.
Fraudulent shops on social media and standalone sites advertise cheap goods to Uruguayan shoppers, then deliver nothing or send counterfeits.
Recovery scams target Uruguayans who already lost money to fraud, posing as recovery agents or officials who promise to retrieve funds for an upfront fee.
Crypto romance-investment scams targeting Chileans via WhatsApp and Instagram, funnelling victims to fake platforms denominated in USD or USDT.
Fraudulent investment schemes in Chile exploit the country's AFP pension debate and growing retail-investor appetite, promising guaranteed returns through unlicensed operators.
Cryptocurrency fraud in Chile ranges from fake exchange apps to celebrity-endorsed token launches, exploiting the absence of specific crypto regulation.
Counterfeit forex and crypto trading platforms target Chilean investors with polished Spanish-language interfaces and fabricated profit dashboards.
Sextortion and romance blackmail schemes target Chilean men and women via Instagram and Tinder, threatening to share intimate images with family contacts unless payment is made.
Fake micro-task job schemes recruit Chileans via WhatsApp with promises of easy income for simple online tasks, then trap them in a deposit loop.
Fraudulent e-commerce sites impersonate popular Chilean retailers or offer deep discounts, collecting payment then delivering nothing or counterfeit goods.
Classic advance-fee fraud reaches Chilean victims through email, WhatsApp, and social media, promising inheritances, prizes, or business deals contingent on an upfront payment.
Fraudsters impersonating Carabineros or PDI officers threaten Chileans with arrest unless they pay fines immediately via bank transfer or crypto.
Crypto romance-investment scams reach Jordanians via WhatsApp and Instagram, with scammers posing as Gulf-based investors or overseas Jordanians to build trust.
Fraudulent investment schemes in Jordan exploit limited financial literacy and a desire for dollar-denominated returns, often channelled through unregulated entities.
Fraudulent forex and crypto trading platforms targeting Jordanians use Arabic-language interfaces and Gulf broker branding to appear legitimate.
Sextortion scams in Jordan exploit social stigma around intimate content, making victims particularly reluctant to report and more likely to pay repeated demands.
Fraudulent job offers targeting unemployed Jordanians promise Gulf employment or remote work, collecting visa fees and recruitment deposits then disappearing.
Fraudulent work-from-home offers reach Jordanians via WhatsApp, promising easy income for simple tasks before trapping victims in a deposit cycle.
SIM swap fraud in Jordan targets mobile banking users by porting victim numbers to scammer-controlled SIMs, bypassing SMS-based two-factor authentication.
Fraudsters impersonating the Income and Sales Tax Department (ISTD) of Jordan threaten individuals and businesses with audits or penalties unless immediate payment is made.
Cryptocurrency fraud in Jordan exploits the absence of a regulatory framework, targeting Jordanians through fake exchanges, pump-and-dump Telegram groups, and phishing attacks.
China is simultaneously a major origin country and a victim country for pig-butchering scams, with Chinese nationals targeted on WeChat and domestic platforms by criminal groups operating from Myanmar and Cambodia.
Fraudulent investment schemes in China exploit retail investor enthusiasm for stock markets and wealth management products, operating through unlicensed apps and social media.
Brush-order scams (shua dan) defraud Chinese workers by promising pay for fake e-commerce reviews before trapping them in a deposit cycle.
Fraudulent forex and crypto trading platforms target Chinese investors by mimicking regulated brokers and exploiting the lack of domestic crypto trading infrastructure.
Sextortion and 'honey trap' schemes target Chinese men via dating apps and WeChat, threatening to share intimate content with family and employers unless payment is made.
Fraudulent fundraising in China exploits WeChat Moments and short-video platforms to collect donations for fabricated medical emergencies or disaster relief causes.
Fraudulent overseas job offers target Chinese job-seekers via WeChat and Zhaopin, promising high-paying positions in Southeast Asia that are often forced labour operations or pig-butchering scam compounds.
Advance-fee fraud targeting Chinese consumers appears as prize notifications, government refunds, or overseas business opportunities delivered via WeChat and email.
Romance-investment crypto scams target Peruvians via WhatsApp and Facebook, posing as overseas Peruvians or Asian investors to build trust before introducing fake trading platforms.
Ponzi schemes and high-yield investment fraud target Peruvians through social networks and church communities, promising above-market returns in soles or dollars.
Fraudulent e-commerce sites impersonating Peruvian retailers or Mercado Libre defraud Peruvian buyers who transfer soles via Yape or Plin and receive nothing.
Classic advance-fee fraud targets Peruvians via WhatsApp and email with promises of prize winnings, government benefit payments, or business contracts requiring an upfront fee.
Scammers impersonating PNP officers or judges contact Peruvians demanding immediate payments to avoid arrest warrants, often targeting the elderly.
Sextortion targeting Peruvians via Facebook and WhatsApp exploits social shame and family reputation concerns, with payment collected through Yape or Western Union.
SIM swap fraud in Peru exploits weaknesses in Claro, Movistar, and Entel carrier verification to seize Yape and BCP mobile banking accounts via stolen OTPs.
Fraudulent SMS and WhatsApp messages impersonating Olva Courier, DHL Peru, or Mercado Libre deliveries trick Peruvians into phishing pages collecting card details.
Fraudsters impersonating SUNAT (Peru's tax authority) demand immediate payment via Yape or threaten businesses with account freezes and legal proceedings.
Romance-crypto investment scams reach Icelanders via Instagram and Tinder, exploiting high incomes and limited awareness of crypto fraud to extract large amounts in ISK converted to USDT.
Fraudulent investment schemes target Iceland's financially confident population with fake high-yield products and unlicensed operators impersonating EEA-regulated brokers.
Fraudulent forex and crypto platforms target Icelanders via paid search advertising, using English or Icelandic interfaces and fabricated FME or FCA licence numbers.
Counterfeit e-commerce sites targeting Icelandic consumers impersonate local retailers or operate as fictitious stores, collecting ISK via card or bank transfer then delivering nothing.
Classic advance-fee fraud reaches Icelanders via email and social media in English, with promises of lottery winnings or inheritance proceeds requiring upfront fees.
Sextortion targeting Icelanders operates via Tinder and Instagram, with payment demands in EUR or crypto exploiting privacy concerns in a small, close-knit community.
Fraudulent job offers targeting Icelanders or foreign workers in Iceland promise high-paying positions but collect visa fees or equipment deposits then disappear.
SIM swap attacks targeting Icelanders exploit weaknesses in Síminn and Nova carrier authentication to seize online banking and payment accounts via stolen OTPs.
Fraudulent travel booking sites targeting Iceland's booming tourism sector collect prepayments from tourists via card or bank transfer for accommodation and tours that do not exist.
Romance-crypto investment scams target Bulgarians via Viber and Facebook, with victims channelling leva or euro to fake platforms through Bulgarian banks or local crypto exchanges.
Fraudulent investment schemes exploit Bulgarian retail investors with unlicensed platforms, fake EU regulatory labels, and celebrity endorsements on Bulgarian news and social media.
Fraudulent Bulgarian-language trading platforms target local investors while Bulgarian-operated platforms simultaneously victimise EU citizens across Europe.
Sextortion operations target Bulgarian men and women via dating sites and Facebook, with payment collected through wire transfer or crypto to avoid tracing.
Fraudulent Bulgarian-language e-commerce sites collect leva via bank transfer or nalichni (cash on delivery) then deliver nothing or counterfeit goods.
Advance-fee fraud reaches Bulgarians through email and Viber, exploiting promises of prize winnings, EU grant funding, or inheritance proceeds requiring a processing fee.
Fake online task jobs target Bulgarians via Viber and Telegram with promises of easy leva income before entrapping them in a deposit cycle.
Fraudsters impersonating Bulgarian National Police (МВР) or prosecutors threaten Bulgarians with arrest unless they immediately pay fines via bank transfer or Bitcoin ATM.
Fraudsters impersonating Bulgaria's National Revenue Agency (NRA/НАП) threaten businesses and individuals with immediate penalties unless payment is made via bank transfer or Bitcoin ATM.
Romance-crypto investment scams target Costa Ricans via WhatsApp and Instagram, exploiting the country's growing crypto adoption and limited regulatory oversight.
Fraudulent investment schemes exploit Costa Rica's growing investor class with pyramid-structure clubs, fake real estate crowdfunding, and unlicensed forex operators.
Fake micro-task jobs reaching Costa Ricans via WhatsApp promise easy colone income for online tasks before trapping victims in a SINPE Móvil deposit cycle.
Fraudulent e-commerce operations target Costa Rican shoppers on Facebook Marketplace and Instagram, collecting SINPE Móvil payments then delivering nothing.
Fraudulent vacation and long-term rental listings target both tourists and Costa Rican residents, collecting deposits via SINPE Móvil or wire transfer for properties that are unavailable or non-existent.
Advance-fee fraud targeting Costa Ricans arrives via WhatsApp and email with fake government benefit notifications, lottery winnings, and business partnership offers requiring upfront fees.
Sextortion scams target Costa Ricans on Tinder and Instagram, using SINPE Móvil payment demands to exploit the speed and irreversibility of instant transfers.
Fraudulent travel booking sites impersonating Booking.com or creating entirely fictitious Costa Rica tourism portals collect advance payments for tours and accommodation that do not exist.
Fraudsters impersonating OIJ investigators or Fuerza Pública officers call Costa Ricans demanding immediate payments to avoid arrest warrants or resolve alleged family emergencies.
Pig-butchering romance-investment scams target Lebanese via WhatsApp by posing as Lebanese diaspora in the Gulf or Europe, exploiting economic desperation and crypto's popularity as a dollar substitute.
Fraudulent investment schemes exploit Lebanon's financial crisis, targeting citizens desperate to access frozen savings or rebuild wealth through foreign or crypto investment promises.
Fraudulent trading platforms target Lebanese investors by offering dollar-denominated accounts outside Lebanon's banking system, exploiting the country's financial crisis.
Sextortion in Lebanon carries heightened social and reputational risk given conservative community norms, with fraudsters targeting both Lebanese residents and diaspora members via WhatsApp and Instagram.
Advance-fee fraud in Lebanon preys on residents seeking financial relief, with scammers posing as NGO representatives, diaspora benefactors, or foreign business partners offering funds that require advance payments.
Fraudulent job offers targeting Lebanon's high-unemployment population promise Gulf or European positions, collecting visa fees and documentation charges that are never refunded.
Fake micro-task jobs target Lebanese job-seekers via WhatsApp with promises of dollar income for simple online tasks, before trapping victims in a USDT deposit cycle.
SIM swap fraud targets Lebanese WhatsApp accounts and any remaining mobile banking functionality, exploiting weaknesses in Alfa and touch carrier authentication.
Fraudulent WhatsApp and SMS messages impersonating Lebanese courier services or international carriers collect cash or USDT to release parcels that never exist.
Myanmar hosts large scam-compound complexes where trafficked workers are forced to run pig-butchering operations targeting victims worldwide.
Fraudulent job offers lure people in Myanmar into scam-compound compounds under the guise of lucrative overseas employment.
Task-based fraud originating from Myanmar compounds targets online workers globally with fake micro-job platforms that trap victims in endless deposit cycles.
Myanmar-based compound operators run romance blackmail operations that coerce victims into paying to suppress intimate images or compromising information.
Fraudsters exploit Luxembourg's reputation as a leading EU financial centre to lend false credibility to bogus investment schemes targeting residents and international clients.
Cryptocurrency fraud in Luxembourg ranges from fake exchange platforms invoking the country's financial prestige to social-media pump-and-dump schemes targeting tech-savvy residents.
Fraudsters impersonate Luxembourg's Administration des contributions directes and TVA offices to extract payments or personal data from residents and cross-border workers.
Advance-fee fraud in Luxembourg often masquerades as EU grant disbursements, inheritance windfalls, or investment-fund payouts to exploit the country's financial cachet.
Cyprus has historically been a registration hub for unregulated or minimally regulated online brokers that defraud retail investors across Europe and beyond.
Fraudulent rental advertisements on popular property portals target international buyers and short-term tenants seeking property in Cyprus's competitive real-estate market.
Bogus fund-recovery firms exploit Cyprus's broker-fraud reputation, charging victims upfront fees to 'recover' losses that are never returned.
Malta marketed itself as 'Blockchain Island' attracting both legitimate crypto firms and fraudulent operators that exploited the regulatory brand to defraud global investors.
Fraudulent accommodation and ferry booking websites target travellers planning holidays in Malta, collecting payments for reservations that do not exist.
Malta's affluent, internationally connected population is targeted by pig-butchering crypto-romance scams promoted through social media and dating apps.
SIM-swap attacks in Malta target mobile banking customers and crypto holders by porting phone numbers to fraudster-controlled SIMs to bypass two-factor authentication.
Investment fraud in Serbia exploits a growing retail investor class with fake forex brokers, unlicensed fund schemes, and pyramid structures promoted on social media.
Romance fraud in Serbia targets both residents seeking relationships and Serbian nationals abroad who are approached by scammers posing as compatible partners.
Fake remote-work offers circulate on WhatsApp in Serbia, targeting job seekers with promises of easy online income that turn into task-scam deposit traps.
Georgia's growing digital economy and international connectivity make residents and the country's large expat population targets for pig-butchering crypto investment fraud.
Fraudulent overseas job offers target Georgian nationals with promises of high-paying roles that turn out to be trafficking or forced-labour situations.
Advance-fee fraud in Georgia exploits the country's business-friendly reputation with fake investment windfalls, inheritance claims, and government-contract bribes.
Fraudsters impersonate Georgian police officers or prosecutors to extort payments from residents under the threat of fabricated criminal investigations.
Mongolia's mining boom and growing middle class have made it a target for fake investment schemes promising high returns on mining stocks, crypto, and real estate.
Mongolia's proximity to China and its growing digital economy make residents targets for Chinese-language and English-language pig-butchering crypto romance fraud.
Fake parcel-delivery SMS scams target Mongolian online shoppers with links to phishing pages that harvest payment card and personal data.
Fraudulent Mongolian e-commerce pages and social-media shops take payment for goods — especially electronics and imported items — and never deliver.
Advance-fee fraud circulates in Myanmar via Facebook and SMS, exploiting limited financial literacy in rural areas with fake prize and government-grant narratives.
Fraudsters exploit ongoing humanitarian crises in Myanmar to solicit donations for fake charities that divert money away from genuine relief efforts.
Parcel-delivery phishing SMS campaigns target Luxembourg residents by impersonating Post Luxembourg, DHL, and UPS with fake customs-fee links.
Luxembourg's extremely competitive rental market creates ideal conditions for fake landlord scams targeting new arrivals and cross-border workers seeking accommodation.
Cyprus's large expatriate and international business community makes residents vulnerable to pig-butchering crypto romance scams promoted through social media and dating apps.
Callers impersonating Cyprus Police or EUROPOL officers demand payments from residents to avoid fabricated criminal investigations.
Advance-fee fraud in Malta targets residents with fake EU grant windfalls, lottery prizes, and inheritance claims exploiting the island's EU institutional identity.
Sextortion targeting Malta residents exploits the island's dense social networks — threats to share intimate images with small, interconnected communities cause acute distress.
Phishing SMS campaigns in Serbia impersonate Post Serbia and DHL to harvest payment card details from online shoppers with fake parcel-fee requests.
Fake rental advertisements in Serbia — particularly for Belgrade apartments — target domestic movers and international professionals with phantom deposits.
Georgia's crypto-friendly regulatory environment and significant Bitcoin mining sector attract both legitimate operators and fraudsters running fake exchanges and investment pools.
SIM-swap attacks in Georgia target mobile banking and crypto users by porting phone numbers to fraudster-controlled SIMs to intercept two-factor authentication codes.
Advance-fee fraud in Mongolia circulates on Facebook with fake business opportunities and government-tender bribes targeting Mongolia's entrepreneurial community.
Sextortion targeting Mongolian residents uses social media and messaging apps to gather intimate images before issuing extortion demands.
Fraudsters impersonate Serbia's Tax Administration (Poreska uprava) and other government agencies to extract payments from residents and businesses.
Cryptocurrency fraud in Serbia targets retail investors with fake exchange platforms, influencer-promoted pump-and-dump tokens, and phishing attacks on crypto wallets.
Fraudulent Facebook and Instagram shops in Georgia take payment for electronics, clothing, and imported goods that are never delivered.
Fake remote-work offers reach Georgian job seekers via WhatsApp and Telegram, promising easy online income that turns into a task-scam deposit trap.
Cryptocurrency fraud in Myanmar operates on two levels: compound-run pig-butchering platforms targeting overseas victims, and domestic crypto scams targeting Myanmar residents.
Fraudsters in Myanmar impersonate police and government officials to extort payments from residents under the threat of fabricated investigations.
Fake remote-work offers circulate in Myanmar via WhatsApp and Facebook Messenger, targeting young people with promises of easy online income from task-based work.
SIM-swap attacks in Luxembourg target private banking clients and crypto investors by porting mobile numbers to intercept high-value authentication codes.
Fraudulent e-commerce websites and social media shops target Luxembourg's affluent online shoppers with designer goods, electronics, and collectibles that are never delivered.
Malta's gaming and fintech sector attracts sophisticated investment fraud targeting the island's professional community with fake fund-management schemes and unregulated CFD brokers.
Serbia's growing online-investment culture makes residents targets for pig-butchering scams delivered via Instagram, Viber, and dating apps.
Advance-fee fraud in Serbia combines classic inheritance and lottery narratives with business-opportunity schemes targeting Serbia's entrepreneurial community.
Task-based fraud targeting Mongolia's young urban population offers easy online income for simple micro-jobs before trapping victims in escalating deposit cycles.
Fraudulent overseas job advertisements target Mongolian workers with fake offers in South Korea, Japan, and China that conceal trafficking or scam-compound recruitment.
Fake remote-work and part-time job offers target Cyprus's large unemployed youth population and migrant workers through WhatsApp and Telegram.
Fake foreign lottery prize notifications target Cyprus residents and the island's large expatriate community with fabricated windfalls requiring upfront fee payments.
Fake online job offers circulate in Malta via WhatsApp and Telegram, targeting the island's service-sector workers and migrant population with task-scam deposit traps.
Fraudsters impersonate Malta's Commissioner for Revenue to demand urgent tax payments from residents and businesses under threat of legal action.
Fake rental listings in Tbilisi target the city's growing expat and digital-nomad community with below-market apartments requiring deposits for properties that do not exist.
Fake international lottery prize notifications target Georgian residents with fabricated windfalls requiring upfront fee payments to release.
Fake European and American lottery prize notifications target Serbian residents with fabricated windfalls requiring upfront fee payments.
Fraudsters target Luxembourg residents with fabricated EuroMillions and EU fund lottery prizes that require upfront fee payments to release.
Fraudulent accommodation and tour booking websites target travellers to Georgia with fake reservations for guesthouses, tours, and transport.
Fraudulent charity appeals in Georgia exploit regional displacement crises and natural disasters to divert donations from genuine relief organisations.
Phishing SMS messages impersonate Georgian Post and international couriers to harvest payment card details from online shoppers with fake parcel-fee requests.
Fraudulent Serbian-language e-commerce websites and Facebook shops collect payment for electronics and clothing without delivering anything.
SIM-swap attacks in Serbia target mobile banking users by porting phone numbers to intercept SMS authentication codes for bank and crypto accounts.
Fraudulent tour and ger camp booking sites target Mongolia visitors with fake reservations for Gobi Desert, Naadam festival, and steppe wilderness packages.
Fraudulent charity appeals exploit Malta's generous community culture with fake campaigns mimicking real Maltese charities and international disaster appeals.
Bogus fund-recovery services target Mongolian victims of investment and crypto fraud with upfront fees to retrieve losses that are never recovered.
How VIN cloning and title washing combine in the US market to create vehicles with falsified histories, exploiting gaps between state motor-vehicle databases.
How salvage and Category S or N vehicles are sold in the UK without proper disclosure, leaving buyers with unsafe cars and difficult insurance situations.
How some US car dealers use spot delivery and conditional financing practices to pressure buyers into less favourable loan terms after taking the vehicle home.
How staged collision fraud operates in the UK, the common tactics used against innocent drivers, and how to protect yourself and report suspicious incidents.
How high-pressure holiday club and timeshare presentations in the UK trap consumers into expensive long-term contracts for memberships with minimal real-world value.
How VIN cloning and the concealment of write-off status operate within the UK's V5C and MOT framework, and how buyers can use free government tools to protect themselves.
How salvage and rebuilt-title vehicles are sold across US state lines without disclosure, exploiting database gaps and differing state title-branding requirements.
How fraudulent websites and emails impersonating His Majesty's Passport Office collect renewal fees and identity documents from UK applicants seeking a new or renewed passport.
How fraudulent immigration attorneys operating in the United States exploit the complexity of US immigration law to collect large retainers for applications they never file or file incorrectly.
How fraudulent UK notarisation and apostille services target individuals and businesses needing documents authenticated for international legal, immigration, and commercial purposes.
How Premium Bond prize fraud specifically targets UK savers, exploiting the wide public familiarity with NS&I bonds to impersonate official prize notifications across multiple channels.
How mail theft in the United States enables identity fraud through stolen bank statements, tax correspondence, and pre-approved credit offers, and what US-specific protections apply.
How cheque washing fraud operates in the United Kingdom, where cheque usage is declining but high-value cheques for legal, property, and business transactions remain a target.
Scammers send emails or texts claiming your Apple ID has been locked or suspended, directing you to a convincing fake Apple sign-in page that steals your credentials and two-factor authentication codes.
Callers or pop-up alerts claim to be Apple Support, warning of a security breach or virus, and pressure victims into handing over their Apple ID credentials or remote device access.
Phishing emails mimicking Microsoft 365 account alerts direct users to a replica sign-in page that harvests their work or personal Microsoft credentials, often with the aim of penetrating corporate networks.
Malicious browser alerts display Windows error screens and Microsoft branding alongside a phone number, tricking users into calling fake 'Microsoft Certified Technicians' who install remote-access software and steal money or credentials.
Phishing emails styled as Google security alerts claim your account has been accessed from an unknown device and drive you to a fake Google sign-in page that captures your Google credentials and backup codes.
Targeted phishing emails impersonating Google Workspace alerts aim to steal administrator credentials, giving attackers control over an entire organisation's Google environment.
Scammers send messages that mimic Meta's account-policy notifications to claim your Facebook or Meta account has been disabled, directing you to a fake appeal form that harvests your login credentials.
Fraudsters send messages offering a coveted blue verification tick on Facebook or Instagram in exchange for account credentials, payment, or sensitive personal information.
Criminals pose as Instagram support to 'help' users recover a hacked account, but the process hands attackers the victim's login credentials and two-factor authentication codes.
Fraudulent messages claim your Instagram account has received a copyright strike or DMCA notice and will be deleted unless you verify your identity through a link — which leads to a credential-harvesting page.
Fraudsters use social engineering to obtain the SMS verification code sent when registering a WhatsApp number, then hijack the victim's account and use it to scam their contacts.
After hijacking a victim's WhatsApp account, fraudsters message their contacts posing as the account owner and invent urgent scenarios — a lost wallet, a hospital bill, being stranded abroad — to solicit quick money transfers.
Scammers send TikTok creators and businesses messages claiming they qualify for official verification and instruct them to 'complete the process' on a phishing page that steals their TikTok login credentials.
Fraudulent emails or messages claim a TikTok account has violated copyright policy and will be deleted, directing creators to a phishing page disguised as a TikTok appeals centre.
Fraudsters impersonate Telegram or send messages through compromised accounts to trick users into sharing their Telegram login code, enabling a full account takeover.
Scammers create fake Telegram channels or bots impersonating cryptocurrency projects, influencers, or Telegram itself, claiming to run a 'verified' giveaway that requires an initial deposit to receive a larger payout.
Phishing emails mimicking Spotify payment alerts claim a subscription renewal has failed and direct users to a fake payment page that harvests credit card details and Spotify credentials.
Scammers send emails claiming a Spotify account has been suspended for suspicious activity and direct users to a fake login page that captures credentials and payment information.
Phishing emails claiming a Netflix subscription payment failed direct users to a convincing fake Netflix login and billing page that steals their account credentials and credit card information.
Scammers exploit publicity around Netflix's account-sharing restrictions to send fake compliance notices that lure users into a phishing page, harvesting Netflix credentials and payment information.
Phishing campaigns mimicking Disney+ payment alerts direct subscribers to fake billing pages that harvest credit card details and login credentials under the pretence of a failed renewal.
Scammers create fake Disney+ login prompts that mimic OAuth social-sign-in flows, tricking users into granting access to their Google or Apple account via a fraudulent authorisation page.
Malicious websites or pop-ups claim a critical Apple software update is required and prompt users to download a file that installs malware, credential-stealing software, or a fake antivirus on their Mac or iPhone.
Scammers send fake emails claiming a Microsoft Defender or Windows security subscription is about to auto-renew at an inflated price, tricking victims into calling a fraudulent refund number that leads to account takeover.
Phishing emails claiming a Google account's 15 GB of free storage is full direct users to a fake upgrade page that harvests Google credentials and payment card details.
Fraudsters send fake Meta Business Suite notifications to page managers and advertisers, directing them to a phishing OAuth flow that steals their Facebook business account access.
Criminals copy a real Instagram user's profile picture, username, and public posts to create a duplicate account, then use it to deceive the original user's followers into sending money or sharing personal information.
Scammers abuse Apple's trusted-device two-factor system by flooding a victim's Apple devices with repeated authentication requests, then calling them pretending to be Apple Support to extract the six-digit code.
Phishing sites present fraudulent 'Sign in with Microsoft' OAuth consent screens that harvest Microsoft work or personal credentials from users who believe they are completing a standard authentication flow.
Scammers who have already obtained a victim's Google password pose as Google Support and social-engineer the victim into sharing the SMS two-factor code, completing an account takeover.
Fraudulent messages claim a WhatsApp subscription or premium service is about to expire and instruct users to pay via a link or provide payment details to continue using the app.
Fraudulent emails or messages claim a TikTok account has been suspended for community guideline violations and invite creators to appeal through a link that leads to a credential-harvesting page.
Scammers create fake Telegram support accounts with official-looking names and badges to solicit account information, phone numbers, and verification codes from users seeking help.
Scammers pose as Spotify customer support agents through social media or email and offer to help users recover access to their Spotify account, but the 'recovery' process hands over credentials to the attacker.
Scammers send emails claiming a Netflix account has been suspended for suspicious activity or unpaid fees, directing users to a fake reinstatement page that harvests credentials and payment details.
Phishing emails impersonating Disney+ claim an account has been suspended due to unusual activity or billing issues and direct subscribers to a fake page that collects credentials and payment information.
Phishing emails impersonating Apple claim an iCloud password reset was requested and direct recipients to a fake Apple sign-in page that harvests their Apple ID credentials and two-factor codes.
Fraudulent emails styled as Microsoft Teams message alerts direct recipients to a fake Teams sign-in page that captures Microsoft 365 credentials, often as the first step in a targeted business email compromise attack.
Targeted phishing emails claim a Google Ads account has been suspended for policy violations and direct advertisers to a fake Google sign-in that steals credentials and billing information.
Attackers who have obtained an Instagram password use social engineering to trick users into sharing their two-factor authentication code, completing a full Instagram account takeover.
Phishing messages claim a Facebook Page or business account has received a copyright strike and will be deleted unless the owner appeals through a link that leads to a credential-harvesting page.
After taking over a TikTok account, fraudsters use it to DM the victim's followers with investment pitches, emergency money requests, or fake giveaways, exploiting the trust built up by the original creator.
Scammers deploy automated Telegram bots that impersonate official services or Telegram itself to collect usernames, phone numbers, and login codes under the pretence of verification or support.
Scammers set up fake Netflix support phone lines or social media accounts and direct distressed subscribers to them, then harvest account credentials, payment card details, or install remote access software.
Phishing emails styled as Disney+ password-reset confirmations direct subscribers to a fake sign-in page that captures their Disney+ and linked email credentials.
Scammers instruct victims to purchase Apple Gift Cards and share the redemption codes under various pretexts, then immediately drain the balance by redeeming the codes on their own Apple IDs.
Pop-up alerts or emails claim a Windows license has expired or is invalid and direct users to call a number or pay through a fraudulent site, ultimately leading to credential theft or fraudulent payments.
Scammers send emails claiming a Spotify trial has converted to a paid subscription and offer an easy cancellation or refund through a link that leads to a credential-harvesting page.
Fraudsters copy a WhatsApp user's profile picture and display name to create a near-identical account, then message the victim's contacts from a different phone number to solicit money or personal information.
Fraudulent Instagram-branded ads or embedded links on third-party sites present a fake 'Login with Instagram' OAuth consent screen, capturing credentials and granting attackers persistent access to accounts.
Attackers send phishing emails with links to legitimate-looking Google OAuth consent screens for malicious applications, tricking users into granting the app persistent access to their Gmail, Drive, or Google account.
Scammers send emails claiming a TikTok LIVE subscription or creator programme fee is due for renewal, directing users to a fake payment page that harvests card details and TikTok credentials.
Scammers send fake Netflix cancellation confirmation emails that offer a refund through a link, capturing card details and credentials from users who believe they are claiming money back from an unwanted charge.
Scammers send fake Disney+ order confirmations for a bundle upgrade the recipient did not authorise, using the surprise charge as a pretext to direct victims to a phishing page for cancellation.
Scammers replicate Microsoft's genuine unusual-sign-in alert emails to direct recipients to a fake login page that captures credentials and live MFA codes for immediate account takeover.
Scammers pose as Google support agents on social media or forums to help people 'recover' locked Google accounts, extracting backup codes and recovery details that enable a genuine takeover instead.
Scammers send emails mimicking Spotify's password-reset notification to trick users into clicking a link that leads to a fake Spotify sign-in page harvesting account credentials.
Fraudsters copy a TikTok creator's username, profile photo, and bio to build a duplicate account, then use it to solicit money from followers, promote fake investment links, or run fake merchandise stores.
Criminals send emails or texts that mimic PayPal's transaction alerts, claiming your account has been suspended and demanding you click a link to restore access. The goal is to harvest your PayPal login credentials and payment details.
Fraudsters pose as Cash App support agents — often found through fake social-media posts and search-engine ads — and trick users into sharing their sign-in codes or sending money to 'verify' their accounts. Cash App has no public support phone number, making impersonation especially effective.
Scammers impersonating Zelle or the victim's own bank instruct people to send themselves money via Zelle to a 'safe account' they control, claiming the funds need to be moved to prevent fraud. Zelle itself warns: a real bank will never ask you to send yourself money.
Criminals send convincing fake payment-request emails styled as Stripe invoices, targeting small-business owners and freelancers who regularly receive legitimate Stripe payment links. Clicking the embedded 'Pay Now' button leads to a credential-harvesting or payment-capture page.
Scammers send emails mimicking Wise's transfer-alert format, claiming a large international payment is pending verification and demanding recipients log in via a fraudulent link. Victims who comply hand over their Wise credentials and may lose funds held in their Wise multi-currency accounts.
Fraudsters impersonating Revolut call or text victims to claim there is suspicious activity on their account, then talk them into revealing the one-time passcode Revolut just sent — allowing attackers to authorise transfers or log in to the victim's account.
Criminals send fake Robinhood emails or texts claiming your brokerage account has been restricted due to a compliance review or suspicious login, directing you to a phishing site that captures your login credentials and may trigger a 2FA-bypass in real time.
Scammers send text messages or emails mimicking your own bank's fraud-alert system, claiming an unauthorised payment has been initiated and you must act immediately to stop it. The link or callback number leads to a phishing page or fraudster posing as a bank fraud specialist.
Fraudsters send fake PayPal refund-confirmation or overpayment emails and call sellers to claim an 'accidental' overpayment was made, pressuring them to return the excess via gift cards or bank transfer before the bogus payment is discovered.
Criminals create fake social-media accounts mimicking Cash App's well-known '#CashAppFriday' promotions, telling users they have won a cash prize that requires a small 'verification fee' or their Cash App login details to claim.
Criminals send texts or emails claiming someone is trying to enroll the victim's email address or phone number in Zelle, and that the victim must click a link to block the enrollment. The link leads to a phishing page that harvests banking credentials.
Fraudsters contact merchants via phone or email posing as Stripe's risk or compliance team, claiming their Stripe account has been suspended due to a policy violation and demanding login credentials or payment to restore service.
Criminals intercept or impersonate business email communications and instruct suppliers or clients to update their payment destination to a fraudulent Wise account, diverting legitimate B2B payments to the attacker while appearing to come from the legitimate business.
Scammers send fake renewal notices for Revolut Premium or Metal plans, claiming the victim's card will be charged and offering a cancellation link — which leads to a phishing page that harvests Revolut login credentials.
Criminals send fake Robinhood alerts claiming an unauthorised cryptocurrency withdrawal has been initiated from the victim's account and instruct them to call a support number or click a link to cancel it — leading to credential theft or remote-access fraud.
Criminals impersonate bank collections departments, claiming the victim has an outstanding debt, unpaid overdraft, or fraudulent charge on their account and demanding immediate payment via gift cards, wire transfer, or cryptocurrency to avoid legal consequences.
Fraudsters contact PayPal users by phone or text claiming their two-factor authentication needs to be reset or verified due to a security incident, tricking them into sharing the OTP that PayPal just sent — which the attacker immediately uses to access the account.
Criminals pose as tax authorities or Cash App representatives, claiming a tax refund has been deposited to the victim's Cash App account and that a verification payment or sign-in code is required to release it — a classic advance-fee twist on the tax-refund scam.
Scammers posing as customers contact small businesses, send fake Zelle payment screenshots, and pressure the business to ship goods or provide services before the payment actually clears — relying on the fact that a screenshot proves nothing.
Scammers impersonating PayPal instruct victims to purchase gift cards and read out the codes to 'pay' a fabricated fee, debt, or security hold on their PayPal account — a demand that the real PayPal would never make.
Criminals send emails impersonating Wise's compliance team, claiming the victim's account has been suspended pending identity re-verification, and directing them to an external site that harvests passport details, selfies, and banking credentials.
Fraudsters impersonating Revolut's fraud team instruct account holders to transfer their balance to a 'Revolut-secured holding account' to protect it during an alleged security investigation — a classic safe-account scam using Revolut's own transfer infrastructure.
Criminals create fake Robinhood referral pages or social-media posts claiming users can receive free shares of a popular company by signing up or verifying their existing account — leading to a phishing page or a cryptocurrency scam tied to a fake 'Robinhood token'.
Criminals send emails or texts mimicking bank password-reset notifications, claiming the victim's online banking password was just changed by an unknown device and instructing them to click a link to 'undo the change' — delivering them to a credential-harvesting page.
Fraudsters send fake PayPal order-confirmation or payment-sent notifications for transactions the victim never made, then provide a 'cancel this payment' link that leads to a credential-harvesting page or a fake PayPal customer-service number.
Criminals send emails or texts claiming a Cash App account has been suspended for suspicious activity and direct users to a phishing site or fake support number to restore access — harvesting sign-in codes and payment details in the process.
Fraudsters send texts or emails mimicking a victim's own bank, claiming a government stimulus or relief payment has been deposited and can be accessed by clicking a link — a phishing attack that harvests banking credentials under the cover of a benefit.
Criminals impersonating PayPal's fraud team instruct account holders to withdraw their PayPal balance and wire it to a 'PayPal-secured holding account' to protect funds during a fabricated security investigation — a safe-account scam using PayPal's trusted name.
Fraudsters place outbound calls claiming to be PayPal's customer service team, referencing supposed disputes, high-risk transactions, or account holds, then collect login credentials or OTPs to take over the account while the victim believes they are receiving help.
Scammers impersonating Cash App's fraud team tell users their account is at risk and that sending their balance to a 'Cash App safety wallet' or 'verified secure $Cashtag' will protect their funds — a safe-account scam dressed in Cash App branding.
Criminals who possess a victim's linked phone number or email address attempt a Cash App login, which triggers a real sign-in code, then contact the victim under a pretext to get them to read out that code — instantly unlocking full account access.
Because Zelle has no standalone consumer app support channel separate from users' banks, scammers exploit the gap by advertising fake Zelle helpline numbers online — catching users who search for help and tricking them into handing over banking credentials.
Criminals create fake bank-login pages branded with Zelle's logo and claim the victim must verify their Zelle account to prevent it being taken over — a credential-harvesting attack that provides full online banking access, not just Zelle access.
Fraudsters send emails claiming Stripe has placed a hold on the merchant's next payout due to a compliance review and direct them to a fake Stripe dashboard to resolve it — harvesting login credentials and 2FA codes to take over the Stripe account.
Criminals send developer-targeted emails mimicking Stripe's security alerts or API documentation updates, directing technical staff to a fake Stripe developer portal that collects live API secret keys — giving immediate programmatic access to the merchant's Stripe account.
Fraudsters impersonating Wise's fraud team tell account holders that their multi-currency balance is at risk and must be transferred to a 'Wise-secured account' before it is frozen — exploiting Wise's cross-border transfer capability to move funds internationally and out of reach.
Criminals set up fake Wise support chat widgets on lookalike websites or social media, posing as Wise agents to collect login credentials and OTPs from users who believe they are receiving official in-app support.
Criminals contact Revolut users claiming a new device needs to be removed from the account for security, then walk them through steps that actually authorise the attacker's device — granting persistent access to the Revolut account without any further OTPs.
Criminals send emails mimicking Revolut's password-reset notification format, claiming the victim's PIN or passcode was just changed and providing a link to 'undo the change' that leads to a credential-harvesting page masquerading as the Revolut app login.
Fraudsters create fake Robinhood support websites and social-media accounts, posing as customer-service agents to collect brokerage account credentials and 2FA codes from investors seeking help with trading or account issues.
Criminals send fake Robinhood password-reset emails claiming the victim's brokerage account password was just changed and directing them to a phishing page to 'undo' the change — capturing login credentials and potentially 2FA codes in a real-time takeover attempt.
Criminals posing as a bank's fraud team call customers and instruct them to wire their savings to a 'safe account' to protect them from a fabricated ongoing fraud — a scam that has cost bank customers significant financial losses across many countries.
Criminals create fraudulent bank-support phone numbers that appear in search results or are shared on social media, waiting for customers seeking help with online banking issues to call — then harvesting credentials and initiating fraudulent transfers during the 'support' call.
Criminals who have obtained a victim's banking login credentials call posing as the bank's fraud department and, citing a 'security check', trick the victim into reading back the one-time passcode the bank just sent — completing an account takeover or fraudulent transfer in real time.
Criminals build pixel-perfect replicas of popular bank online-banking portals and drive victims to them via SMS, email, or search-engine ads — harvesting full login credentials, security answers, and OTPs to take over accounts.
Scammers send fake PayPal billing notices claiming that a subscription or service fee will be automatically charged and inviting recipients to cancel via a link — leading to a credential-harvesting page that captures PayPal login details.
Attackers use email and password combinations from previous data breaches to attempt automated PayPal logins, then phone victims claiming to be PayPal security to harvest the OTP needed to complete the takeover — blending technical and social-engineering techniques.
Criminals send fake Cash App payment-request links via SMS, email, or social media that lead to a phishing page styled as the Cash App login — collecting sign-in codes to take over accounts under the pretence of processing a legitimate payment.
Scammers impersonating Cash App claim users owe a fee, tax, or verification payment that must be paid by purchasing gift cards and sharing the codes — mirroring the classic gift-card demand scam but using Cash App's name to add apparent urgency and legitimacy.
Criminals posing as Stripe's risk team tell merchants that a large wave of chargebacks requires immediate funds to be deposited into a 'Stripe reserve account' — a safe-account variant targeting small businesses whose revenue depends on Stripe payouts.
Criminals send fake Stripe dashboard-password reset emails to merchants, directing them to a phishing page that captures the new password and 2FA code — giving attackers authenticated access to the live Stripe dashboard and its customer data and payout settings.
Attackers send phishing emails that capture Wise login credentials, then immediately use them to change the registered email address — locking the real account holder out and taking full control before any OTP challenge can be received.
Fraudsters who hold a victim's Wise login credentials call or text claiming Wise's 2FA system needs to be re-verified, talking the victim into sharing the OTP that Wise just sent — completing the account takeover the attacker was blocked from finishing alone.
Criminals send SMS or email alerts mimicking Revolut's payment-notification format, claiming a large outgoing payment was just made from the account, with a link to dispute it — leading to a credential-harvesting page that replicates Revolut's app login screen.
Fraudsters create convincing fake Revolut support accounts on Twitter/X, Instagram, and Facebook that respond to customers who post about problems publicly, gathering credentials and OTPs from users who believe they are receiving genuine Revolut help.
Fraudsters posing as Robinhood's security team tell investors that their brokerage account has been compromised and that all holdings must be liquidated and transferred to a 'Robinhood-secured custodial account' — a safe-account scam targeting retail investors' entire portfolios.
Criminals send SMS or email alerts mimicking bank transaction notifications, claiming a large subscription payment was just deducted, and directing victims to a phishing page to dispute or cancel it — harvesting banking credentials under the guise of consumer protection.
Scammers impersonating a victim's bank over the phone trigger a Zelle-related OTP to the victim's device and, posing as a fraud specialist, persuade the victim to share that code — instantly authorising a fraudulent Zelle transfer before the victim realises what happened.
Criminals pose as a bank's Zelle support team, claiming to process a refund from a cancelled service or fraudulent charge via Zelle — then manipulate the victim into sending money rather than receiving it through a bank-app navigation trick.
Scammers impersonating Wise's compliance or verification team instruct international users to purchase gift cards and share the codes to clear a supposed verification fee or account restriction — a gift-card demand scam that exploits Wise's cross-border reputation.
Criminals who cannot intercept a Cash App sign-in code by social engineering instead perform a SIM swap — transferring the victim's phone number to a SIM they control — so that Cash App's SMS-based sign-in codes arrive to the attacker's device rather than the victim's.
Criminals send emails mimicking bank purchase-confirmation notifications for large orders victims never made, with a bank-branded 'cancel this order' link that harvests online banking credentials — using the bank's authority to lend credibility to a fake e-commerce notification.
Criminals intercept or spoof B2B payment communications and substitute fraudulent Zelle account details for the legitimate payee's, diverting invoice payments to an attacker-controlled bank account before the substitution is discovered.
Criminals send fake Robinhood Gold renewal notices to brokerage account holders claiming an annual fee will be automatically charged, and provide a 'cancel subscription' link leading to a phishing page that harvests Robinhood account credentials.
Criminals impersonating a victim's own bank call to claim an account has been flagged for fraud or money laundering and demand that the victim purchase gift cards as an 'asset freeze' or 'security deposit' — a gift-card drain scam using the bank's authority to add pressure.
Scammers impersonating Wise contact account holders claiming a recently sent transfer can be cancelled and refunded, then guide them through steps that actually initiate a new outgoing transfer rather than receiving a refund.
Criminals pose as Binance customer support agents to gain account access or extract funds. Binance will never DM you first on Telegram or ask for your login credentials.
Fraudsters clone the Binance brand to promote fake crypto giveaways, promising to double coins sent to a wallet address. Binance has never run a 'send us crypto and get double back' promotion.
Attackers pose as Binance to trick users into revealing their wallet seed phrases under the guise of account verification or wallet linking. No exchange — including Binance — will ever need your seed phrase.
Criminals impersonate Coinbase support to take over accounts or steal funds. Coinbase's real support is ticket-based; the company will never call you unsolicited and ask for your password or 2FA code.
Scammers use the Coinbase name and logo to promote fake crypto giveaways on social media and via email. Coinbase has never offered a promotion where sending crypto results in double the amount being returned.
Fraudsters create fake MetaMask sites and pop-ups that trick users into signing malicious transactions, instantly emptying their wallet. MetaMask never asks you to re-enter your seed phrase to fix an error.
Attackers build near-identical MetaMask interfaces to harvest users' 12-word secret recovery phrases. Once obtained, the phrase gives permanent, irreversible access to every asset in the wallet.
Ice-phishing attacks trick MetaMask users into signing transactions that grant attackers permission to drain their tokens — without ever stealing the seed phrase. The wallet key remains intact while assets are lost.
Scammers send physical mailers and emails to known Ledger customers claiming their device has been compromised, directing them to a fake 'Ledger Live' download that steals their seed phrase. Ledger will never mail you asking to validate your device.
Criminals send fake Ledger security alerts directing users to enter their 24-word recovery phrase on lookalike sites. No Ledger process — including genuine firmware updates — ever requires entering the recovery phrase online.
Fraudulent 'recovery services' impersonate Ledger support to charge fees for recovering supposedly lost crypto, then steal whatever remains in the wallet. No legitimate recovery service needs your seed phrase.
Criminals send emails and messages claiming Trezor accounts require urgent revalidation, directing victims to fake Trezor Suite pages designed to capture their recovery seed. Trezor Suite never asks for the recovery seed in-app.
Scammers mimic Trezor's interface and communications to trick users into typing their recovery seed into a fraudulent form. The recovery seed should only ever be entered on the Trezor physical device itself.
Attackers build convincing OpenSea clones or inject malicious signature requests into NFT listings to drain connected wallets. OpenSea will never ask you to sign a transaction unrelated to a specific sale or purchase you initiated.
Criminals fake OpenSea airdrop announcements to lure NFT holders into connecting wallets on drainer sites. OpenSea does not run token airdrops requiring wallet connections to third-party claim pages.
Fraudsters impersonate Kraken customer support via phone, email, and social media to steal account credentials or authorize fund transfers. Kraken's real support operates through kraken.com's help system — not through unsolicited calls.
Scammers create fake Kraken staking promotions promising extraordinary yields, directing victims to deposit crypto in exchange for returns that never arrive. Kraken's real staking yields are displayed transparently in the official app.
Criminals combine phishing, SIM swapping, and social engineering to take over Coinbase accounts and liquidate holdings. Understanding Coinbase's security layers helps identify when something unusual is happening.
Attackers send fake Binance password-reset emails to capture login credentials or 2FA codes. Genuine Binance password-reset emails always include your personal anti-phishing code and never embed a button asking you to confirm a reset you did not request.
Fraudsters send fake Coinbase account-suspension emails to panic users into submitting credentials on phishing pages. Coinbase suspensions are communicated through in-app notices and official email — never via links demanding immediate re-verification.
Clipboard-hijacking malware targets MetaMask users by silently replacing copied wallet addresses with attacker-controlled ones at the moment of pasting. Installing MetaMask from any source other than the official browser store is a primary infection vector.
Scammers announce fake celebrity NFT collections using OpenSea's branding to draw buyers to drainer sites. OpenSea's actual listing and verification process does not guarantee a collection is from the person it claims.
Scammers send fake Coinbase 'subscription' or 'fee' renewal emails to trick users into clicking phishing links or calling fake support numbers. Coinbase does not charge a subscription fee for standard accounts.
Fraudsters invent fake Kraken token distributions to lure users into depositing crypto or connecting wallets to drainer sites. Kraken does not distribute free tokens requiring wallet connections to external claim pages.
Criminals pose as Trezor support agents on Reddit, Twitter, Discord, and Telegram to guide users through 'troubleshooting steps' that lead to seed-phrase disclosure. Trezor's official support operates only through trezor.io/support.
Criminals construct fake OpenSea listing flows that trick NFT owners into signing EIP-712 orders transferring their assets at zero price. Understanding what OpenSea's genuine listing signature looks like is the key defense.
Attackers chain phishing, OTP interception, and API key theft to seize Binance accounts and drain holdings in minutes. Enabling Binance's withdrawal whitelist and authenticator-app 2FA makes takeover far harder.
Fraudsters clone Binance's Earn and staking products to lure users into sending crypto to external addresses with promises of extraordinary yields. Binance Earn and staking are managed entirely within the Binance platform.
Scammers embed fake Coinbase live-chat widgets on phishing sites and intercept users searching for help. Coinbase's real support is at coinbase.com/help — any chat window on a third-party site is fraudulent.
Fraudulent 'Coinbase recovery specialists' charge upfront fees to recover lost funds, then steal whatever remains. Coinbase's genuine recovery options are limited and handled only through coinbase.com/help.
There is no MetaMask phone support line or live chat agent. Anyone claiming to be MetaMask support in a DM, by phone, or on social media is attempting to steal your seed phrase or wallet access.
Scammers fabricate MetaMask token airdrops requiring users to connect wallets on drainer sites. MetaMask does not distribute tokens requiring wallet connections to external claim pages.
Criminals clone Coinbase's staking interface to redirect deposits to their own wallets. Coinbase's real staking is available only through the official Coinbase app or website — never via emailed links to external platforms.
Scammers use Kraken's logo and name to run fake crypto doubling giveaways on YouTube and social media. Kraken has never run a promotion where sending cryptocurrency results in a larger return.
Scammers intercept Ledger users seeking help by posing as official support agents on social media and through fake phone lines. Ledger's real support is at support.ledger.com — no agent there will ever ask for your recovery phrase.
Fraudsters pose as Ledger to promote fake staking programs requiring users to send crypto or share their recovery phrase. Ledger Live integrates with real staking protocols, but never requires sending funds to Ledger-controlled addresses.
Scammers posing as Binance technical support convince users to install remote-desktop software and then take control to drain accounts. No genuine Binance support process involves remote access to your device.
Fake 'Trezor recovery specialists' charge fees to supposedly restore wallets or retrieve lost funds, then steal any remaining assets. Trezor does not have recovery partners — wallet recovery uses only the physical device and the recovery seed.
Attackers use phishing, SIM swapping, and social engineering to hijack Kraken accounts and liquidate holdings. Kraken's Global Settings Lock and authenticator-app 2FA are the most effective defenses.
Criminals pose as Coinbase to steal users' Coinbase Wallet seed phrases, giving permanent access to all assets in the self-custody wallet. Coinbase's exchange service does not use seed phrases — but Coinbase Wallet does, and it should never be shared.
Scammers target NFT creators with fake OpenSea creator-payment or royalty-update requests that contain malicious EIP-712 parameters. Legitimate OpenSea royalty settings are managed through the creator dashboard at opensea.io — no signature is needed via email or DM.
Attackers send fake Kraken password-reset emails to capture login credentials and 2FA codes. Genuine Kraken password-reset emails direct you to kraken.com directly — they do not embed action buttons linking to external domains.
Fraudsters send fake Kraken account-suspension emails to panic users into submitting credentials on phishing pages. Genuine Kraken account restrictions are communicated through the platform and resolved at kraken.com.
Criminals distribute fake Ledger Live updates through phishing emails and lookalike download sites. The fake software captures the recovery phrase during a fake 'restore' step. Ledger Live updates are delivered only through the official app.
Scammers fabricate Binance token distribution events requiring wallet connections or seed phrases to 'claim' free tokens. Legitimate Binance token distributions are announced on binance.com and never require external wallet-connect flows.
Attackers build fake DeFi protocol front-ends that impersonate MetaMask's approval interface to trick users into signing transactions enabling flash-loan-style fund drains. MetaMask only executes what the user explicitly approves — reading every transaction detail is the key defense.
Criminals pose as OpenSea support agents on Discord, Twitter, and Telegram to trick NFT holders into connecting wallets or sharing information on drainer sites. OpenSea support operates only through support.opensea.io.
Fake Trezor hardware wallets sold on third-party marketplaces may be pre-seeded with known recovery phrases controlled by the seller. Always buy Trezor devices directly from trezor.io or an authorized reseller.
Attackers use fake Binance security alerts to trick users into resetting their 2FA to an attacker-controlled method. Any unexpected 2FA change request should be verified directly at binance.com — never through an email link.
Criminals send fake OpenSea offer-received emails designed to rush NFT owners into clicking phishing links or signing malicious transactions. Genuine OpenSea offers are reviewed by logging into opensea.io directly.
Scammers announce fake Ledger token airdrops or hardware wallet holder rewards requiring recovery phrase entry or wallet connection. Ledger does not distribute tokens through external claim pages and has no native cryptocurrency token.
Criminals promote fake NFT staking programs using OpenSea's brand, promising passive ETH income for staking NFTs on third-party sites. OpenSea does not operate an NFT staking yield product requiring wallet approvals on external sites.
Scammers fake Kraken communications to extract wallet seed phrases by conflating the custodial exchange with self-custody wallets. The Kraken exchange itself does not use seed phrases — and no process ever legitimately requires sharing one.
Counterfeit Ledger hardware wallets sold through unofficial channels may have modified firmware that transmits seed phrases to scammers. Only buy from ledger.com or the official Ledger authorized reseller network.
Scammers send SMS messages pretending to be DHL, claiming a parcel is held and demanding a customs or redelivery fee via a phishing link. The real DHL proactively sends tracking updates only after you register for them and never demands payment through an unsolicited text link.
Criminals send emails and texts impersonating FedEx, claiming an incoming shipment is held in customs and a fee must be paid before delivery. FedEx's real brokerage and customs processes work through documented channels and verified account portals — not one-off payment links.
Scammers send SMS messages impersonating USPS with fabricated tracking numbers and links to phishing sites. A crucial real-world norm: USPS only sends tracking texts if you specifically requested them — an unsolicited USPS tracking text is a near-certain scam.
Fraudsters drop fake 'While You Were Out' cards or send texts impersonating Royal Mail, directing recipients to phishing sites that steal card details under the guise of paying a redelivery or storage fee. Real Royal Mail redelivery is free and booked at royalmail.com.
Scammers send emails and texts impersonating the IRS, claiming the recipient is owed a tax refund and must verify personal and banking details to receive it. The real IRS initiates all contact by mail, never by email or text, and issues refunds through the process you set up when you filed — not via unsolicited messages.
Criminals call victims posing as IRS agents, claiming outstanding tax debt has led to a warrant for their arrest and demanding immediate payment by wire transfer, cryptocurrency, or gift cards to avoid jail. The real IRS never demands immediate payment by phone, never accepts gift cards, and never threatens arrest without first sending multiple formal notices.
Criminals impersonate HMRC through phone calls, texts, and emails, threatening immediate arrest or legal action unless an outstanding tax debt is paid at once. HMRC never threatens immediate arrest in an unsolicited call, never demands gift-card payment, and does not initiate serious collection action without prior written communication.
Scammers send emails and texts impersonating HMRC, telling recipients they are owed a tax rebate and must click a link to claim it. HMRC never sends unsolicited refund links by email or text; genuine refunds are applied to your account or sent by post after you or your employer triggers a recalculation.
Fraudsters impersonate the Department for Work and Pensions, sending messages claiming benefit claimants must re-verify their identity online to avoid payment suspension. The real DWP conducts reviews through formal letters and documented face-to-face or phone appointments — not via unsolicited links requesting login credentials.
Scammers send texts and emails impersonating the Driver and Vehicle Licensing Agency, claiming the recipient's vehicle tax or driving licence is about to expire and a fee must be paid immediately via a link. The real DVLA sends official renewal reminders by post and processes payments only through gov.uk — not through links in unsolicited messages.
Criminals impersonate the Social Security Administration, calling to claim the recipient's SSN has been suspended or they have an outstanding overpayment, and demanding immediate wire transfer or gift-card payment. The real SSA communicates primarily by mail and never demands immediate payment by phone under threat of arrest.
Scammers impersonate Service Canada by phone, text, and email, claiming CPP, EI, or OAS recipients must re-verify their identity to continue receiving payments. The real Service Canada initiates benefit reviews through registered mail and secure My Service Canada Account messages — not through unsolicited links or urgent phone demands.
Scammers impersonate Centrelink (Services Australia) by phone and text, claiming recipients have an overpayment debt or that their myGov account needs re-verification to avoid payment suspension. Real Centrelink debt notices are sent through your myGov inbox or by post, and Centrelink never demands immediate payment by phone under threat of legal action.
A wave of smishing campaigns misuses USPS branding (and other government-adjacent brand signals) to distribute fake toll-violation payment demands. While USPS does not administer toll roads, scammers borrow its trusted name to add legitimacy to fake E-ZPass or state toll-agency demands sent via SMS.
Scammers send phishing messages impersonating the IRS and claiming recipients are entitled to unclaimed stimulus payments or Economic Impact Payments, directing them to fake IRS portals to enter banking and identity information. The real IRS distributes economic impact payments automatically based on filed tax returns and never solicits bank details through unsolicited digital messages.
Criminals send texts claiming a DHL parcel is waiting in a locker and a PIN code or small fee is needed to release it, linking to a phishing site that steals card details. Real DHL Packstations and parcel lockers send access codes through the official DHL app or email — not through payment links.
Criminals send mass SMS campaigns impersonating FedEx, with messages about undelivered parcels, address confirmation requests, or account security alerts that link to credential-harvesting sites. FedEx's legitimate text notifications are tied to shipments you track and never ask for login credentials or payment via a link.
Scammers send emails and texts impersonating the DVLA, claiming a driving licence is due for renewal and directing recipients to fake GOV.UK pages that charge inflated fees and harvest identity documents. The real DVLA sends renewal reminders by post, and the official fee is significantly lower than what scam sites charge.
Criminals call immigrants and non-citizens impersonating the SSA and claim their Social Security Number has been linked to criminal activity, threatening deportation unless an immediate payment is made. The SSA has no immigration enforcement role and never calls individuals to threaten deportation.
Scammers impersonate DWP assessors or Universal Credit coaches, contacting PIP and disability benefit claimants claiming an urgent review will result in payment suspension unless personal medical information and bank details are provided. Real DWP benefit reviews follow a formal, written process with significant advance notice.
Scammers target students with HMRC-branded emails and texts claiming they are owed a tax refund on part-time or summer employment income. Students who have never filed a tax return are particularly vulnerable because they may not know how tax refunds genuinely work.
Scammers impersonate Centrelink by sending texts and emails about government cost-of-living payments or economic support bonuses, directing recipients to fake myGov pages to 'register' their banking details. Real one-off government payments in Australia are deposited automatically to the account on file — no registration via a link is needed.
Criminals use phishing to collect enough personal data to file fraudulent federal tax returns in victims' names, claiming refunds before the legitimate taxpayer files. The IRS has specific procedures to deal with tax identity theft, including the Identity Protection PIN programme.
Scammers send emails impersonating DHL's security team, claiming the recipient's DHL account has been flagged for unusual activity and their login must be verified. The phishing page steals DHL account credentials that criminals then use to reroute expected deliveries or harvest saved personal data.
Scammers clone the USPS Informed Delivery enrolment flow to steal Government credentials and personal data. Victims who sign up for the fake service instead hand over their details to criminals who may then hijack the real Informed Delivery account to monitor incoming mail.
Fraudsters send emails and texts impersonating Royal Mail, claiming an inbound parcel is held in customs and a fee must be paid to release it. While genuine UK customs and import VAT charges do exist for overseas parcels, they are communicated through official HMRC customs notices or the Royal Mail customs charges page — not through a link in an unsolicited SMS.
Criminals call Canadians posing as Service Canada agents, claiming their Social Insurance Number has been compromised or suspended due to criminal activity, and demanding immediate payment or information sharing to resolve the situation. Service Canada cannot suspend SINs and never demands payment by phone.
Criminals leave counterfeit DHL missed-delivery cards or send fake SMS notifications directing recipients to phishing sites that demand a redelivery fee. Real DHL missed-delivery notices are either left as paper slips with collection instructions or sent through the DHL app — they never demand payment to rebook delivery.
Mass SMS campaigns impersonate DHL with fabricated shipment alerts, address-confirmation requests, and account security messages to harvest credentials and card details. Genuine DHL shipment notifications are tied to specific tracked parcels in your DHL account and never solicit passwords or payments through embedded links.
Scammers send emails and texts containing fabricated DHL tracking numbers that link to phishing sites rather than the real DHL tracking system, used to harvest card details or credentials under the guise of resolving a delivery issue. Real DHL tracking numbers always resolve at dhl.com.
Criminals send unsolicited texts impersonating FedEx, claiming a parcel could not be delivered and asking recipients to click a link to reschedule or pay a small fee. Real FedEx delivery text notifications are tied to shipments you track and never require payment via an unsolicited link.
Fraudsters leave counterfeit FedEx door tags or send fake missed-delivery messages directing recipients to phishing sites that charge redelivery fees. Real FedEx door tags are left at the delivery address with a tracking number and free rescheduling instructions — they never demand a fee.
Fraudsters send emails with fabricated FedEx tracking numbers to create the appearance of a legitimate shipment notification, then direct recipients to phishing sites through embedded links. Any tracking number can be verified instantly at fedex.com before taking any action.
Scammers send texts and emails impersonating USPS, claiming an inbound international parcel is being held by US Customs and that a release fee must be paid via a link. USPS does not collect customs duties through text message links — legitimate import fees are handled through US Customs and Border Protection processes.
Criminals send fake USPS missed-delivery notices — either physical cards or text messages — directing recipients to phishing sites that charge a redelivery fee. Real USPS redelivery scheduling is always free at usps.com/redelivery and requires no payment.
Scammers send SMS messages impersonating Royal Mail, claiming a parcel awaits delivery and a small fee must be paid to release it. Royal Mail does not demand fees via unsolicited SMS links — its primary missed-delivery process involves a physical card and a free reboarding process.
Criminals send emails and texts containing fabricated Royal Mail tracking numbers linking to phishing sites that harvest card details under the guise of resolving a delivery issue. Any Royal Mail tracking number can be verified free at royalmail.com/track-your-item.
Scammers impersonate IRS-contracted private debt collectors, calling to demand immediate tax-debt repayment and threatening legal action. While the IRS does use a small number of private collection agencies, it follows a strict notification process before any agency contacts a taxpayer — and legitimate collectors never demand gift cards.
Criminals call victims posing as HMRC compliance officers, claiming that a warrant for their arrest has been issued for tax fraud and that immediate payment is required to avoid police attendance. HMRC never threatens immediate arrest in an unsolicited phone call and does not demand payment by gift card or wire transfer.
Scammers send texts and emails impersonating HMRC, claiming recipients must re-verify their Child Benefit claim online to prevent suspension. HMRC reviews Child Benefit eligibility through formal written correspondence — not through unsolicited links requiring credential entry.
Scammers send texts and emails impersonating the DVLA, claiming the recipient's vehicle was captured on a toll road or in a congestion zone without paying, and demanding an immediate penalty fee via a link. The DVLA does not administer toll roads or congestion charges — those are managed by separate authorities.
Criminals send messages impersonating the Social Security Administration, claiming recipients are owed a Social Security tax rebate or overpayment refund and must provide banking details to receive it. The SSA does not issue unsolicited tax-refund or rebate notices by email or text — any such payment would be communicated by mail.
Scammers send messages impersonating the SSA and claiming that an emergency benefit payment or government stimulus supplement has been allocated to the recipient's Social Security account, directing them to a fake portal to claim it. The SSA does not distribute stimulus payments and never solicits banking details via unsolicited texts or emails.
Scammers contact Social Security recipients claiming their benefits are under review and that identity reverification must be completed online or by phone to prevent suspension. The SSA communicates benefit reviews through official letters delivered by mail — not through unsolicited texts or calls demanding immediate credential confirmation.
Scammers send texts and emails impersonating Service Canada, claiming a one-time cost-of-living or inflation relief payment has been approved for the recipient and that banking details must be submitted via a link to receive it. Real Canadian government one-off payments are deposited automatically or claimed through official portals — not through unsolicited SMS links.
Criminals send emails and texts mixing Service Canada and Canada Revenue Agency branding to claim tax refunds are waiting, directing recipients to fake portals that harvest SIN and banking details. Tax refunds in Canada are administered by the CRA — not Service Canada — and are never claimed through unsolicited SMS links.
Scammers send texts and emails impersonating Centrelink, claiming recipients must reverify their identity through myGov to prevent payment suspension. Real Centrelink identity reviews involve formal written communication — not unsolicited links to credential-harvesting fake myGov pages.
Scammers impersonate Centrelink assessors or Services Australia officers, contacting DSP recipients with claims that their disability classification is under review and that medical and personal details must be resubmitted urgently to prevent payment cancellation. Real DSP reviews follow a formal documented process with advance written notice.
Criminals call Australians impersonating Centrelink, claiming their government welfare account or tax file number has been linked to suspicious activity and will be suspended unless they verify their identity and pay a 'security deposit.' Centrelink does not suspend TFNs and never demands immediate payment by phone.
Scammers send texts and emails impersonating the DWP, claiming that a cost-of-living payment or energy support payment has been approved for the recipient but must be claimed via a link within a deadline. Real UK government cost-of-living payments are paid automatically to eligible recipients — no separate registration or link-based claim is ever required.
Criminals call or text people impersonating DWP officials, claiming their benefit account has been flagged for fraud or their National Insurance number has been linked to criminal activity, and demanding payment or credential sharing to resolve the situation. The DWP cannot suspend National Insurance numbers and never demands immediate payment by phone.
Scammers send emails impersonating Royal Mail's security team, claiming suspicious login activity was detected and the recipient must verify their credentials immediately. A compromised Royal Mail Click and Drop or business account can be used to redirect parcels, harvest addresses, and commit shipping fraud.
Mass SMS campaigns impersonate USPS with fabricated delivery alerts and address-confirmation requests, linking to phishing sites. USPS only sends text updates for tracking numbers you have specifically enrolled to receive notifications for — unsolicited USPS texts are a near-certain indicator of smishing.
Phishing emails impersonate FedEx's security team to harvest FedEx account credentials. A compromised FedEx account exposes saved addresses, payment methods, and business shipping data, and can be used to redirect in-transit shipments or commit billing fraud.
Criminals send fake DHL shipment confirmation emails — ostensibly for orders the recipient did not place — to trick them into clicking a 'cancel shipment' link that leads to a phishing or malware site. The panic of seeing an unfamiliar order confirmation lowers rational scrutiny.
Criminals send fake USPS package confirmation or hold notification emails for shipments the recipient never ordered, prompting them to click a 'manage package' link that leads to a phishing page or malware site. The real USPS only sends confirmation emails for shipments linked to your existing account or enrolled tracking.
Scammers send IRS-branded messages claiming that Social Security benefits are subject to a special tax assessment and that recipients must pay immediately to avoid a lien or criminal referral. While Social Security benefits can be taxable, the IRS communicates this through the regular tax-return process — not through unsolicited phone demands.
Mass SMS campaigns impersonate Royal Mail to send delivery alerts, address-verification requests, and parcel-fee notices that link to credential-harvesting phishing sites. Royal Mail's legitimate SMS notifications are tied to tracked services you have registered — unsolicited payment-request texts are not part of Royal Mail's standard communication.
Criminals call UK residents impersonating HMRC officers, claiming their National Insurance number has been suspended due to suspicious activity and that immediate payment is required to reinstate it. HMRC cannot suspend National Insurance numbers and never demands payment by phone to resolve such issues.
Scammers send fake FedEx shipment confirmation emails for orders the recipient never placed, prompting panic clicks on 'cancel shipment' links that lead to phishing pages or malware downloads. Any FedEx tracking number in the email can be verified instantly at fedex.com.
Phishing emails and texts impersonating USPS claim the recipient's USPS.com account has unusual activity and must be verified, harvesting login credentials. A compromised USPS.com account gives access to Informed Delivery mail scans, saved addresses, and package redirect settings.
Scammers call immigrants and foreign nationals in the UK impersonating HMRC, claiming their National Insurance number was used in financial crimes and that deportation proceedings will begin unless an immediate payment is made. HMRC has no immigration enforcement powers and never initiates deportation threats.
Criminals call or send letters impersonating the DVLA, claiming the recipient faces an arrest warrant or court summons for outstanding vehicle tax or licence violations. The DVLA has no arrest powers and does not issue court summonses directly — enforcement involving unpaid vehicle excise duty goes through DVLA civil processes and HMRC, not direct arrest threats.
Scammers call immigrants and foreign workers impersonating the IRS, claiming their ITIN or SSN was used in financial crimes and that deportation or visa revocation will follow unless an immediate payment is made. The IRS has no immigration enforcement role and never arranges deportation.
Scammers send letters, emails, or texts impersonating USPS and claiming the recipient has won a USPS customer reward, loyalty points redemption, or a prize in a postal survey — requiring a small processing fee or personal details to claim. USPS does not run consumer lottery or reward redemption programmes of this kind.
Criminals call Australians impersonating Centrelink or Services Australia officers, claiming an alleged welfare overpayment or fraud investigation has resulted in a police referral or arrest warrant, and demanding immediate payment to cancel it. Services Australia does not arrange arrest warrants via cold calls.
Criminals call Canadians impersonating Service Canada agents, claiming an RCMP warrant for their arrest has been issued due to SIN-linked criminal activity, and demanding immediate payment to cancel it. Service Canada has no arrest powers and never demands gift card payment to resolve investigations.
Criminals send fake Amazon order-confirmation emails designed to panic recipients into clicking a cancellation link, harvesting their Amazon login and payment details.
You receive an unexpected Amazon parcel you never ordered; third-party sellers are using your address to generate fake verified-purchase reviews, and your account or data may have been compromised.
Fraudsters send fake emails or text messages claiming you have expiring Amazon reward points or a prize to claim, leading to a phishing page or a fee-based redemption trap.
Scammers send fake eBay purchase or payment notifications to lure both buyers and sellers into handing over login credentials or banking details.
Fraudsters contact eBay buyers claiming their purchased item qualifies for an extended warranty or enhanced buyer protection, then collect fees for coverage that does not exist.
Phishing emails impersonating eBay warn that your account has been suspended or limited, directing you to a fake sign-in page where your credentials are stolen.
Fraudsters send fake Walmart purchase-confirmation emails and texts to panic recipients into clicking a link that steals their Walmart account credentials or payment details.
Scammers impersonate Walmart to claim a product the victim purchased has been recalled, then collect personal and payment details under the guise of processing a refund.
Scammers impersonate Target to promote fake gift-card giveaways, or tamper with physical Target gift cards to drain balances before victims can use them.
Criminals send fake Target purchase-confirmation emails referencing large electronics or gift-card orders, then direct alarmed recipients to a phishing page to 'cancel' and harvest credentials.
Fraudsters send fake Target Circle reward notifications claiming the recipient has earned significant points or a bonus that must be redeemed immediately, leading to a phishing or fee-charging trap.
Scammers impersonate Home Depot to sell fake extended warranties or protection plans for appliances and tools, collecting fees for coverage that does not exist.
Fraudulent emails mimicking Home Depot order confirmations for tools, appliances, or large purchases alarm recipients into clicking a phishing link to cancel the supposed transaction.
Scammers send fake Geek Squad renewal invoices for antivirus subscriptions, then trick alarmed recipients into calling a number where they are convinced to hand over remote access and banking credentials.
Fraudsters pose as Geek Squad technicians to offer fake computer-repair or virus-removal services, gaining remote access to steal data or charge for worthless work.
Scammers hack hotel accounts on Booking.com or send spoofed messages asking guests to re-enter payment details through a fake verification link, redirecting card payments to the fraudster.
Fraudulent websites mimic Booking.com's design to take payment for hotel reservations that are never made, leaving travellers without accommodation on arrival.
Fraudulent hosts or impersonators ask Airbnb guests to complete payment or identity verification outside the Airbnb platform, stealing money or credentials.
Scammers impersonate Marriott Bonvoy to offer fake points transfers, redemption opportunities, or account-upgrade promotions, harvesting member credentials and draining loyalty balances.
Fraudsters impersonate Hilton to send fake Hilton Honors account-verification requests, stealing credentials and draining member points for fraudulent reward redemptions.
Scammers impersonate Delta Air Lines to offer fake flight refunds or EU261-style compensation, harvesting personal details and charging processing fees that disappear with the fraudster.
Fraudulent websites and search ads list fake Delta customer-service numbers, connecting callers to scammers who charge fees for booking changes or steal payment details.
Fraudsters impersonate United Airlines to offer fake refunds, delayed-flight compensation, or MileagePlus bonus miles, harvesting personal data and charging fictitious processing fees.
Scammers phish Uber credentials to take over accounts, then use stored payment methods to book rides or Uber Eats orders, leaving real account holders with fraudulent charges.
Scammers impersonate Lyft support to process fake overcharge refunds or account security actions, ultimately harvesting credentials or payment details from drivers and riders.
Criminals impersonate AT&T to trick customers into approving an eSIM swap or signing up for a fake roaming plan, hijacking phone numbers for account takeovers or charging for nonexistent services.
Unauthorised third-party subscription charges — often for ringtones, horoscopes, or premium content — appear on AT&T phone bills, disguised as legitimate AT&T service fees.
Scammers impersonate Verizon support agents to obtain account PINs, billing details, or remote device access under the pretext of resolving service issues or security alerts.
Scammers send fake Verizon rebate or trade-in credit notifications that direct customers to enter payment details on a fraudulent site to 'receive' a credit that never arrives.
Criminals send fake T-Mobile notifications about mandatory eSIM upgrades or attractive international roaming bundles, using them to hijack phone numbers or collect fraudulent payment.
Scammers use third-party billing to add unauthorised premium SMS subscription charges to T-Mobile bills, or send fake T-Mobile messages luring customers into inadvertently subscribing.
Criminals impersonate Vodafone customer service agents to harvest account credentials, authorise SIM swaps, or sell fake plan upgrades to Vodafone customers.
Fraudsters send fake Vodafone notifications about mandatory eSIM upgrades or unexpected roaming charges, directing customers to phishing pages or charging for bogus plan add-ons.
Criminals send fake messages appearing to come from 'your carrier' — without specifying which one — exploiting the fact that most people have a mobile plan and will assume the message applies to them.
Scammers pose as Tinder matches asking potential dates to complete a fake 'Tinder safety verification' before meeting, harvesting personal details or credit card information on fraudulent sites.
A scammer builds a fake Tinder relationship, manipulates the victim into sharing intimate images or video, then threatens to publish the content unless a payment is made.
A Tinder profile claiming to be a wealthy benefactor offers financial support in exchange for companionship, then extracts fees or gift cards from victims under various pretexts before disappearing.
Scammers ask Bumble users to complete a fake 'Bumble safety check' through an external website, capturing personal data or enrolling victims in fraudulent paid subscriptions.
Fraudulent profiles on Bumble manipulate victims into sharing intimate content, then use that material to extort money with threats to distribute it to the victim's contacts.
Scammers impersonate Hinge by sending fake video or identity verification requests to matches, leading them to third-party sites that capture personal data or enrol them in fraudulent subscriptions.
Fraudulent Hinge profiles impersonating celebrities, successful professionals, or military personnel build fake romantic relationships and eventually extract money through a series of increasingly convincing financial pretexts.
Scammers pose as Uber support to process fake cancellation-fee refunds or disputed surge charges, collecting card details under the pretence of reversing the charges.
Phishing emails and texts impersonating Lyft claim the recipient's account has been accessed from an unknown device, directing them to a fake login page to steal credentials.
Scammers send fake Airbnb cancellation notifications or Resolution Centre emails to guests or hosts, directing them to phishing pages under the pretence of processing a refund or dispute.
Criminals send fake pre-arrival messages impersonating Marriott hotels asking guests to re-confirm payment card details through an external link before check-in.
Fraudulent search results and websites list fake United Airlines support numbers, connecting travellers to scammers who charge fees for booking changes or steal payment and MileagePlus credentials.
Scammers send fake Walmart reward and cash-back notifications claiming accumulated store credits are about to expire, directing recipients to phishing pages to 'redeem' them.
Scammers impersonate Hilton to offer fake Hilton Honors points transfers, status matches, or exclusive member upgrades, harvesting credentials and draining accumulated rewards.
Criminals send fake Best Buy purchase-confirmation emails for expensive electronics, panicking recipients into calling a fake support number or clicking a phishing link to cancel the supposed order.
Fraudsters impersonate Delta to offer fake SkyMiles bonus transfers, Medallion status matches, or points redemption opportunities, harvesting SkyMiles credentials and draining members' mile balances.
Scammers send fake Geek Squad Total Tech or Best Buy membership renewal invoices by email or letter, tricking recipients into calling a fraudulent refund line.
Third-party Walmart Marketplace sellers send unsolicited packages to real addresses to post fake verified-purchase reviews, sometimes indicating personal data exposure.
Phishing emails impersonating Booking.com warn of suspicious activity or a required account review, directing travellers to a fake login page to steal credentials and stored payment data.
Scammers send fake Delta flight-cancellation notifications and claim the passenger must use an external portal to claim their refund, harvesting card details or charging processing fees.
Third-party eBay sellers create ghost purchases using real addresses to generate fake verified-purchase reviews, and victims receive unsolicited items with no return address.
Scammers posing as Uber drivers or support agents ask riders to read aloud a one-time SMS code, using it to bypass Uber's two-factor authentication and take over the account.
Fraudulent websites impersonating Airbnb list non-existent or unavailable properties, collecting payment for accommodations that do not materialise, leaving travellers stranded.
Mass-distributed fake text messages impersonating Verizon claim unpaid bills, account issues, or delivery notifications, directing recipients to phishing pages.
Malicious or deceptive websites display fake Geek Squad antivirus alerts in the browser, claiming the computer is infected and urging victims to call a bogus Geek Squad helpline.
Scammers send fake Amazon package-delivery text messages claiming a parcel is held or delayed, directing recipients to a phishing page to 'confirm' address or payment details.
Fraudulent websites and search ads present fake AT&T customer service chatbots that harvest account credentials, billing details, or personal information under the guise of resolving service issues.
Phishing emails impersonating Bumble warn of account suspension or security issues, directing users to fake login pages that capture credentials for account takeover.
Scammers deploy counterfeit live-chat widgets and bot pop-ups that mimic Apple Support, tricking users into surrendering Apple ID credentials or paying bogus fees to resolve invented device problems.
Phishing emails and push notifications mimicking Apple warn victims that their iCloud storage is nearly full, steering them to fake upgrade pages that steal payment details or Apple ID credentials.
Rogue apps distributed through the App Store or advertised via lookalike pages enroll victims in expensive recurring subscriptions after a deceptive free-trial flow, exploiting Apple's In-App Purchase system.
Scammers display browser pop-ups styled as Microsoft Defender security alerts, claiming a virus has been detected on the victim's PC, and pressure them into calling a fake helpline or installing remote-access software.
Phishing emails styled as Microsoft OneDrive notifications claim the victim's cloud storage is full or a file has been shared, directing them to a fake Microsoft sign-in page to harvest their Microsoft account credentials.
Scammers pose as corporate IT helpdesks running on Microsoft 365, sending phishing emails or Teams messages that instruct employees to 're-verify' their credentials through a fake portal before a supposed account migration or security audit.
Scammers impersonating Google Support or Google Play claim a fee, fine, or overdue subscription balance must be settled immediately using Google Play gift cards — a payment method the real Google never requests.
Scammers send emails or messages impersonating Google, claiming recipients can obtain a 'Google Verified Business' or 'Google My Business verification badge' by paying a fee or providing credentials — neither of which Google requires.
Scammers clone real Facebook users' profiles by copying their name, photo, and public information to create a duplicate account, then impersonate the victim to defraud their friends — often using the Meta brand in messages to add false credibility.
Criminals operate fake Meta or Facebook support chat pages and Messenger bots that mimic official Meta helpdesk communications, steering users into surrendering account passwords, two-factor codes, or payment details.
Fraudsters posing as Instagram staff or third-party 'badge services' promise to apply the blue verified checkmark to accounts in exchange for a fee, login credentials, or completion of a phishing form — none of which Instagram requires.
Scammers operate fake 'WhatsApp Support' accounts within WhatsApp itself or on the web, impersonating the platform's help team to steal account registration codes, enabling complete account hijacking.
Scammers impersonating TikTok support or TikTok Shop demand victims pay alleged account fees, advertising balances, or dispute penalties using TikTok gift cards or other gift cards — a payment method TikTok never requires.
Criminals clone Telegram accounts by copying a real user's name and profile photo to create an identical-looking account, then contact the victim's known contacts to solicit money, investments, or sensitive information.
Scammers send phishing emails claiming a Spotify Premium payment has failed and that victims must settle the balance using Spotify or other gift cards — exploiting the fact that Spotify does sell gift cards in retail stores.
Rogue apps in mobile app stores mimic the Netflix name and interface to enroll users in expensive recurring subscriptions, while fake Netflix websites outside the official app stores harvest credit card details under the guise of a discounted plan.
Scammers posing as Disney+ billing support claim a subscription payment has failed and pressure victims into purchasing gift cards to settle the balance — a method Disney+ never uses for billing.
Fraudsters target iOS developers and app publishers by offering fake 'Apple Verified Developer' certificates or App Store badges in exchange for fees or Apple Developer account credentials.
Scammers create lookalike Microsoft 365 sign-up pages and mobile apps that enroll victims in expensive recurring charges while providing no real Microsoft 365 access.
Scammers create malicious OAuth apps that abuse the legitimate 'Sign in with Google' flow, tricking users into granting third-party apps broad access to their Google account, email, and contacts.
Scammers posing as Instagram support claim an account violation penalty or boosted-post advertising balance must be paid via gift cards — a payment method Instagram and Meta never use for account compliance.
Scammers offer paid 'WhatsApp Verified Business' green-tick badge services to small businesses, either harvesting payment details or the business's WhatsApp account credentials.
Scammers operate fake TikTok support accounts and web chat widgets, impersonating TikTok's Creator Support team to extract account credentials, two-factor codes, or banking information from creators seeking help.
Fraudulent websites and app store listings mimic Telegram's own subscription offering to enroll victims in costly recurring charges that do not provide real Telegram Premium access.
Scammers target Netflix content creators and indie filmmakers with offers of a paid 'Netflix Verified Creator' credential or listing — a product Netflix does not sell — to harvest payment details or account credentials.
Fraudulent Disney+ support websites deploy chat widgets that appear to be official Disney+ Help, guiding victims through account 'verification' that harvests login credentials or payment card details.
Scammers create duplicate Spotify artist profiles or impersonate Spotify's official artist team on social media to contact musicians with fabricated royalty claims or fake streaming promotions that harvest personal and banking details.
Fraudsters create lookalike 'Sign in with Apple' pages embedded in fake app flows or phishing sites to harvest Apple IDs and passwords, bypassing Apple's privacy relay and accessing the victim's wider Apple ecosystem.
Scammers create Microsoft Teams accounts that clone the display name and profile photo of a company executive or IT contact to send fraudulent internal messages requesting urgent payments, data, or credential changes.
Scammers target Netflix employees or users by impersonating Netflix's internal IT team, sending phishing messages claiming a mandatory security re-verification is required before account access is restored.
Scammers send WhatsApp messages impersonating WhatsApp support, claiming users must pay a service continuation fee using gift cards or else their account will be deactivated — WhatsApp has no such fee and does not accept gift card payments.
Malicious third-party apps and websites abuse TikTok's OAuth login integration to request excessive permissions — or replicate the TikTok login flow on fake pages — to steal creators' account access tokens.
Phishing pages mimic Disney+'s sign-in experience to harvest Disney account credentials that also unlock Disney Parks reservations, ShopDisney purchases, and linked payment methods stored in the Disney ecosystem.
Fraudulent websites deploy chat widgets claiming to be 'Google Support,' steering users who search for help with Google accounts, Workspace, or Play billing into surrendering credentials or making payments.
Scammers impersonating Meta's advertising or trust and safety teams demand that Facebook advertisers pay fake policy violation fees or overdue ad balances using gift cards — a payment method Meta never uses.
Rogue apps in mobile app stores claim to boost Instagram followers and engagement, but instead enroll users in costly recurring subscriptions while harvesting Instagram credentials through a fake 'Sign in with Instagram' flow.
Scammers message Telegram users claiming their Telegram Premium subscription has expired and must be renewed by purchasing gift cards — a method Telegram never uses for any subscription or fee.
Fraudulent Spotify support websites use live chat widgets to convince subscribers that billing or account problems require credential verification, ultimately stealing Spotify login details and linked payment information.
Scammers exploit Netflix's genuine account-sharing restrictions by cloning friends' or family members' Netflix-linked social profiles to send fake 'invite to household' messages that lead to credential phishing pages.
Scammers clone the LinkedIn or email identity of Apple executives or the Apple brand itself to contact suppliers, partners, and employees with fraudulent purchase orders, wire transfer requests, or credential demands.
Fraudulent apps listed on Google Play or advertised via lookalike Google Play pages enroll users in expensive recurring subscriptions while impersonating Google's brand to appear trustworthy.
Scammers offer fake Disney+ Creator Network verification badges or official Disney Creator partnerships to fan content creators in exchange for fees or personal information — no such paid badge service exists.
Scammers impersonate Meta's internal IT or security operations team to contact Facebook employees or Business Suite users with phishing requests for 'mandatory security re-verification' that harvests corporate or personal credentials.
Scammers send fake Google Drive document-sharing notifications to harvest Google account credentials, exploiting the fact that genuine Google Drive sharing emails look almost identical to the phishing version.
Scammers impersonate WhatsApp's security operations team to contact users — often via email or a fake WhatsApp business account — with urgent requests to verify account details or install a 'security patch,' leading to credential or device compromise.
Scammers offer paid TikTok verification badge services through DMs, fake websites, and social media ads — charging creators fees or harvesting credentials in exchange for a blue tick that cannot be obtained this way.
Lookalike Spotify apps in mobile app stores enroll users in expensive recurring subscriptions using Spotify's branding, while the official Spotify app is free to download and manages its own subscription in-app.
Scammers send phishing calls or emails impersonating Netflix billing support, claiming an account balance must be paid via Netflix Gift Cards or other gift cards — Netflix does not accept gift cards for billing resolution.
Criminals send convincing PayPal-branded invoices or payment requests to redirect legitimate business payments into accounts they control.
Fraudsters pose as PayPal debt-recovery agents, claiming your account has a past-due balance and threatening legal action unless you pay immediately.
Scammers buy goods from sellers using PayPal, then fraudulently file chargebacks while using PayPal impersonation emails to confuse and stall the seller.
Criminals send fake product-recall notices claiming a PayPal refund is waiting, then harvest account credentials or card details through a spoofed PayPal portal.
Criminals embed fake 'PayPal Support' chatbots in phishing sites and search-ad landing pages to harvest credentials and one-time codes under the guise of helping customers.
Fraudsters send fake Cash App payment confirmations to sellers, then dispute the charge — or never paid at all — while mimicking Cash App notifications to delay the seller.
Fraudsters impersonate Cash App collections agents, threatening account closure or legal action over fabricated unpaid balances to coerce immediate payment.
Scammers send fake invoices branded with Cash App styling, claiming recipients owe money for a service and must pay via Cash App immediately to avoid account suspension.
Scammers send fake 'you were charged' notifications mimicking Cash App payment receipts to panic recipients into clicking a phishing link.
Scammers exploit Zelle's irreversible payment model and mimic Zelle bank alerts to trap sellers into shipping goods before payment is confirmed, then trigger bank reversals.
Criminals impersonate Zelle's bank partners and claim recipients owe outstanding Zelle transaction fees or disputed-payment balances, demanding immediate payment.
Criminals send fake recall-refund notices claiming a Zelle transfer is waiting, then use the verification process to harvest bank credentials.
Fraudsters impersonate Zelle or a bank's Zelle team and instruct victims to buy gift cards to 'protect' their account or receive a bonus, then drain the card balances.
Scammers impersonate Stripe's compliance or finance team and contact businesses claiming unpaid processing fees or negative balances must be resolved immediately or the merchant account will be closed.
Fraudsters impersonate Stripe support and demand that merchants purchase gift cards to pay for a fabricated compliance fee or to 'hold funds' during an alleged account review.
Scammers send fake 'Stripe payment received' or 'you were charged via Stripe' emails to merchants and consumers to harvest Stripe account credentials.
Criminals exploit Wise's international payment infrastructure and mimic Wise dispute emails to confuse sellers into giving refunds outside the official process, enabling double recovery.
Criminals send fake Wise payment receipts claiming the recipient was charged for a transfer they did not authorise, using alarm to prompt a login on a phishing page.
Fraudsters posing as Wise compliance contact users claiming unpaid transfer fees or disputed-balance amounts must be settled immediately to avoid account closure.
Criminals use Revolut's card-linked dispute mechanism to buy goods, trigger chargebacks through Revolut's banking licence, and send fake Revolut dispute emails to delay sellers.
Fraudsters impersonate Revolut's compliance department and claim users owe outstanding fees or negative balances, threatening account closure and legal action.
Scammers impersonate Revolut and instruct users to purchase gift cards to 'protect' their account balance from a supposed breach, then drain the card values once codes are shared.
Scammers intercept or forge business payment instructions and ask recipients to redirect invoice payments to a new Revolut account number, claiming a banking change.
Criminals deposit funds into Robinhood accounts via ACH, execute trades, then reverse the bank transfer — leaving the brokerage to recover the shortfall from the account holder.
Fraudsters impersonate Robinhood's finance team and claim users owe margin loan balances or regulatory fees, threatening account closure and legal action to coerce immediate payment.
Scammers send fake Robinhood fee or account-funding invoices to redirect users' investment deposits into attacker-controlled bank accounts.
Scammers send fake Robinhood trade confirmation emails claiming the user's account was just used to buy or sell securities, using alarm to drive clicks on a credential-harvesting login page.
Scammers send fake notices claiming Robinhood is issuing refunds for overcharged fees or a past class-action settlement and ask users to verify identity to collect their payout.
Criminals impersonate a victim's bank and send fraudulent payment-instruction updates, redirecting business or personal wire transfers to attacker-controlled accounts.
Fraudsters impersonate a victim's bank to manipulate them into initiating or blocking chargebacks in ways that benefit the scammer rather than the victim.
Criminals send fake notices claiming the victim's bank is processing a product recall refund to their account and needs account verification, then harvest banking credentials.
Criminals impersonate bank collections departments and threaten legal action or credit damage over fabricated loan or overdraft balances to coerce immediate payment.
Criminals send fake invoices appearing to originate from a victim's bank, claiming fees, loan renewals, or regulatory charges are overdue and must be paid to an external account.
Criminals deploy fake bank chatbot pages in paid search results and phishing emails to harvest online banking credentials and one-time SMS codes in real time.
Scammers run fake PayPal chat-support pages that walk victims through a 'password reset' process designed to capture new credentials as they are set and immediately change them on the real account.
Criminals send fake notices to merchants claiming Stripe has initiated a batch recall refund to buyers and that merchants must verify their account to approve the refund disbursement.
Criminals operate fake Stripe merchant-support chatbots on lookalike sites, harvesting API keys, bank account details, and Dashboard credentials from merchants seeking help.
Criminals deploy fake Wise support chatbots on lookalike domains to steal login credentials and verification codes from users seeking help with transfers.
Scammers send fake Revolut payment receipts claiming the user's card was just charged for a purchase they did not make, prompting a panicked login on a credential-harvesting page.
Criminals run fake Revolut support chatbots on lookalike domains to steal phone-based login credentials and in-app verification codes from users in real time.
Criminals operate fake Robinhood chat-support pages in search ads to harvest brokerage account credentials and two-factor codes from investors seeking account help.
Criminals send fake recall-refund notices claiming a Cash App credit is waiting, then harvest account credentials or redirect victims to send money to 'confirm their $cashtag.'
Criminals call PayPal users pretending to be PayPal's account-security team and socially engineer them into disabling or bypassing their own two-factor authentication.
Scammers send fake Zelle payment receipt emails claiming the user's bank sent or received an unexpected transfer, prompting a bank login on a credential-harvesting page.
Fraudsters impersonate Wise compliance and claim business or personal accounts must deposit gift-card funds to cover a compliance reserve or avoid regulatory action.
Criminals pose as Stripe customer advocates and coach cardholders to file fraudulent chargebacks against legitimate merchants, with the scammer taking a cut of the recovered funds.
Criminals operate fake Zelle support chatbot pages to harvest banking credentials from users who believe they are resolving a Zelle payment issue.
Criminals call bank customers impersonating the fraud team and persuade them to disable or hand over two-factor authentication codes, enabling full account takeover.
Criminals run fake Cash App support chatbots in search results and social media to collect account credentials and linked-card details from users seeking help.
Criminals impersonate Robinhood's compliance team and demand gift cards to 'cover' regulatory fees, margin maintenance, or a tax withholding requirement on claimed investment gains.
Fraudulent websites mimicking Binance's interface trick users into connecting their wallets and signing malicious transactions to claim a fabricated token airdrop.
Scammers posing as Binance Smart Chain support staff lure users into fake DeFi 'flash-loan arbitrage' dashboards that steal wallet credentials and drain connected accounts.
Criminals send urgent emails or SMS messages claiming a user's Binance account has been suspended and directing them to a phishing page to 'restore access' — capturing login credentials and 2FA codes in the process.
Fraudsters impersonating Coinbase advertise inflated staking returns — sometimes 30 to 50 percent annually — to lure victims into depositing cryptocurrency that is immediately stolen.
Criminals distribute malware posing as a Coinbase desktop app or Coinbase Wallet extension update; once installed, it silently replaces copied crypto wallet addresses with the attacker's address at the moment of pasting.
Fraudulent websites cloning Coinbase's brand promise early access to a new 'Coinbase token' airdrop, tricking users into connecting wallets and granting malicious approval transactions.
Attackers build fake 'Coinbase Wallet Connect' pages that present an EIP-712 off-chain signature request; signing it authorizes the scammer's contract to transfer all of the victim's tokens without further interaction.
Criminals impersonating Kraken's customer support offer to recover lost or frozen cryptocurrency assets, then charge advance fees and request wallet access — stealing more from people who have already been defrauded.
Fraudsters use Kraken's trusted brand to promote fake DeFi flash-loan yield portals, convincing users to deposit funds or connect wallets to contracts that immediately drain their holdings.
Lookalike websites claiming Kraken is distributing a new KRK or exchange token lure users into connecting wallets and signing malicious approval transactions to 'claim' a fabricated reward.
Fake 'MetaMask Security Update' pages and counterfeit dApps trick users into signing EIP-712 messages that grant attackers unlimited token spending rights without requiring a seed phrase.
Scammers build clones of MetaMask Portfolio's staking interface and promise exaggerated yields, luring users into depositing crypto into attacker-controlled contracts.
Criminals send emails or pop-up notifications claiming a user's MetaMask wallet has been 'suspended' and directing them to a fake appeal page that harvests their Secret Recovery Phrase.
Fraudsters posing as MetaMask support agents use social engineering, remote access requests, and fake synchronization screens to gain control of victims' wallets and drain funds.
Criminals build counterfeit 'Ledger Live Earn' portals advertising inflated staking returns to trick hardware wallet users into sending crypto to attacker-controlled contracts.
Fake 'Ledger Connect Kit' pages and counterfeit dApps display EIP-712 signature requests styled to look like Ledger hardware wallet confirmations, tricking users into approving malicious token permissions.
Criminals distribute malware packaged as counterfeit Ledger Live installers; once installed, the malware monitors the clipboard and swaps wallet addresses at the moment of pasting, redirecting transfers to attacker addresses.
Scammers impersonating Ledger promote 'Ledger DeFi Vault' investment portals offering guaranteed flash-loan arbitrage profits, then steal deposits and demand advance fees to release fabricated earnings.
Fraudulent sites claiming Trezor is distributing a new TRZR token airdrop to hardware wallet users prompt victims to connect their software wallets and sign malicious approval transactions.
Scammers impersonating Trezor recruit hardware wallet owners into fake 'Trezor Secured Yield' DeFi portals that steal deposits through fraudulent smart contracts.
Fake Trezor Suite 'security verification' pages present EIP-712 structured-data signing requests that grant attackers sweeping token approval rights, exploiting trust in Trezor's hardware-verified signing model.
Fraudsters create fake 'OpenSea NFT Staking' portals that promise passive income from staking NFTs, then steal the staked assets through malicious setApprovalForAll transactions.
Scammers use OpenSea's name to promote fake DeFi flash-loan 'NFT arbitrage' portals that promise profits from automated cross-marketplace trading, then steal deposited funds and NFTs.
Fraudsters impersonating OpenSea's support team trick NFT sellers into 'verifying' their accounts through phishing pages that capture wallet signatures, enabling thieves to drain NFT collections.
Fraudulent sites announce a fabricated 'OpenSea SEA token' airdrop for active traders and collectors, directing users to connect wallets and sign malicious approval transactions to claim their share.
Criminals posing as OpenSea staff or 'OpenSea-affiliated recovery specialists' offer to recover stolen or wrongly transferred NFTs for an upfront fee — stealing further from people who have already been victimized.
Phishing emails impersonating OpenSea warn collectors that their accounts have been suspended for policy violations and direct them to fake appeal pages that harvest credentials and wallet approvals.
Fraudulent Trezor Suite installers contain hidden clipboard-monitoring malware that swaps destination wallet addresses at the moment of pasting, causing unknowing victims to send funds to attackers.
Fraudulent portals impersonating Kraken's staking feature promise amplified yields far above Kraken's published rates, then steal deposited assets through fake 'Kraken Pro Staking' contracts.
Fraudsters impersonating Kraken support engineers social-engineer victims into disabling two-factor authentication under the guise of resolving an account access problem, enabling full account takeover.
Criminals posing as Coinbase support agents use social engineering to trick users into revealing or bypassing their 2FA, then use the access to drain account balances.
Scammers impersonating Binance security staff use urgent messaging to trick users into completing fake 2FA reset flows that hand over active authentication codes, enabling account takeovers.
Fraudulent chatbots embedded on fake MetaMask support sites or injected into search results guide distressed wallet users into sharing their Secret Recovery Phrase under the guise of technical troubleshooting.
Criminals operate fake Coinbase support chatbots through sponsored search results and lookalike websites, guiding victims through credential-harvesting flows or directing them to send test transactions to scammer addresses.
Lookalike Binance support chat sites capture user credentials and 2FA codes through convincing chatbot flows, enabling real-time account takeovers and unauthorized withdrawals.
Fraudsters send SMS messages falsely branded as DHL, claiming a vehicle or delivery truck associated with a shipment has incurred a toll violation requiring immediate payment. DHL never contacts private recipients about toll charges on its fleet vehicles.
Callers or texters posing as DHL demand that recipients pay customs clearance, import duties, or warehouse storage fees using gift-card codes. DHL never accepts gift cards as payment for any service or charge.
Scammers send texts or emails posing as FedEx, claiming a parcel is waiting in a nearby locker and that recipients must verify identity or pay a fee through a link to retrieve it. FedEx's legitimate locker service (FedEx OnSite) sends PIN codes through your registered account, never through unsolicited messages requiring payment.
Scammers send SMS messages pretending to be FedEx, claiming a toll charge on a delivery vehicle is blocking the release of a recipient's parcel. FedEx manages its own fleet toll accounts and never passes road-toll costs to parcel recipients.
Scammers impersonate FedEx collections agents by phone or email, claiming the recipient owes unpaid shipping invoices or warehouse storage fees and threatening legal action or credit damage unless immediate payment is made. FedEx's genuine billing process never threatens legal action via unsolicited calls from unverified agents.
Criminals send messages pretending to be USPS, claiming a parcel has been redirected to a package locker and that recipients must pay a fee or verify identity through a link to collect it. USPS's legitimate locker notifications, including those for Informed Delivery and Parcel Select lockers, never require a separate payment link to access a waiting package.
Fraudsters combine USPS impersonation with a student-tax-refund pretext, sending messages claiming USPS is holding a cheque or government voucher related to a student tax refund that requires identity verification or a release fee. USPS does not hold, issue, or distribute tax refunds or education benefit payments.
Criminals impersonate USPS in messages claiming a tax-related document or identity verification letter is awaiting collection, with the goal of harvesting Social Security numbers, birthdates, and financial information to file fraudulent tax returns.
Scammers send text messages or emails impersonating Royal Mail, claiming a parcel has been placed in a local parcel locker and that a fee or account verification is needed to retrieve it. Royal Mail's real parcel-locker service, Royal Mail Parcel Collect, and its Safeplace system never charge recipients a fee to access a waiting parcel.
Fraudsters send texts or emails pretending to be Royal Mail and claiming a congestion or toll charge incurred by a delivery vehicle is blocking the release of a recipient's parcel. Royal Mail manages road and congestion charges internally and never passes these costs to parcel recipients.
Fraudsters impersonate HMRC to harvest National Insurance numbers, UTR codes, and personal details needed to file fraudulent tax returns, claim fraudulent refunds, or take over existing HMRC online accounts.
Scammers leave fake physical cards or send texts pretending to be HMRC, claiming a tax document or HMRC letter requires collection or a redelivery fee before it can be forwarded. HMRC does not use redelivery cards, collection fees, or payment links to deliver official correspondence.
Scammers impersonate HMRC to target disabled benefit claimants, claiming a tax-related health or disability payment requires re-verification through a link, threatening suspension of disability-linked tax credits or benefit top-ups unless identity is confirmed online.
Scammers call or message people — particularly non-UK nationals — posing as DVLA officials, claiming that a driving licence irregularity has triggered a visa or immigration review that could lead to deportation unless a fine is paid immediately. The DVLA has no immigration enforcement powers and does not make such calls.
Fraudsters impersonate the Social Security Administration by claiming that a driver's licence renewal or state ID card application has triggered a Social Security number discrepancy that must be resolved online before the DMV can process the request. The SSA does not participate in routine DMV renewal verification and never asks people to confirm SSNs via a link.
Scammers impersonate the Social Security Administration by claiming that a vehicle registration renewal has flagged a Social Security number mismatch that must be resolved to avoid licence suspension or civil penalties. The SSA has no role in vehicle registration and never contacts people about registration discrepancies.
Fraudsters impersonate the SSA to trick victims into submitting Social Security numbers, dates of birth, and bank account details under the pretence of resolving a tax-related Social Security record discrepancy, enabling fraudulent tax return filing in the victim's name.
Criminals combine toll-violation threats with SSA impersonation, claiming that unpaid toll violations are linked to the victim's Social Security number and that the account will be suspended unless a fine and a Social Security reverification are completed immediately. The SSA has no connection to toll enforcement.
Fraudsters impersonate the SSA by contacting students and young workers, claiming that their Social Security account shows an unresolved student tax-exemption or education-credit discrepancy that must be verified to avoid benefit impacts or tax penalties.
Scammers impersonate Service Canada by claiming that unpaid toll violations or highway fines are linked to the recipient's Social Insurance Number and that failure to resolve them will trigger Canada Revenue Agency penalties or benefit suspension. Service Canada and the CRA have no role in toll enforcement.
Fraudsters impersonate Service Canada by phone or message, claiming that a SIN or benefit application irregularity has been referred to the Canada Border Services Agency for immigration review, and that the recipient must pay immediately to avoid deportation or status revocation. Service Canada has no immigration enforcement powers.
Scammers impersonate Service Canada to harvest Social Insurance Numbers, dates of birth, and banking details under the pretence of resolving a CRA or employment record discrepancy, enabling fraudulent tax returns and benefit applications in the victim's name.
Scammers impersonate Centrelink to target students and young Australians, claiming that a Youth Allowance or ABSTUDY payment requires tax file number re-verification or that a student tax credit overpayment debt must be repaid immediately through a link.
Criminals impersonate Centrelink to harvest myGov credentials, Tax File Numbers, and banking details for Australian tax identity theft — redirecting ATO refunds and making fraudulent benefit claims in victims' names.
Scammers impersonate Centrelink by claiming unpaid toll fines have been flagged on the recipient's Centrelink file and that benefit payments will be withheld until the fines are paid through a provided link. Centrelink has no role in toll enforcement and cannot withhold payments because of traffic fines.
Fraudsters impersonate Centrelink by claiming that a driving licence or proof-of-identity renewal linked to a recipient's Centrelink account requires urgent online verification or a payment, threatening suspension of benefit payments. State licensing authorities — not Centrelink — handle driving licence renewals in Australia.
Criminals impersonate DWP officers by phone or letter, claiming that an arrest warrant has been issued for benefit overpayment fraud and that the recipient must pay an immediate settlement or face police arrest. The DWP does not issue arrest warrants and does not demand immediate cash settlement by phone.
Fraudsters impersonate the IRS by email or text claiming that students or recent graduates are owed a student education credit refund or a FAFSA-related tax adjustment that can be claimed through a link. The IRS processes education credits through filed tax returns and never directs taxpayers to claim refunds via a text message link.
Criminals impersonate the IRS by claiming that a vehicle registration or excise tax payment qualifies for a federal deduction or refund that must be claimed through a portal before a deadline. The IRS never solicits vehicle registration refund claims via unsolicited messages.
Criminals impersonate the SSA by claiming that an anonymous disability-fraud report has been filed against a Social Security Disability Insurance or SSI recipient, and that benefits will be suspended unless the claimant verifies their condition and bank details immediately. The SSA conducts reviews through formal written notices — not urgent phone calls or texts.
Fraudsters impersonate Service Canada by sending messages claiming a special emergency benefit, cost-of-living payment, or stimulus cheque is available but must be claimed through a portal before a deadline. Service Canada does not issue unclaimed stimulus payments via unsolicited text links.
Criminals impersonate Service Canada to target Canada Pension Plan Disability and Employment Insurance Sickness benefit recipients, claiming an anonymous fraud complaint has been filed and that benefits will be cancelled unless the claimant verifies medical and financial details immediately.
Scammers impersonate Service Canada by claiming a driving licence or provincial photo-ID renewal is linked to an SIN discrepancy that must be resolved before benefits or the SIN can be reissued. Provincial licensing bodies — not Service Canada — are responsible for driving licences in Canada.
Scammers send fake DHL shipment-confirmation emails claiming a large or unfamiliar order has been dispatched using the recipient's account, including a link to cancel the shipment that leads to a credential-harvesting page. DHL never sends order-confirmation emails on behalf of retailers, and its shipping labels are created by senders, not recipients.
Criminals send renewal notices impersonating Royal Mail, claiming that a Royal Mail Parcel Protection or address-redirection subscription is about to auto-renew at an inflated price and that the recipient must log in to cancel it. Royal Mail's genuine redirection service is one-off or fixed-term, not an auto-renewing subscription billed through a text link.
Scammers send texts or emails impersonating USPS and claiming that an incoming international parcel is held in US Customs and requires a payment before it can be released. USPS's process for customs-cleared international mail does not involve unsolicited payment links.
Criminals impersonate HMRC enforcement officers by phone or letter, claiming an arrest warrant has been issued for unpaid tax debt and that the recipient must pay an immediate settlement to prevent police attendance at their address. HMRC does not issue arrest warrants for civil tax debt and does not demand emergency telephone payments.
Fraudsters impersonate Service Canada by claiming that a vehicle registration or ownership transfer has flagged an SIN discrepancy requiring immediate online verification. Provincial registries — not Service Canada — are responsible for vehicle registration in Canada.
Scammers impersonate USPS by claiming a product recall requires the recipient to mail back an item using a prepaid USPS label obtained through a verification portal, or that a recall refund cheque from USPS is awaiting collection. USPS provides postal infrastructure for recalls but does not administer recall programmes or issue recall refunds.
Scammers impersonate the SSA by informing recipients they are eligible for a new benefit, a cost-of-living increase, or a retroactive benefit payment that requires application through an online link. The SSA communicates genuine benefit changes through postal mail and the my Social Security online portal — not unsolicited text links.
Fraudsters impersonate Service Canada to target Canadian post-secondary students, claiming that a Canada Student Grant or bursary payment has triggered a CRA tax record that must be verified online before the funds are released or the SIN is cleared.
Fraudsters impersonate HMRC to claim that a driving licence renewal or vehicle excise duty payment has not been processed correctly and that an outstanding HMRC tax liability must be settled through a link. Vehicle excise duty is managed by the DVLA, not HMRC, and HMRC does not send licence-related payment demands.
Criminals impersonate HMRC by claiming that a road-use, congestion, or ULEZ charge has generated a tax penalty that must be paid to HMRC directly. HMRC does not collect congestion, ULEZ, or road-user charges — these are collected by Transport for London or local authorities.
Scammers impersonate Centrelink to inform Australians they are eligible for a cost-of-living or energy supplement payment that must be claimed through a link before a deadline. Legitimate Centrelink supplement payments are deposited automatically to payment recipients or require application through myGov — never through an unsolicited text link.
Criminals send official-looking Amazon emails or texts claiming a purchased item has been recalled and offering a refund — but the real goal is to harvest payment details or account credentials.
Fraudsters impersonate Amazon to cold-call or email customers with offers to purchase or renew an 'Amazon Extended Warranty' for electronics — collecting upfront fees and card numbers for protection that does not exist.
You receive unexpected packages that appear to have been purchased through eBay. The real sender is a third-party seller manipulating the review system — and your personal data may have been compromised.
Scammers send phishing emails pretending to be eBay, claiming a seller's product has been recalled and that you are owed a refund — but the link harvests your login and payment credentials.
Fraudsters impersonate Target with texts or emails claiming a recent purchase has been recalled, directing victims to a fake Target site where login and payment credentials are stolen.
Criminals pose as Home Depot Protection Plan representatives and contact homeowners offering to process warranty claims on appliances or installations, ultimately charging processing fees or stealing account details.
Scammers impersonate Best Buy with urgent emails or texts about a recalled appliance or electronic device, directing victims to phishing pages where login credentials and payment details are stolen.
Fraudsters impersonate Booking.com with messages claiming your Genius loyalty points or wallet credit are about to expire, luring you to a phishing page that steals your account credentials and saved payment details.
Criminals impersonate Airbnb to send fake travel-credit or referral-reward notifications, directing victims to phishing pages designed to capture their Airbnb account credentials and saved payment methods.
Scammers impersonate Delta Air Lines to send fake SkyMiles expiry notices or partner-transfer offers, stealing account credentials and draining miles balances.
Fraudsters impersonate United Airlines MileagePlus to send fake mile-expiry warnings or partner-transfer offers, stealing login credentials and draining accumulated miles balances.
Fraudsters impersonate Lyft to send fake ride-credit expiry warnings, directing victims to phishing pages that steal Lyft account credentials and saved payment information.
Scammers impersonate AT&T to send fake rebate or bill-credit notifications, directing victims to phishing sites that steal account credentials and payment information under the guise of processing a refund.
Scammers exploit Verizon's billing infrastructure to enrol customers in premium SMS services they never requested, and separately send fake Verizon messages prompting victims to 'activate' services that trigger subscription charges.
Fraudsters add unauthorised third-party charges to T-Mobile customers' bills by exploiting carrier billing loopholes or by impersonating T-Mobile support to 'confirm' add-ons customers never requested.
Scammers send fake T-Mobile rebate notifications claiming the customer is owed a bill credit or loyalty reward, directing them to phishing pages to harvest credentials and banking details.
Criminals impersonate Vodafone to send urgent eSIM activation or roaming-upgrade requests, tricking customers into scanning malicious QR codes that transfer their phone number to the scammer's device.
Scammers impersonate Vodafone customer support to activate unauthorised premium-rate services on customers' accounts, resulting in unexpected charges on monthly bills.
Criminals send fake messages impersonating any mobile carrier offering a free roaming eSIM upgrade, tricking customers into scanning malicious QR codes that hand over control of their phone number.
On Bumble, scammers create fake profiles of wealthy women who offer to financially support the victim in a 'sugar momma' arrangement, ultimately extracting money through various pretexts before disappearing.
Scammers create fake Tinder profiles using celebrity names and photos to lure victims into romance scams, eventually requesting money, gift cards, or cryptocurrency under various pretexts.
Scammers exploit Hinge's conversational matching format to build trust with victims before proposing a 'sugar momma' financial arrangement that ends in money extraction.
Scammers build a romantic connection on Hinge, persuade the victim to share intimate images or video, then blackmail them with threats to distribute the content unless a payment is made.
Scammers create fake Bumble profiles impersonating celebrities and use the platform's female-first messaging dynamic to initiate convincing romantic conversations that end in financial fraud.
Fraudsters impersonate Hilton Honors to send fake points-redemption offers or expiry warnings, directing members to phishing pages that steal their account login and drain their points balance.
Fraudsters impersonate Home Depot to send fake Pro Xtra loyalty points expiry notices or special redemption offers, leading victims to phishing pages that harvest account login and payment details.
Scammers send fake Geek Squad invoices for an extended protection plan the recipient never purchased, then manipulate them into calling a fraudulent support number that leads to payment card theft or remote computer access.
Scammers build convincing lookalike websites mimicking Airbnb to collect upfront rental payments for properties that do not exist or that the scammer has no right to rent.
Scammers impersonate Booking.com with fake cancellation confirmation and refund notices, directing victims to phishing pages where login credentials and payment details are harvested.
Scammers impersonate Walmart to cold-call or email customers offering an extended warranty or protection plan for electronics or appliances, collecting upfront fees for coverage that does not exist.
Scammers create fake Uber customer support numbers and social media accounts to intercept frustrated riders and drivers, extracting account credentials, payment details, or remote access to devices.
Scammers enrol AT&T customers in premium-rate SMS content subscriptions without genuine consent, or impersonate AT&T to push customers into activating paid services that appear on their monthly bill.
Scammers impersonate AT&T customer support by phone, text, or fake websites, manipulating customers into sharing account credentials, two-factor codes, or payment details to 'resolve' account issues.
Criminals impersonate Verizon to send fake eSIM roaming upgrade notifications containing malicious QR codes designed to redirect calls and SMS messages — including two-factor authentication codes — to the scammer's device.
You receive unexpected packages with Target-branded packing materials you never ordered — a sign that a third-party seller is using your personal details in a brushing scheme to generate fake verified reviews.
Scammers send messages impersonating Hilton Hotels claiming a payment on an upcoming reservation needs to be re-verified, directing victims to phishing pages that capture payment card details.
Fraudsters impersonate Delta Air Lines to send fake SkyMiles limited-time redemption offers, leading victims to phishing pages designed to steal their SkyMiles login and credit card details.
Scammers impersonate United Airlines MileagePlus with fake limited-time redemption offers, phishing for account login credentials and then draining the victim's miles balance.
Criminals impersonate Marriott Bonvoy with fake flash-redemption offers — claiming limited free-night awards are available — to harvest account credentials and drain points balances.
You receive an unexpected parcel with Best Buy packaging containing a small electronic item you never ordered — a sign a third-party marketplace seller is running a brushing scheme using your personal data.
Scammers impersonate T-Mobile customer support to trick customers into sharing account credentials, PIN codes, or one-time verification codes, enabling account takeover or fraudulent plan changes.
Scammers impersonate Marriott with fake cancellation notices for upcoming reservations, directing victims to phishing pages that steal account credentials and payment details under the guise of processing a refund.
Fraudsters impersonate Home Depot with fake product-recall messages about power tools, appliances, or building materials, directing victims to phishing pages to steal their login and payment details.
Scammers impersonate Lyft to notify riders of a fabricated 'safety concern' with a recent ride or driver, offering a refund or compensation that requires account login and payment re-verification.
Scammers impersonate Best Buy's Geek Squad to contact customers about an open warranty claim on a purchased device, collecting personal details and service fees for a repair or replacement that never occurs.
Scammers impersonate eBay with fake eBay Bucks or partner-reward expiry notifications, directing victims to phishing pages that steal their eBay login and stored PayPal payment credentials.
Scammers impersonate Walmart by cold-calling customers claiming their Walmart Protection Plan claim has been approved, then extracting a processing fee or remote access to the victim's device to 'complete the repair'.
Scammers use AI-cloned voices that mimic Apple's automated phone system or a human support agent to convince victims to reveal their Apple ID credentials, passcodes, or one-time verification codes.
Criminals use AI-generated video to impersonate Microsoft executives or IT administrators in Teams meetings, instructing employees to transfer funds, share credentials, or install remote-access software.
Attackers use large-language-model tools to craft phishing emails that reference your real Google account activity, recent searches, or Gmail data, making fake Google Security messages feel frighteningly specific and credible.
Fraudulent websites display a lookalike Google reCAPTCHA challenge and instruct visitors to paste a malicious command into their clipboard to 'verify they are human', silently installing malware on their device.
Criminals convince a mobile carrier to transfer a victim's phone number to a SIM card they control, then use that number to receive WhatsApp's SMS verification code and hijack the account, often to scam the victim's contacts.
Malicious websites display convincing popups that mimic Chrome's genuine software-update notifications, tricking users into downloading malware disguised as a 'Critical Chrome Update'.
Scammers use AI-generated video of Meta or Facebook representatives to impersonate partner managers on fake calls, convincing ad account managers to hand over Business Suite credentials.
Fraudsters send Instagram DMs claiming the recipient has won a brand giveaway, then use a phishing link to steal login credentials and take over the account, which is then used to defraud the victim's followers.
Scammers impersonate TikTok's creator partnerships team or well-known brands to send fake brand-deal proposals to creators, then harvest login credentials or bank details through fraudulent 'onboarding' portals.
Scammers send emails or DMs posing as Instagram's rights team, claiming a post has been flagged for a copyright violation and threatening account suspension unless the creator provides credentials or pays a fee to appeal.
Attackers use automated tools to test billions of username and password combinations from previous data breaches against Netflix accounts, hijacking those where victims reuse passwords and then selling or exploiting the stolen access.
Scammers send fake invitations to an exclusive 'Spotify HiFi Beta' or 'Spotify Premium Plus' test programme, harvesting Spotify credentials and sometimes payment details under the guise of signing up for early access.
Scammers create Telegram channels and accounts that impersonate Telegram's official team, announcing large cryptocurrency giveaways that require victims to send a small amount to 'verify their wallet' before receiving a larger return.
Criminals distribute malware-laced applications disguised as the Disney+ streaming app, typically through unofficial app stores, piracy sites, or phishing emails, stealing login credentials or financial data from victims who install them.
Services claiming to boost TikTok follower counts, likes, or views either deliver bot accounts that harm creator analytics and violate TikTok's terms, or steal the creator's TikTok credentials in exchange for a fake growth promise.
Scammers deploy AI-powered chatbot profiles on Instagram that initiate and sustain romantic conversations over weeks, building emotional bonds before asking for money, cryptocurrency, or personal data.
Scammers target Microsoft and Xbox gaming accounts through phishing, credential stuffing, and fake prize notifications, hijacking accounts to steal in-game currency, game libraries, and stored payment methods.
Criminals use AI-synthesised voices to impersonate Google Workspace support advisors on unexpected calls, pressuring IT administrators into resetting admin credentials, approving OAuth applications, or downloading 'diagnostic tools'.
Scammers share malicious QR codes in emails, printed materials, or WhatsApp messages that mimic WhatsApp's legitimate 'Linked Devices' QR code process to silently hijack a victim's WhatsApp account.
Scammers contact Telegram users on behalf of a fake 'friend' or 'support team', convincing them to forward a Telegram login verification code that immediately transfers account control to the attacker.
Phishing emails impersonating TikTok's rights team warn creators that multiple copyright strikes have been filed against their account, with a 48-hour window to appeal via a link that harvests TikTok credentials.
Scammers harvest publicly available Facebook profile photos to generate AI deepfake intimate images of real people, then threaten to share the fabricated images with the victim's Facebook friends unless a payment is made.
Scammers distribute counterfeit WhatsApp APK files through websites, social media, and phishing messages, claiming to offer early access to new features, installing spyware or credential-stealing malware instead.
Scammers pose as Netflix talent scouts or content acquisition managers, offering independent creators or filmmakers lucrative content licensing deals that require upfront payments or credential submission through a fraudulent Netflix portal.
Scammers send fake beta invitations for unreleased Microsoft or Xbox games, directing victims to phishing pages that steal Microsoft account credentials or install malware disguised as a beta client installer.
Scammers pose as brand managers reaching out via TikTok DM or email with attractive collaboration proposals, directing creators to fake TikTok 'business verification' portals that harvest login credentials and personal data.
Scam websites display fake Apple ID verification CAPTCHA prompts that instruct macOS users to open Terminal and paste a command to 'prove they are human', silently installing malware under the guise of Apple account verification.
Attackers run automated credential-stuffing tools against Microsoft 365 business tenants, using email-password pairs from previous breaches to silently take over accounts, forward emails, and launch internal phishing campaigns.
Scammers use malware or malicious browser extensions to steal Google session cookies, bypassing two-factor authentication entirely and giving attackers persistent access to Gmail, Drive, and YouTube accounts.
Scammers use AI language models to craft Spotify phishing emails referencing specific songs in your listening history, your playlist names, or your Wrapped data to make fraudulent account-security messages feel unnervingly genuine.
Scammers send fake invitations to exclusive Disney+ feature betas — such as early access to a new interactive experience or 4K upgrade — collecting subscribers' login credentials or payment details through fraudulent onboarding portals.
Scammers impersonate Instagram's creator team, sending messages about a lucrative new monetisation programme that requires creators to pay an activation fee or submit credentials via a fake 'Instagram Creator Hub' portal.
Criminals use AI-synthesised voices to impersonate Google's automated security system or Google account specialists, calling victims to warn of a breach and extracting Google account credentials or backup codes during the call.
Criminals hijack a victim's mobile phone number via SIM swapping to intercept Netflix password-reset SMS codes, taking over the Netflix account and the linked payment card.
Scammers create Facebook accounts and ads mimicking official Meta or Facebook giveaway announcements, directing users to credential-harvesting pages or requesting advance payments to 'claim their prize'.
Scammers trick WhatsApp users into disabling their two-step verification PIN by sending convincing social messages, then take over the account using the now-unprotected SMS registration flow.
Scam TikTok accounts and videos impersonate TikTok's official channels to run fake giveaways, directing users to credential-harvesting forms or advance-fee payment pages under the guise of prize claims.
Criminals use AI-synthesised voices to impersonate Microsoft IT helpdesk staff, calling employees to resolve a fabricated account or security issue and extracting Microsoft 365 credentials or multi-factor authentication codes during the call.
Criminals deploy AI-powered bots on Telegram that impersonate Telegram's official support, engaging users in natural conversation before stealing account credentials, two-step verification codes, or cryptocurrency under the guise of account assistance.
Scam VPN applications in the App Store or distributed via fake Apple security alerts abuse Apple's trusted brand to collect subscription fees, steal network traffic data, or harvest credentials from iPhone and Mac users.
Attackers test billions of email-password combinations from unrelated data breaches against Disney+ accounts, hijacking those where passwords are reused to access subscriptions, payment details, and linked Disney services.
Criminals use AI to generate fabricated intimate images from publicly visible Instagram photos, then send extortion messages threatening to post them to the victim's Instagram followers unless a payment is made.
Criminals hijack a victim's mobile phone number through a SIM swap to intercept Spotify's SMS password-reset code, taking over the account and potentially accessing linked payment details or Spotify for Artists data.
Scammers embed malicious QR codes in printed materials, fake receipts, or emails that mimic Apple iCloud storage or billing notifications, directing victims who scan them to credential-harvesting Apple ID login pages.
Scammers use AI-synthesised voices to impersonate Netflix customer service representatives on unsolicited calls, warning of billing problems or account suspensions to extract payment card details or Netflix account credentials.
Criminals convince your mobile carrier to transfer your phone number to a SIM they control, then use PayPal's SMS-based account recovery to lock you out and drain your balance. The attack exploits PayPal's reliance on phone-number verification as a fallback authentication route.
AI-generated voice technology is being used to mimic convincing phone support lines and fake human agents, pressuring Cash App users into sharing sign-in codes. Because Cash App has no official phone number, any inbound support call is already suspicious — but AI voices make the deception harder to dismiss.
Fraudsters place fake QR codes — on stickers, fake invoices, or in community groups — that appear to link to Zelle payment requests but instead lead to phishing pages or fraudulent payment flows that drain money or harvest banking credentials.
Attackers use AI tools to craft individually tailored phishing emails that reference real business names, transaction amounts, and recent Stripe activity scraped from public sources — making the fake payout-hold or policy-violation notices far more convincing than generic templates.
Criminals hijack victims' phone numbers by fraudulently porting them to a new SIM, then use Wise's SMS-based one-time passcodes to bypass login security, change the account email address, and initiate international transfers before the victim can react.
Fraudulent apps mimicking Revolut's design and branding appear in unofficial app stores, phishing sites, and search-engine ads. Once installed, they capture login credentials, harvest two-factor codes, and can access the device's SMS messages.
Automated tools use email-password combinations leaked in unrelated data breaches to break into Robinhood brokerage accounts where users have reused passwords, allowing attackers to liquidate investments and initiate fraudulent withdrawals.
Criminals use AI-generated deepfake videos of Binance executives to promote fake cryptocurrency giveaways on YouTube and social media, directing victims to deposit crypto to 'double their funds' — a straightforward theft dressed as an official Binance promotion.
Criminals port Coinbase users' phone numbers to a SIM they control, intercept Coinbase's SMS verification codes, and rapidly drain cryptocurrency holdings. Coinbase's large retail user base and the irreversibility of crypto transactions make SIM-swap attacks especially lucrative.
Criminals embed fake CAPTCHA challenges on sites mimicking MetaMask's download page or support portal. Completing the CAPTCHA triggers a clipboard-injection command that, when pasted into a system prompt, installs malware designed to steal seed phrases and drain connected wallets.
Compromised or malicious websites display fake 'Ledger Live requires a browser update' pop-ups that prompt users to download a malicious executable. The malware targets Ledger Live configuration files, recovery-phrase data, and browser-stored passwords.
Fake Coinbase accounts on X/Twitter, Instagram, and Facebook run giveaway campaigns that require victims to 'verify' their wallet address by connecting it to a malicious site or sending a small amount of crypto to 'confirm eligibility' — both of which result in fund theft.
Criminals use compromised social-media accounts or fake Kraken profiles to send direct messages advertising exclusive cryptocurrency giveaways that require victims to visit a phishing site, share credentials, or connect a wallet — leading to account compromise or fund theft.
Criminals compromise or clone OpenSea Discord servers and post fake mint announcements with wallet-connect links. Victims who connect their wallet and approve the contract interaction have tokens transferred out by a drainer script — often within seconds.
Criminals use AI-powered video deepfakes to impersonate Binance compliance or security officers on video calls, convincing users that their accounts face suspension unless they transfer cryptocurrency to a 'verified holding address' controlled by the attackers.
Malicious websites branded to look like Coinbase login or verification pages present fake CAPTCHA challenges that, when 'completed,' inject a system command into the clipboard. Running the command installs malware that steals Coinbase session cookies and browser-stored credentials.
Criminals create fresh PayPal accounts using stolen identity data and rapidly exploit the brief window before fraud controls engage — using the new accounts to make purchases, receive fraudulent payments, or move stolen funds while impersonating PayPal's platform legitimacy.
Fraudsters print or send fake QR codes styled with Coinbase branding that link to phishing pages mimicking Coinbase's login portal or a fake 'crypto ATM deposit' interface, harvesting exchange credentials or directing victims to send funds to attacker-controlled wallets.
AI-generated voice calls impersonate Revolut fraud-prevention agents, claiming suspicious transactions are in progress and pressuring victims into confirming a one-time code or approving a 'reversal transfer' — actions that in reality hand over account access or authorise a fraudulent payment.
Malicious websites targeting PayPal users display convincing browser-update overlays that, when clicked, install keyloggers or form-hijacking malware that captures PayPal login credentials and card details the next time the victim visits paypal.com.
Criminals port Kraken users' phone numbers to SIMs they control, intercept SMS-based two-factor authentication codes, and use password-reset flows to gain full account access before draining cryptocurrency balances and withdrawing fiat funds.
AI-powered tools allow criminals to craft highly personalised phishing emails or DMs targeting MetaMask users, referencing their known wallet activity, NFT holdings, or DeFi positions to create convincing 'security alerts' that lead to seed-phrase harvesting sites or wallet-drainer contracts.
Counterfeit versions of the Ledger Live application distributed via phishing sites, app-store lookalikes, and search-engine ads present a fake 'wallet restore' flow that requests the victim's 24-word recovery phrase and immediately transmits it to attackers.
Fake OpenSea accounts on Twitter, Instagram, and TikTok run NFT 'giveaway' campaigns that funnel followers to wallet-connect phishing sites, where approving a transaction drains existing NFTs and tokens from connected wallets.
Phishing sites mimicking Trezor's wallet-restoration interface embed fake CAPTCHA challenges that, once 'completed,' either request the seed phrase directly as the 'verification step' or deliver malware that scans the device for cryptocurrency-related files.
Counterfeit Robinhood mobile apps distributed via phishing sites and search-engine ads capture login credentials and two-factor codes the moment a user signs in, potentially exposing brokerage accounts containing investment portfolios and linked bank accounts.
AI-generated voice calls impersonate Wise customer-support agents claiming a large international transfer is pending approval, pressuring victims into sharing their OTP or authorising a payment reversal — actions that result in account compromise or fraudulent outbound transfers.
Criminals register new Cash App accounts using stolen identity details, then use these accounts to receive stolen funds, process fraudulent payments, or pose as trusted Cash App users to scam marketplace sellers and peer-to-peer payment recipients.
Fake Kraken accounts on X/Twitter and Telegram run 'deposit and double' or 'wallet-verify' giveaway campaigns, harvesting cryptocurrency from victims who believe they are participating in an official Kraken promotion.
Automated scripts use email-password pairs from unrelated data breaches to log into Binance accounts where users have reused passwords, giving attackers access to cryptocurrency balances, trading history, and API keys before victims know they have been compromised.
Scammers use deepfake video technology to impersonate Coinbase compliance officers in video calls, claiming a new KYC requirement must be satisfied immediately or the account will be locked — pressuring victims into sharing identity documents or account credentials during the call.
Fraudulent QR codes distributed at cryptocurrency events, online forums, and social media claim to link to MetaMask's wallet-connect or setup flow but instead direct users to phishing pages that harvest seed phrases or execute wallet-drainer approval transactions.
Criminals use AI tools to craft individualised phishing emails referencing Ledger customers' names, order numbers, and shipping addresses from the 2020 data breach, making fake 'Ledger Live update' or 'wallet recovery' emails appear shockingly legitimate.
AI-powered phishing campaigns target Kraken users — particularly professional and high-volume traders — with tailored emails that reference real trading volume, account tiers, or recent market activity to make fake 'compliance review' or 'account verification' requests appear credible.
Counterfeit Binance applications distributed via phishing sites, third-party APK sources, and search ads capture login credentials and intercept two-factor codes in real time, handing attackers instant access to exchange accounts and cryptocurrency balances.
Counterfeit MetaMask apps on unofficial stores and phishing sites simulate the wallet creation and recovery flow but transmit newly created or imported seed phrases to attackers, draining any funds transferred to the newly set-up wallet.
Automated tools test breached email-password combinations against Wise's login, exploiting password reuse to access multi-currency accounts that may hold balances in several currencies, enabling attackers to initiate international transfers before the victim notices.
Counterfeit standalone Zelle apps distributed through phishing sites and search ads mimic the official Zelle experience to capture users' banking login credentials — exploiting the fact that many users are unfamiliar with whether Zelle operates as a standalone or bank-embedded service.
Criminals use AI-generated video to impersonate Revolut Business account managers in video calls with small-business owners, convincing them to share account credentials, approve large transfers, or submit identity documents under the guise of routine account reviews.
Criminals use compromised or cloned social accounts to send direct messages to NFT collectors claiming an exclusive OpenSea giveaway has been reserved for them, linking to wallet-drainer sites that drain high-value NFTs on connection.
Criminals SIM-swap the mobile number registered on a Stripe account to intercept 2FA codes, change the account email, and redirect future payouts to attacker-controlled bank accounts — causing both immediate financial loss and disruption to the merchant's payment operations.
Criminals open new Robinhood accounts using stolen or fabricated identity details, exploit new-account bonuses, and use the accounts as fraud infrastructure — including receiving fraudulent ACH transfers or processing stolen debit card transactions — while Robinhood's platform lends apparent legitimacy.
AI-generated voices impersonate Zelle's bank-fraud notification system in automated calls, claiming an urgent transfer is in progress and that the victim must confirm their banking credentials or approve a 'reversal' to stop it — actions that instead authorise new fraudulent payments.
AI tools craft personalised phishing emails referencing a Revolut user's real transaction history, travel spending, or subscription details to make fake 'account review' or 'unusual activity' alerts appear shockingly specific and credible.
Fraudsters place or post physical cards printed with DHL branding and a QR code, claiming a parcel missed delivery and asking the recipient to scan the code to rearrange it. The QR code leads to a phishing page that steals card details or login credentials.
AI-generated voice calls impersonate IRS agents or inspectors, delivering scripted threats about unpaid taxes, warrants, or identity theft with a realism that traditional robocalls cannot achieve. The IRS initiates contact by postal mail, not by phone calls demanding immediate payment.
Criminals use AI tools to craft HMRC phishing emails or texts that include the recipient's correct name, National Insurance number, employer, and recent filing details, making the message far harder to dismiss than traditional mass-phishing.
Scammers create convincing lookalike apps branded as the official USPS Informed Delivery app, distributed through unofficial download links or third-party stores. Once installed, the malicious app harvests credentials, banking data, and SMS two-factor codes.
Victims receive a video call featuring a deepfake avatar dressed as a DVLA enforcement officer on a professional-looking background, demanding payment for alleged vehicle registration offences or threatening immediate vehicle seizure. The DVLA never conducts enforcement via unsolicited video call.
A phishing email styled as a FedEx shipment notification redirects victims to a CAPTCHA page that secretly pastes a PowerShell command into the clipboard and instructs the user to run it, installing malware under the guise of verifying a delivery.
Criminals use a Royal Mail-branded phishing campaign to harvest mobile numbers and personal details, then use that information to perform a SIM-swap that transfers the victim's phone number to an attacker-controlled SIM, enabling interception of banking two-factor codes.
Phishing emails impersonating the Social Security Administration trick victims into surrendering my Social Security account credentials, or help attackers register a fraudulent account in the victim's name before the real person does, redirecting benefit payments.
Criminals use billions of username-password pairs leaked from other breaches to try to break into DHL MyAccount portals at scale. Once inside, they change delivery addresses, intercept high-value parcels, and harvest stored payment cards.
Criminals affix fake stickers bearing a QR code and USPS branding over or near real parcel lockers, telling recipients to scan the code to retrieve their package. The QR destination is a phishing site that captures login credentials or payment details.
AI-synthesised voices impersonate DWP staff in calls that threaten suspension of Universal Credit or other benefits unless the recipient immediately verifies their identity or pays an alleged overpayment. The DWP never demands same-day payment by phone and always communicates formally through your online journal or post.
Scammers distribute fake lookalike HMRC apps outside the official app stores, claiming to offer tax rebate tracking or self-assessment help. Once installed, these apps steal Government Gateway credentials, banking logins, and SMS two-factor codes.
Fraudsters attach QR-code stickers to Royal Mail drop-boxes, post offices, and missed-delivery slips, claiming recipients must scan and pay a surcharge before their parcel can be released. Royal Mail never takes payment via QR codes on physical signage or cards.
Fraudsters use AI video-call technology to present a deepfake avatar dressed as an HMRC compliance officer on a professional background, demanding immediate payment of alleged unpaid tax or threatening criminal prosecution. HMRC never conducts enforcement through unsolicited video calls.
Criminals craft Service Canada phishing emails using AI to include the recipient's correct SIN fragment, employment details, and current benefit amounts, making the message appear to come from a genuine government source rather than a mass-phishing campaign.
Scammers distribute fake apps branded as the Centrelink or myGov app outside the official app stores, targeting Australians who receive government payments. These apps harvest myGov credentials, Tax File Numbers, and banking details linked to benefit accounts.
A FedEx-branded phishing campaign collects mobile phone numbers and personal data that fraudsters then use to perform a SIM hijack, taking over the victim's number to bypass two-factor authentication on banking accounts.
AI-synthesised voices impersonate Centrelink staff in calls that threaten to suspend welfare payments unless the recipient immediately confirms their banking details or myGov credentials. Services Australia never demands account details over an unsolicited phone call.
Automated attacks use email-password pairs from unrelated data breaches to break into My Service Canada Account (MSCA) portals. A successful login allows attackers to redirect Employment Insurance and Old Age Security direct deposits to their own accounts.
Fraudsters send physical letters or printed cards bearing HMRC branding and a QR code, claiming the recipient owes tax and must scan the code to avoid a penalty. HMRC never directs taxpayers to pay through QR codes on unsolicited physical correspondence.
Scammers use stolen identity details to register a myGov account in a victim's name before the victim does, granting access to Centrelink services and enabling benefit claims or payment redirections in the victim's name.
A phishing email mimicking a USPS delivery alert routes victims to a fake verification page that secretly loads malware instructions into their clipboard and prompts them to paste and run the command, handing the attacker full access to the device.
Victims receive an unsolicited video call from a convincing deepfake avatar posing as a Service Canada case officer, claiming their EI claim is under investigation or their SIN is at risk and demanding immediate verification or payment to prevent account suspension.
Criminals distribute a fake DHL tracking app through phishing SMS links. The app mimics the real DHL app but secretly steals login credentials, intercepts SMS two-factor codes, and can capture banking details from overlay attacks on financial apps.
AI tools combine the recipient's name, address, recent purchase history from breach data, and neighbourhood delivery patterns to craft USPS phishing messages that appear to reference a real, expected parcel — making them far more convincing than generic delivery scam texts.
Criminals use DWP-branded phishing to harvest Government Gateway credentials and then either take over existing Universal Credit accounts to change bank details, or create fraudulent new claims in the victim's name using stolen identity data.
Fraudsters send fake DHL notifications about parcel-locker assignments, directing recipients to a phishing site to retrieve an access code or pay a locker-release fee. DHL Packstation access codes are sent only through the verified DHL Parcel app or SMS to the registered number — never through an unsolicited external link.
AI-generated voice calls impersonate DVLA officials threatening immediate suspension of a driving licence or vehicle registration unless a fine is paid by phone. The DVLA does not make unsolicited calls demanding immediate licence-suspension fees.
Malicious websites triggered by FedEx-branded phishing links display a convincing browser-update popup that, when clicked, downloads malware instead of a legitimate update. The real FedEx website never prompts a browser update as a condition of viewing tracking information.
Criminals deploy deepfake-video technology to stage a convincing IRS audit interview over a video call, demanding document uploads and immediate payment of alleged tax liabilities. The IRS does not initiate audits through unsolicited video calls.
IRS-branded phishing pages harvest the personal details fraudsters need — name, SSN fragment, date of birth, and mobile number — to perform a SIM-swap attack that intercepts two-factor codes for banking and irs.gov accounts.
Criminals distribute a fake Royal Mail tracking and redelivery app via SMS links, targeting UK consumers. The app steals Royal Mail and banking credentials, intercepts authentication SMS codes, and can lock victims out of their accounts.
AI tools combine the target's name, home address, known e-commerce habits, and mobile number from data-breach sources to craft DHL delivery phishing messages that appear to reference a real, specific incoming parcel.
A phishing email mimicking an IRS notice routes victims to a fake identity-verification page that uses a fraudulent CAPTCHA to deliver malware via the clipboard, instructing victims to paste and run a hidden command in a system dialog.
Criminals impersonate AT&T customers at stores or by phone, persuading representatives to transfer the victim's phone number to a SIM the criminal controls, then use that number to intercept OTPs and drain financial accounts.
Fraudsters impersonate Verizon customers to port their mobile number to a new SIM, intercepting two-factor authentication codes to seize financial and email accounts.
Criminals use stolen personal data to convince T-Mobile to transfer a victim's phone number to an attacker-controlled SIM, giving them access to SMS one-time codes and enabling rapid takeover of financial accounts.
Criminals impersonate Vodafone customers at stores or through customer service to transfer a victim's number to their SIM, intercepting SMS-based security codes to seize bank and email accounts.
Criminals use AI-generated deepfake imagery or manipulated photos to fabricate intimate images of victims they met on Tinder, then threaten to share the images with the victim's contacts unless they pay.
Automated AI chatbots posing as genuine Bumble matches sustain long romantic conversations designed to build emotional attachment, then pivot to fraudulent investment or emergency money requests.
Scammers use real-time deepfake face-swap technology during video calls with Hinge matches to appear as the attractive person in stolen profile photos, sustaining romance fraud or sextortion.
Criminals place counterfeit QR code stickers on Walmart self-checkout kiosks, returns desks, or in-store signage, redirecting customers to phishing pages that harvest payment card data under the guise of a Walmart payment portal.
AI tools allow criminals to craft highly personalised Amazon phishing emails referencing your real recent purchases, your first name, and details scraped from social media, making fake messages nearly indistinguishable from genuine Amazon communications.
Criminals feed username-password combinations from unrelated data breaches into eBay's login page, seizing accounts where the victim reused passwords, then listing fraudulent items, redirecting payouts, or committing purchase fraud.
Criminals distribute counterfeit Uber apps through third-party stores, phishing links, or sideloading instructions that steal rider or driver credentials, harvest payment data, and may install persistent spyware.
Fraudsters attach fake QR code stickers to Target self-checkout kiosks, gift-card displays, and Circle loyalty signage, redirecting customers to phishing pages that capture card numbers or Target account credentials.
Criminals use stolen personal data to create new Best Buy accounts or take over existing ones, making large purchases on store credit or with saved payment methods and having goods shipped to reshipping addresses.
Attackers use AI to craft phishing emails containing your real SkyMiles number, flight route history, and tier status, making fraudulent Delta account security alerts or mileage expiry notices extremely convincing.
Attackers use leaked email and password combinations to log in to Airbnb accounts, divert host payouts, book stays at victims' expense, or conduct rental fraud using the established trust of a legitimate account.
Criminals use AI voice synthesis to impersonate Lyft customer support, calling drivers or riders with fabricated account alerts and persuading them to surrender their login credentials or banking details under the guise of resolving an urgent account issue.
Criminals place counterfeit QR codes on Marriott hotel room key packets, lobby signage, and restaurant bill folders, redirecting guests to fake Marriott Bonvoy login pages or fraudulent payment portals.
Criminals distribute counterfeit Lyft apps through phishing links and third-party stores that mimic the genuine interface to capture credentials, harvest payment data, and track user locations.
Criminals use stolen identity data to create new fraudulent Booking.com property listings or take over existing host accounts, collecting advance payments from genuine travellers for accommodation that does not exist or is not under the criminal's control.
Sophisticated AI chatbots posing as genuine Hinge profiles engage users in extended relationship-building conversations before pivoting to investment fraud, gift-card requests, or sextortion.
Attackers use leaked email-and-password pairs from unrelated breaches to log in to Hilton Honors accounts, redeeming accumulated points for free nights, gift cards, or airline miles before the legitimate member notices.
Attackers use AI to craft highly personalised phishing emails referencing the victim's real MileagePlus number, elite status, and home hub airport, making fraudulent United account alerts indistinguishable from genuine communications.
Fraudsters place counterfeit QR stickers on Home Depot in-store signage, paint-mixing stations, and pro-desk literature to redirect tradespeople and DIYers to phishing pages that harvest card numbers or Pro Xtra account credentials.
Criminals use AI image tools to fabricate intimate images of Bumble users from freely shared dating photos, then threaten to distribute the synthetic images to the victim's contacts unless payment is made.
Automated tools test leaked email-and-password combinations against United MileagePlus accounts, allowing attackers to redeem miles for flights or gift cards and access stored payment details before the legitimate member realises.
Criminals distribute counterfeit Amazon shopping apps through phishing SMS links and unofficial app stores that look identical to the genuine app but harvest Amazon login credentials, payment card data, and device permissions.
Criminals create new Delta SkyMiles accounts using stolen identity details to accumulate fraudulent miles, or take over existing accounts to redeem earned miles for flights and gift cards before the real member notices.
Criminals use AI voice synthesis to impersonate AT&T customer service agents, calling subscribers with fabricated account alerts and persuading them to surrender login credentials or authorise SIM changes.
Automated tools test leaked email-and-password combinations against Uber's login page, allowing attackers to book rides at the victim's expense, harvest saved payment details, or redirect driver earnings to mule accounts.
Criminals distribute fake Geek Squad invoices and repair-confirmation documents containing fraudulent QR codes that redirect customers to phishing pages collecting payment card details or Geek Squad account credentials.
Attackers use email-and-password combinations from unrelated data breaches to log in to My T-Mobile accounts, enabling SIM swaps, fraudulent device upgrades, or line additions charged to the victim.
Criminals use AI to generate personalised Booking.com phishing emails that reference the victim's real upcoming reservation details, luring them into entering payment or login credentials on a convincing fake portal.
Criminals distribute counterfeit T-Mobile apps via phishing SMS links that mimic the genuine My T-Mobile app, capturing login credentials and enabling SIM swaps or fraudulent account changes.
Criminals use AI to craft eBay phishing messages that reference real items a victim is watching or has recently bid on, making fake payment requests or account alerts feel entirely legitimate.
Criminals use AI voice synthesis to impersonate Amazon customer service agents, calling victims about fraudulent orders or account security issues and extracting credentials, payment details, or remote device access.
Criminals place fake QR code stickers on Hilton hotel room-key envelopes, lobby signage, and restaurant bill holders, directing guests to fraudulent Hilton Honors login or payment pages.
AI-powered chatbots pose as genuine Tinder matches, sustaining long conversations that build emotional attachment before pivoting to investment fraud, emergency money requests, or sextortion.
Criminals create new Marriott Bonvoy accounts using stolen identity data or take over existing accounts to drain points, book stays fraudulently, or apply for the Marriott Bonvoy credit card in the victim's name.
Criminals email or print fraudulent Booking.com confirmation documents containing fake QR codes that redirect guests to phishing pages harvesting account credentials or payment card details before or during their stay.
Automated tools use leaked email-and-password pairs to access Target Circle accounts, allowing attackers to redeem earnings for gift cards, place online orders with saved payment methods, or harvest stored personal data.
Criminals place fake Airbnb QR codes at short-term rental properties or in pre-arrival communications, redirecting guests to phishing pages that harvest Airbnb login credentials or attempt off-platform payment collection.
Criminals collect photos from Hinge profiles and conversations, use AI deepfake tools to fabricate intimate images, and then demand payment threatening to send the synthetic images to the victim's contacts.
Attackers use leaked email-and-password combinations to access Home Depot Pro Xtra accounts, draining reward balances, placing orders with stored payment methods, or redirecting professional contractor spending accounts.
AI tools generate personalised phishing texts and emails that reference your actual phone plan details, data usage, or loyalty points to make fake account alerts, upgrade offers, or SIM verification requests extremely convincing.
Criminals create new fraudulent eBay seller accounts using stolen identities, or take over existing seller accounts, to run advance-fee purchase fraud or redirect legitimate seller payouts to mule accounts.