2024 Scams
As in previous years, many of the latest scams in 2024 will likely involve twists on time-tested scams. Scammers and fraudsters are expected to exploit new technology and emotions around major events yet to come to trick and scare people. But scammers will always have the same goal—to get your personal information or money. Learning about these latest developments will hopefully help you stay one step ahead.
1. AI-Powered Scams
Perhaps the most obvious example of scammers using new technology to power existing scams comes from artificial intelligence (AI). For example, scammers might use AI to:
- Write more convincing and natural-sounding phishing emails and text messages.
- Create deepfakes of celebrities to trick victims into thinking they're investing in a good company or project.
- Impersonate the victim's friend or relative and ask for money as part of a grandparent scam.
- Impersonate an employer and ask for personal information.
The potential to create an image, video or voice of someone else could make existing scams even more believable and opens up new opportunities for scammers.
2. Student Loan Forgiveness Scams
The back-and-forth changes in student loan forgiveness creates a ripe opportunity for scammers. The scammers know people want to believe their student loans will be forgiven, and they'll use that hope for their personal gains.
For example, scammers may contact you via phone or create phony application sites aimed at stealing your Social Security number or your bank account information. They may put pressure on their victims with fake urgent messages that encourage you to apply for debt relief "before it's too late." Then they'll charge you a hefty application fee. In reality, it's a scam.
It costs nothing to apply for student loan forgiveness, so someone asking you to pay a fee could be a scammer. In addition, the U.S. Department of Education won't contact you by phone. You can stay safe and avoid student loan forgiveness scams by going directly to the Department of Education website for information about applying for forgiveness.
3. Phone Scams
Scammers may contact you by phone, and some phone scams rely on smartphones' capabilities to access the internet and install malware. These can include:
- Robocalls: Robocalls have people's phones ringing nonstop with increasingly natural-sounding recorded voices. They may offer everything from auto warranties to vacations or issue a threat to try and get your attention. Some robocalls can even respond to your questions.
- Impersonators: Scammers impersonate IRS personnel, police, survey takers, relatives, delivery people and well-known companies to threaten you or gain your trust. They use scare tactics related to your Social Security number, criminal record or account before asking for your personal, account or credit card information.
- Apps: Scammers may try to get you to install a malicious app to steal your information. They might create a nearly identical copy of an existing app and then make money from in-app purchases.
- QR codes: These convenient codes have gained popularity as a touchless option to do things like read a restaurant menu or make a payment. However, scammers place their QR codes in inconspicuous spots, and scanning the code could prompt you to make a small purchase or enter your credentials on a look-alike website.
- SIM swapping: This technique is used by a thief to reassign your number to a SIM card in a phone they control. They can then try to log in to your accounts using codes or links sent to your phone number. Contact your carrier to see if there are any security measures for stopping SIM swapping. Also, see if your accounts let you use a non-SMS multifactor authentication option, such as an authenticator app that the scammer can't steal or access.
- One-time password (OTP) bots: Some scammers use so-called OTP bots to trick people into sharing the authentication codes. The scammer might try to log in, prompting the bank to send you a one-time code. At the same time, the bot imitates the company and calls, texts or emails you asking for the code. The timing might convince you that the bot's request is legitimate. However, if you respond, it sends the code to the scammer, who can now log in to your account.
4. Cryptocurrency Scams
The cryptocurrency frenzy might have died down, but that hasn't slowed down the scammers. These scams can take different forms, and they may involve fake prizes, contests, giveaways or early investment opportunities.
The scammers may impersonate celebrities or popular cryptocurrency websites to lure victims into sending them money, sharing login information or "investing" in a project. Crypto exchange accounts have also been the target of the OTP bot attack technique described above to prevent you from getting your crypto back while the scammer drains your account.
5. Online Purchase Scams
Online purchase scams continue to be one of the riskiest types of scams, according to the Better Business Bureau (BBB) 2022 Online Scams Report. The BBB found that people most commonly reported being victims after trying to buy a puppy online.
Some scammers set up fake e-commerce stores and buy ads for the website on social media. The FTC reported that 44% of social media scams from January to June 2023 were related to online shopping. Alternatively, scammers might list items for sale on online marketplaces, including social media website's marketplaces.
The scammers might take your money and never send anything in return. Or, they might be committing triangulation fraud and purchasing the item you bought with someone else's stolen credit card. You might not realize you were part of a scam unless you try to return the item or use a warranty.
Always look for red flags such as too-good-to-be-true prices, lack of details or high-pressure sales tactics. Paying with your credit card can also help you limit potential losses, as you can initiate a chargeback if you don't receive a product or service.
6. Employment Scams
Employment scams use enticing, and hard-to-detect, lures to target people who've been out of work. Some scammers take a slow approach with interviews and a legitimate-seeming operation. They then collect personal information from your employment forms, or tell you to buy equipment or training.
Other scams get right to the point and promise guaranteed or easy income—if you purchase their program. Sometimes, a fake employer sends a large paycheck and asks you to send the "extra" back—a play on the popular overpayment scam.
You may also see job opportunities that involve receiving money and sending funds to another account, or receiving and reshipping packages. These "money mule" and "reshipping mule" jobs are often part of an illegal operation, and you could be personally liable.
How to Avoid a Scam
While scammers' delivery methods and messaging can quickly change, a few basic security measures can help protect you from the latest and most common scams:
- Be skeptical when someone contacts you. Scammers can spoof calls and emails to make it look like they are coming from different sources, including government agencies, charities, banks and large companies. Don't share personal information, usernames, passwords or one-time codes that others can use to access your accounts or steal your identity.
- Don't click unknown links. Whether the link arrives in your email, a text or a direct message, never click on it unless you're certain the sender has good intentions. If the message says it's from a company or government agency, call the company using a number that you look up on your own to confirm its legitimacy.
- Be careful with your phone. Similarly, if you suspect a spam call, don't respond or press a button. The safest option is to hang up or ignore the call entirely. You can always look up the organization and initiate a call yourself if you're worried there may actually be an issue.
- Enable multifactor authentication. Add this feature to any accounts that offer it as an option, and try to use a non-SMS version to protect yourself from SIM swapping.
- Research companies before taking any actions. Before you make a purchase or donation, take a few minutes to review the company. Do a web search for its name plus "scam" or "reviews" and research charities on Charity Navigator and CharityWatch.
- Don't refund or forward overpayments. Be careful whenever a company or person asks you to refund or forward part of a payment. Often, the original payment will be fraudulent and taken back later.
- Look for suspicious payment requirements. Scammers often ask for payments via wire transfer, money order, cryptocurrency or gift cards. These payments can be harder to track and cancel than other forms of payment, which can leave you stuck without recourse.
- Create a family password. Create a family password that you can all use to verify that it's really one of you on the phone, and not someone who created a deepfake of your voice.
What to Do if You Fall Victim to a Scam
Here are a few steps you can take that might help prevent additional fraud and protect other people:
- Report the scam and scammer. You can report scammers to the FTC online. Additionally, report the scam and related message to any relevant parties, such as your bank, credit card issuer, social media platform, email provider, phone carrier or the USPS' Postal Inspection Service. You can also file a police report, which might help with recovering your identity or lost funds.
- Scan your devices. If you clicked on a link or attachment, you may want to run an antivirus scan to check for malware.
- Change your passwords. Change the passwords on any accounts that use a password the scammer might know. Use this as an opportunity to create stronger passwords or try out the newer passwordless option called passkeys that are available on some websites.
- Lock down your credit. You may be worried about identity theft if you gave the scammer your personal information. You have the right to add fraud alerts and security freezes, also called credit freezes, to your credit reports for free. These can help keep someone else from opening an account using your information.
Learn More About Online Scams
- Callback Phishing: In callback phishing scams, cybercriminals send you an email about something urgent, such as a fraudulent charge or a vital software update. What makes this tactic unique, is that the email includes a phone number that you are prompted to call.
- Don't Trust Pop-ups: If you’re known to dabble in a little online browsing, odds are you’ve encountered a pop-up once or twice. There are times when a user may think, “Wow, that’s a great deal!” and click on a pop-up. To those users: put down the mouse. Why? That pop-up could be malicious or dangerous.
- Social Media Account Spoofing: In today's interconnected world, social media platforms like Facebook, Twitter, Instagram, and LinkedIn are wonderful tools for staying connected with friends, family, and colleagues. Unfortunately, these platforms are also tools to manipulate and phish unsuspecting users. One way cybercriminals use social media to their advantage is through account spoofing.
- Tax Refund Fraud Alerts: The IRS has reported the perpetrators use multiple message variations in an attempt to fool taxpayers. Fraudsters will use regular mail, telephone, and email phishing attempts to steal taxpayer refunds or tax-related information. Here are a few reminders when dealing with a potential IRS tax scam and other phishing attempts:
- Cyber-Attacks Protection: A cyber-attack is an unwelcomed attempt to access a computer system and steal, expose, alter, disable or disrupt private information.
Reporting security issues
If you have any questions or concerns about emails, websites or unsolicited calls related to Universal 1, please email our Compliance department at compliance@u1cu.org. You can also call our eServices representatives at 800-543-5000 option 0 or 937-431-3100 option 0.
Source: Louis DeNicola, "December 30, 2023" Title: The Latest Scams You Need To Be Aware of in 2024. Fraud and Identity Theft: Retrieved "September 5, 2024" https://www.experian.com/blogs/ask-experian/the-latest-scams-you-need-to-aware-of/: Esperian https://www.experian.com/
« Return to "Blog"