If you see an unfamiliar number when your phone rings, you might want to think twice about answering it. That seemingly innocent call could be part of a clever scheme to steal your personal information or hard-earned money. Be just as cautious with that text message supposedly from your bank, the IRS or even your best friend of 20 years—it might not be who you think.
Cybercriminals are getting more sophisticated, using tactics that can fool even the most vigilant among us. Whether it's a fake charity, a bank security impersonator or a too-good-to-be-true prize offer, a phone scammer might be looking to make you their next victim. Here's a breakdown of some of the most common scams and how to avoid them.
What Is a Phone Scam?
A phone scam is a type of fraud whereby criminals use phone calls, text messages or other mobile methods to trick people into giving up personal information or money. Phone scams exploit vulnerabilities in phones to steal personal information.
Bluesnarfing, for example, happens when scammers access your data through your phone's Bluetooth connection. A different phone scam might involve sending a suspicious link in a text message that takes you to a fraudulent website designed to steal your information.
“Scams are rampant, and scammers will come at you any way they can," says Dave Hatter, a Cincinnati cybersecurity consultant with Intrust IT. “They'll call you on the phone, send you a text or email, contact you on social media or take over a legitimate account with bogus content and links to bad sites. Scammers are very creative and devious with their tactics."
Phone scams are a big reason identity theft remains a huge problem in the United States. The Federal Trade Commission (FTC) received more than one million reports of identity theft through its IdentityTheft.gov website in 2023, with consumers losing nearly $2.7 billion to imposter scams. After emails, phone calls were the second most reported contact method for fraud, followed by text messages.1
When criminals can spy on or even control your device, they can easily access your financial accounts and steal your money. Here's what to watch out for—and how to help protect yourself.
1. Bluetooth phone scams
Constant Bluetooth connectivity opens the door for hackers to send spam texts (“bluejacking"), which can lead to them accessing your email and other personal information on your phone (“bluesnarfing") and even taking total control of your phone (“bluebugging"). You can reduce your risk by switching your Bluetooth connection off when you're in public and not using it. Constantly update your software to get the most current security updates, and get rid of older devices that can't be updated.
2. Spoofing/phishing
Scammers can assign the name of a legitimate company to their own phone number, making you think your bank or a government agency is calling. Scammers are also increasingly using AI to mimic a familiar person's voice to gain your trust—and, eventually, your cash.
In a phishing scheme, you receive emails or texts that seem to be from legitimate companies but contain links that download malware or take you to counterfeit sites that ask for your password. Phishing scams can be harder to detect on mobile phones since the smaller screen may not display the entire URL, which is often a clue that it's fake.
3. Fake tech support scams
Users might get a message or phone call from someone claiming to be from their software provider or a tech support company. They'll say you have a problem with your device or software and ask for payment for a “fix." They might also ask for remote access by having you download an app to remove a supposed virus. Through that app, however, they can install malware, take over your account and then extort you for money to get it back.
4. IRS scams
A scammer may contact you claiming to be an IRS agent and even provide a fake ID badge number. They might claim to need your personal information to give you an unexpected tax refund or help restore a “suspended account." They may even threaten you with arrest for past debt.
5. Social Security scams
You may receive a call, text, email or message on social media threatening to suspend your Social Security number or seize your bank account, or possibly offering to increase your Social Security payments. The scammers might attempt to seem legitimate by sharing part of your Social Security number. They'll ask for your full number or for financial account information to steal your identity.
6. Bank scams
In a bank scam, you might receive a call or text message from your bank asking for personal information. The message may claim it's to verify a recent transaction, investigate suspicious activity or unfreeze an account “on hold" for supposed fraud. Once the hackers have your information, they can access your funds.
7. App/QR code scams
With apps, malware and other vulnerabilities can slip through the iTunes and Google Play stores, though both platforms are vigilant and tend to remove bad apps over time.
Scammers can also put fake QR codes in emails and replace legitimate QR codes with bogus ones. In fact, there have been instances of fake QR codes placed on public parking meters directing users to fraudulent payment websites.2
“There's no way you can look at a QR code with a naked eye and know what it does," Hatter says. “I would never scan a QR code that I saw in the wild or any code unless I was certain it's legitimate."
8. Prize scams
In this scam, an email or text will announce that you're a contest or lottery winner. You'll be asked to provide your personal information so you can supposedly receive your cash, which gives scammers access to your accounts.
9. SIM swapping
Armed with just your phone number and some basic personal info, a crook tells your cellphone carrier that their phone was lost and asks them to associate a new SIM card with your phone number. This makes your number active on their phone, allowing them to reset passwords and shut you out of your email and social media accounts.
Even scarier, this crime makes two-factor authentication useless: Because the crooks have your number, they get any text messages with authentication codes, which can give them full access to your bank accounts.
Telltale Signs of a Scam
Banks, government agencies and legitimate organizations won't ask for your personal or financial information by phone, email or text. Most IRS contact, for example, is through postal mail.3 Legitimate entities won't ask you to send money, cryptocurrency, gift cards or other payments for a service, nor will they ask you to download an app to access your device.
According to Hatter, any calls or messages that express a sense of urgency or aggressiveness or ask you to do something out of the ordinary should raise suspicion.
What To Do if You Become a Victim
Even the most tech-savvy individuals can fall victim to a phone scam. If you think you've been hacked, contact your financial institution immediately so they can freeze your accounts and credit cards to prevent further fraud. If you used a credit card to pay for fraudulent services, contact your credit card company to see if the charges can be reversed.
Make sure to report the scam to your local police department, as having a report on file could help any efforts to get your money back or restore your accounts.
Filing reports on the state and federal level can also help the government keep track of current scams and warn other people. You can file a scam report and identity theft report with the FTC at ReportFraud.ftc.gov and IdentityTheft.gov.
If you've fallen prey to an IRS scam, contact the IRS Identity Protection Specialized Unit so they can take steps to secure your tax account.
Tips To Be More Proactive
Awareness is your best defense against phone scams. You can thwart even the most determined scammers with these proactive measures to help keep your identity—and your funds—as safe as possible.
- Don't download apps or other software without ensuring they're from a legitimate source.
- Ignore unfamiliar text messages and hang up on callers who seem suspicious. Hatter also suggests not answering calls from unusual numbers—if the caller is legitimate, they'll leave a voicemail.
- Change your passwords frequently, create strong passwords on all accounts and use multifactor identification to help reduce risk. Hatter suggests using multifactor identification independent of your phone, like a PIN code or a USB security key. You can also download an authenticator app to access your accounts versus using a text message.
- Stay updated on phone scam tactics so you won't get caught off guard. The FBI's Internet Crime Complaint Center allows consumers to report cybercrimes and learn about the latest scams.
Be on the Alert
Phone scams are constantly evolving, and scammers continue to grow more sophisticated and creative in their efforts to steal your information and money. If you encounter a suspicious message, call or other form of contact through your phone, don't hesitate to delete, ignore or just hang up.
READ MORE: How To Protect Yourself From AI Fraud and Scams in Banking
You may also like
1. As Nationwide Fraud Losses Top $10 Billion in 2023, FTC Steps Up Efforts to Protect the Public. Federal Trade Commission. Feb. 9, 2024.
2. Ryan, S. Fraudulent QR code stickers found on 29 Austin public parking meters. Fox 7 Austin. Jan. 4, 2022.
3. Report phishing and online scams. IRS. Sept. 16, 2024.