Ally logo. Go to Ally.com
security

8 latest cyber scams: How to spot them and protect yourself

·4 min read

Technology is ever-changing, and so are cybercriminals’ strategies. “Educating our customers on the latest trends in security and fraud scams is just one of the many ways we live up to our commitment to being a financial ally,” says Lindsay Sacknoff, head of consumer banking at Ally. “Scams can change quickly, and it’s important to help our customers understand what to watch for in this evolving landscape.”

What can you do to help protect yourself? Start by testing your knowledge, then read on to stay up to date on the latest cyber threats.

Types of scams

Watch out for the warning signs of new and trending scams:

1. Vishing and voice clone scams are on the rise

Voice phishing, also known as vishing, is when scammers replicate harvested voice samples from social media, podcasts and public recordings using AI. They then call you mimicking someone you know and trust in an attempt to obtain personal information.  

How to spot vishing

To protect yourself from vishing scams:

  • Be wary of unexpected requests for money or personal information

  • Do not trust caller ID

  • If an alleged loved one calls frantically asking for money, hang up and call the person directly using trusted contact information

  • Create a safe word that only you and your close family know

2. Phone scams: Smishing and SIM swapping

Smishing, or SMS phishing, is when a cybercriminal sends a text pretending to be someone you know, or a legitimate company. These often include a fraudulent link asking you to confirm information. Another way hackers exploit your smartphone is by SIM swapping, or tricking your phone carrier into transferring your phone number to a new SIM card they control. Also be on the lookout for one time password (OTP) bots, which con people into sharing authentication codes received by text or email.

How to spot phone scams

To protect yourself from smishing scams

  • Don’t click links in unexpected texts – go to the site or app directly 

  • Check the sender anytime you receive a message asking for sensitive information 

  • Never share one-time codes (OTPs) or PINs, even if the request or requestor is adamant; hang up and call the company directly 

  • Be wary of urgent messages that need you to react quickly 

  • Add a carrier PIN or port-out lock with your mobile provider to block unauthorized SIM changes. 

  • Report suspicious texts to your carrier and delete them. 

3. Financial grooming: Pig butchering, crypto & investment scams

Pig-butchering scams are a form of financial grooming. Fraudsters build long-term trust, often posting as friends or romantic partners, then slowly lure victims into fake investment platforms. They may even show fabricated “profits” to convince victims to keep investing. It's a deeply manipulative and devastating crime that combines emotional exploitation with financial fraud.

How to spot investment scams

To protect yourself from crypto and investment scams:

  • Don’t respond to unsolicited texts or instant messages, even if they look friendly or accidental (“Hi, is this John?”) 

  • Watch for emotional manipulation tactics and constant mentions of money or investment opportunities

  • Be wary of offers for a refund if you pay an upfront fee

  • Think twice if the crypto or other investment seems too good to be true — like a contest, prize or “early“ opportunity

4. Always verify: Payment app scams

Scammers can take advantage of third-party payment apps through common scenarios like accidental overpayments or fake fraud alerts. While you can usually contest an illegitimate payment with your bank, it’s more difficult to get a refund from a payment app.

How to spot payment app scams

To protect yourself from online payment scams:

  • Be wary if someone claims to have sent an “overpayment” to one of your payment apps and asks for a refund

  • Verify messages that look like they’re from the payment app company by checking your account through the app or website

5. Before you buy: Online marketplace scams

Criminals set up online stores or product listings to trick people into making purchases that either never arrive or are fake. Claims of low prices and hard-to-find items are often used to lure victims.

How to spot online marketplace scams

To protect yourself from online marketplace scams:

  • Always research retailers and be wary of customer reviews before buying 

  • Be cautious with deals that seem too perfect

  • Shop from sites that accept secure payment methods

6. Fake jobs, real risk: Employment and work-from-home scams

Receive an unexpected communication like a text or email - claiming you can make big money working from home? If you inquire about the job, the fake employer asks for your sensitive personal information, then uses it to claim your identity.

How to spot employment scams:

To protect yourself from employment scams:

  • Research employers and look for legitimate employee reviews

  • Be cautious of any unsolicited employment offers

7. Check before you scan: QR code scams 

Scammers create malicious QR codes, distributing them via email, social media or in public places. Scan the fraudulent code, and you’ll be redirected to a site that collects personal information or installs malware.

How to spot QR code scams

To protect yourself from QR code scams:

  • Only scan QR codes from trusted sources and be cautious of QR codes in unusual locations

  • Check for signs that a QR code has been tampered with, like a sticker covering the original code

  • Ensure your mobile device is up to date with the latest software

  • Use the camera capabilities that come with your mobile device, as many QR code scanner apps contain malware

  • Access the website directly instead of scanning the QR code

8. Tech support swap: Remote access scams 

Fraudsters may pretend to be from a trusted company, like tech support, to gain remote access to your device. They buy ads or compromise legitimate sites, so when you visit, a pop-up is triggered. The pop-up advises you to call your computer’s tech support, which then instructs you to allow them to remote into your computer. Once in the "helpful" representative can log into your bank account and transfer your money, all while you’re locked out.  

How to spot remote access scams

To help protect yourself from remote access scams:

  • Download and install Webroot® SecureAnywhere™ at no cost on up to three devices. While it won’t stop a remote access install, it will warn you about phishing sites and block malicious downloads 

  • Never give an individual remote access to your devices unless you’re speaking with a verified support person

What to do if you’ve been scammed

Digital criminals employ sophisticated tactics to entice victims, so don’t be too hard on yourself. Instead, take action:

  • Act quickly by reporting the incident to relevant authorities

  • Contact your financial institution to report the fraud

  • Change any passwords and disable credit cards to cut off access to your accounts

Being aware and staying informed are your best defenses against digital fraud. Recognize the signs and know how to respond so you can protect yourself and your finances from these evolving threats.

Next in the series

security Sep. 26, 2025 4 min read
Holiday online shopping safety: 8 ways to stay secure
Beautiful smiling African American woman using digital tablet at the bar.

Explore more