3 financial scams happening right now (and how to outsmart them)

I have a very high skepticism about any phone call I receive and almost all emails. This hypervigilance is from years of training and preparation about how the bad guys are trying to take advantage, not just of the vulnerable, but of everyone. And even with that defensive stance, they still got me. It is embarrassing to admit. I will add more detail to the story at a different time but hopefully, this reminds us that we need to always keep our guards up. 

Scammers have always evolved with technology, but the rise of artificial intelligence has supercharged their reach, realism, and results. Today’s fraudsters don’t just send suspicious emails or fake sweepstakes – they impersonate your loved ones, hijack legitimate business processes, and build entire fake investment platforms complete with chat support and real-time dashboards. The goal is the same – get your money – but the methods are more convincing than ever. Here are three of the top financial scams trending right now, how they work, and the signs that something’s not right.

1. AI-powered impersonation scams: The “it sounded just like them” con

The setup: You get a call from your spouse, your boss, or your bank’s fraud department. The voice sounds perfect. The number matches your contacts. The message is urgent – “We detected suspicious activity” or “I need help right now.”  In reality, scammers have cloned a voice using a few seconds of audio (often pulled from social media or YouTube) and spoofed the caller ID. Once you’re hooked, they’ll push you to move funds to a “safe account,” share one-time passcodes, or install “security” software that gives them control.

Why it’s worse now: Voice-cloning AI and deepfake tools are cheap, convincing, and widely available. The Federal Communications Commission recently banned AI-generated robocalls, but enforcement is slow, and overseas scammers don’t care. These fake voices can fool even the most cautious listener.

Red flags:

  • Requests for secrecy or speed: “Don’t hang up or your account will be frozen.”
  • Urgent money moves or code-sharing requests.
  • Claims that funds must be “moved to safety.”

Protect yourself:

  • Create a family or team “safe word” for emergencies.
  • Never act on an inbound call – hang up and call the known number yourself.
  • Use strong, app-based multi-factor authentication.
  • If it feels urgent and secret, slow it down.
2. “Pig butchering” investment scams: Fake profits, real losses

The setup: You meet someone online – through social media, dating apps, or friendly chat forums. They build trust over time, then casually introduce an investment opportunity. The platform looks professional, and when you deposit a small amount, you can even withdraw “profits.” That’s how they earn your confidence. Soon you’re encouraged to invest more for “VIP” access or higher yields. Then, when you try to withdraw again, you hit “verification” fees, tax holds, or sudden silence. The site disappears – and so does your money.

Why it’s worse now: These scams have evolved into large-scale operations run like businesses. AI-generated chats and images make scammers sound fluent and trustworthy. Many use real stolen identities and cloned trading dashboards. In 2025, U.S. regulators sanctioned companies providing infrastructure to thousands of these fake platforms—evidence that this is organized, industrial-level fraud.

Red flags:

  • Rapidly developing online relationships that pivot to investing.
  • Pressure to keep the opportunity secret.
  • “Profit screenshots” that look too consistent.
  • New obstacles when you try to withdraw money.

Protect yourself:

  • Never invest through links sent via text, chat, or direct message.
  • Verify firms independently through FINRA BrokerCheck or state regulators.
  • Test withdrawals early and often on regulated platforms.
  • If you suspect fraud, stop all transfers immediately and report to your bank and IC3.gov.
3. Business email and QR payment scams: “Just pay this updated account” 

The setup: You receive an email that looks exactly like it came from your vendor or from your company’s CFO, complete with logos and an existing message thread. It asks you to update payment instructions or wire funds to a “new account.” Criminals often lurk in real email systems for weeks, studying tone, timing, and templates before striking. Meanwhile, “QR code” scams – where criminals place fake QR stickers on parking meters, invoices, or even restaurant tables – are booming. Scanning those codes can send you to cloned payment pages that drain your bank or steal credentials.

Why it’s worse now: Business Email Compromise (BEC) is still the most expensive form of internet fraud, costing companies billions annually. AI now allows scammers to craft flawless emails and even generate replies in real time. QR scams are spreading fast in the physical world, often layered onto legitimate infrastructure.

Red flags:

  • Payment or account changes sent only by email.
  • Slightly misspelled domains or odd reply addresses.  Always check the reply email.
  • QR codes taped or stuck onto surfaces that didn’t have them before.
  • Pressure to pay right before holidays or weekends.

Protect yourself:

  • Verify all payment changes with a known phone number – no exceptions.
  • Enable multi-factor authentication and monitor email forwarding rules.
  • Use “approved payee” lists and dual authorization for wires.
  • Avoid scanning random QR codes; type official URLs manually.

A Classic Scam Making a Comeback: Check Washing and Mail Theft

Old-school fraud is back in new form. Thieves steal checks from mailboxes, chemically erase details, and rewrite them for higher amounts before depositing via mobile apps. The U.S. Postal Inspection Service reports a dramatic rise in this crime since 2021. If you must mail checks, use secure indoor drop boxes, monitor your accounts daily, and switch to verified digital payments whenever possible.  We have had several clients hit by this fraud, even though they were very careful.  If you must send a check, never leave it unattended in a unsecured box.

The Bottom Line

Fraudsters have always relied on speed and fear – but now they have AI doing the heavy lifting. Whether it’s a cloned voice, a fake trading app, or a forged invoice, the key to outsmarting them is the same: slow down, verify out-of-band, and never share credentials or codes with anyone. A few extra minutes of caution can save you months of regret – and thousands of dollars.

Google-Apple-Facebook Breach Ensnares Trove of Financial Passwords

Guest post by cybersecurity experts Mark Hurley and Carmine Cicalese

According to multiple sources, it was disclosed last Friday that more than 16 billion sets of account credentials (i.e., user IDs and passwords) that were stolen from Google, Facebook and Apple over time have been aggregated into a single data set that is now easily accessible by cybercriminals. It is unclear when the data was originally taken but its aggregation has simplified cybertheft. Indeed, so much data is involved it is likely the targeted organizations are unsure of what exactly is included.

More importantly, the purloined information is much broader than just login credentials to access these companies’ platforms. Rather, it includes passwords for all kinds of client accounts, including bank, custodial, email and telecom.

How could this happen? The three organizations make billions of dollars collecting and selling customer information to advertisers. Consequently, they regularly gather immense amounts of data for all kinds of accounts.

In fact, unless a client has turned on a variety of privacy and security settings on their devices, apps, browsers and search engines, the credentials for every account accessed with that device are automatically stored in multiple places. Google and Apple also offer their own versions of password managers to store their clients’ passwords and user IDs. Further, all three offer single-sign-on (SSO) features to allow customers to access numerous accounts using just the password necessary to access their platform.

The loss and aggregation of so many credentials is potentially very bad news for advisors and their clients. Both are already frequently targeted by cybercriminals who are some of the earliest and most effective adopters of artificial intelligence software, which will enable them to quickly sort through the stolen data and identify cybertheft opportunities. Undoubtedly, many will quickly try and steal money directly from client bank and custodial accounts using compromised credentials.

However, passwords for telecom, email and social media accounts also create countless opportunities for social engineering attacks on wealth managers. Numerous ones involving deep fakes—very accurate clones of voices and images of clients and employees made from videos downloaded from social media accounts—already have been used to steal millions of dollars of client assets.

Additionally, cybercriminals routinely use passwords for telecom accounts to divert cell phones and intercept communications—including for multi-factor authentication and transaction confirmation—as well as passwords for email accounts to initiate fraudulent transactions and indirectly attack wealth managers.

Given all this, what should industry participants do? We recommend advisors immediately alert clients to these risks and encourage them to take the following steps:

1. Reset the passwords to financial, telecom, email and social media accounts using a different, lengthy (20 to 25 digit) random password for each account.

2. Engage dual authentication protocols for all financial, email, telecom and social media accounts.

3. Use a password manager—other than the ones provided by Google or Apple—to help store, manage and generate random strong passwords for every login.

4. Engage the security and privacy settings on devices—about 60 on an Apple device and 120 on a Windows/Android device—as well as on browsers and search engines so they stop automatically recording user IDs and passwords each time the user accesses an account, blocking companies from collecting them.

Long before this disclosure, wealth managers and their clients were attractive targets for cybercriminals. The aggregation of so many stolen account credentials will undoubtedly increase the frequency and sophistication of their attacks. Those firms that ignore this new, increased risk may soon pay a price.

Mark Hurley is the CEO of Digital Privacy & Protection. Carmine Cicalese, COL, U.S. Army Retired, is the President of Cyber CIC.

Cybersecurity isn’t optional anymore – 4 wake up calls from Mark Hurley

We used to think of cybercrime as something that happened to other people, other companies, or in other countries. But as Mark Hurley – CEO of Digital Privacy & Protection – reminded us in a recent client briefing, the frontlines of cybercrime are now our inboxes, devices, and conversations.

Here are four of the most important and frankly *chilling* takeaways from that session, along with what you can do to protect yourself and your family.

1. Criminals are now using AI – and they’re better at it than you think 

Hurley made it clear: cybercriminals were among the earliest adopters of artificial intelligence. They use it to:

    • Instantly process leaked data from breaches (like AT&T, Uber, etc.)
    • Launch automated attacks on thousands of accounts at once.
    • Mimic your behavioral patterns using something called the “consistency heuristic” to make scams feel emotionally and logically real. 

They’re no longer just targeting your bank login – they’re going after your email, voice, and telecom account so they can intercept MFA codes, impersonate you, or worse.

2. Deepfakes and fake kidnappings are already here 

This isn’t hypothetical anymore. Hurley recounted recent cases where criminals:

    • Cloned a daughter’s voice using social media videos and demanded $200,000 from her mother in a fake kidnapping scam
    • Posed as a client with cloned voices and diverted funds from retirement accounts, stealing millions

With $4.95 and a few minutes, a criminal can clone your voice convincingly enough to bypass voice authentication software.

3. MFA and passwords aren’t enough anymore

Multi-Factor Authentication (MFA) is no longer a silver bullet. Criminals are now:

    • Hacking into telecom portals to redirect MFA codes
    • Breaching authenticator apps with malware
    • Guessing 8-digit passwords in under a second using brute-force AI tools

Hurley’s team recommends 20–25 digit randomly generated passwords using a password manager – and unique ones for every single login.

4. The number one protection: Slow down

The most practical takeaway? Slow. Things. Down.

When someone requests a wire transfer or password reset, pause and verify. Meet in person if necessary. You’re not just moving money – you’re protecting a lifetime of savings.

 

Action steps you can take today
    • Use a password manager like Keeper to generate and store 20+ character unique passwords.
    • Enable all privacy and security settings on your devices and apps.
    • Install a VPN (like Surfshark) and use it on public Wi-Fi or while traveling.
    • Create a private email used only for account recovery (not daily use).
    • Segment work and personal devices – never store both on one system.
    • Watch for vishing (voice phishing) attacks posing as your advisor, bank, or even government.
    • Ask your advisor to make cybersecurity a part of regular client meetings.
Why it matters more than ever

Cybercrime is now the primary way criminals target families—not just for money, but sometimes for violence or real-world theft. Your brand, your wealth, your safety—they’re all on the table.

The good news? If you do the basics, you’re already 96–97% protected.

And if you’re a client of Ridgeline Wealth Advisors, reach out to us to schedule a follow-up class or activate cybersecurity services with our partners.

Let’s not wait until there’s a crisis to get secure.