12 Tools in a Fraudster's Toolbox

A dozen dirty tricks of the trade employed by identity thieves and scammers

Graphic illustration of scammers toolbox concept

Getty Images

Katherine Skiba

En español

Published February 03, 2020

Criminals hunger for your Social Security number, date and place of birth, mother's maiden name, and other identifiers. They siphon information from data breaches, the dark web and public sources such as social media sites and employee directories. Using subterfuge, they have no qualms about trying to pry it directly out of you. This personal data fuels a long list of financial crimes. Here are a dozen of the most common tactics used by scammers to fool victims and perpetuate fraud.

1. Spoofing

Does caller ID show the same area code and prefix as yours? That incoming call could be from anywhere — even a foreign country. Spoofing is falsifying data on caller ID to disguise who's on the line. In a bid for authenticity, the spoofed number could belong to a legitimate government agency or a business known to you.

2. Phishing

So-called “phishing” emails, calls, texts and letters try to trick you into sending cash or disclosing personal information. Or, the correspondence aims to allow a bad actor to infiltrate your computer device and steal sensitive information. Microsoft, for example, has warned that cybercrooks send phishing emails from rnicrosoft.com—note the “r” and “n” were combined to appear at a glance as an “m.” The word phishing — which dates to 1996 — combines “fishing” and “phreaking,” the latter a term for using an electronic device to avoid paying for phone calls, says Merriam-Webster. Phreaking likely was born from the marriage of the words “phone” and “freak."

3. Fake profiles

Anybody can disguise his or her identity on social media, dating platforms or other sites. In 2019, the Pentagon warned about an increasing number of impersonator accounts on Twitter that hijacked the identity of Marine Gen. Joseph Dunford, then chairman of the Joint Chiefs of Staff. That prompted the Air Force chief of staff to chime in: “The same goes for me — I won't ask for money, your email account or other personal information. Please continue to report impostor pages."

4. Fake photos

Images can be copied or stolen from the internet — or altered — to lend credence to a bogus profile or website.

5. Fake entities

Phony businesses, charities, political action committees and the like — they're sheep's clothing for the wolves at your door.

6. Fake claims

Bad actors use a variety of scripts to persuade you to open your wallet and drain your financial accounts. Examples: “You'll be arrested if you don't …” or “You've won a prize, but first must pay …."

7. Fake names, credentials and badge numbers

Names, titles and such may suggest authority, but in reality be phony baloney.

8. Computer pop-ups

Pop-up warnings can show up on your computer. Alarms may sound. Click on a suspicious link or open an attachment and malware — that's software used for malicious purposes — can compromise your computer system and steal your data. Never call the phone number that appears on a computer pop-up.

9. Robocalls

About 58.5 billion robocalls — a record — bombarded phones in the U.S. in 2019, and 25.9 billion, or 44 percent, were scam calls, according to an industry estimate. Huge numbers of internet-based calls can be made every day at very little cost to con artists, even those overseas.

10. Lead lists

These are rosters of people who have fallen victim to cons and, as such, potentially are soft targets for more mischief. Criminals swap and sell what they callously call “sucker lists."

11. Secrecy

Crooks often insist their targets keep silent about what they're being instructed to do. They're trying to prevent a family member or friend from stopping a scam in its tracks.

12. Persuasion

Criminals excel at blarney and use flattery and charm to ingratiate themselves and gain your trust. Alternatively, they may threaten violence to frighten you to act. The goal is the same: to compel you to cough up cash or sensitive data. And the perpetrators are nothing if not persistent.

Benefits Recommended For You

See All