Scammers use phishing to try to get personal information from you. Phishing is the fraudulent attempt by an email sender to trick a recipient into revealing personal or financial data such as credit card numbers, social security numbers, online banking passwords, and so on. The scammer typically poses as a legitimate company or organization in an attempt to convince the recipient that the message is legitimate. You could receive an email purportedly from your bank asking you to log in and verify some information, or one that appears to be from eBay telling you that your account has been suspended. The goal of the scammer is to get you to click on a link in the message that takes you to what appears to be a legitimate site where you are asked for personal or financial data. This data can then be used by scammers for identity theft purposes or sold on the black market.


Scammers use spoofing tactics over the phone to attempt to get your personal information. If you receive a call from someone claiming to be from your bank or financial institution asking for your account number, social security number, PIN, or password, do not give it to them.

Some of the common scams that involve spoofing include:

Robo-calling: This is when a scammer uses automated technology to dial thousands of phone numbers at once. They use a recording that says something like “This call is officially coming from Bank of America and we’re confirming that you have an active account with us.” Then they hope you’ll reply with your personal information.

Scam-bots: Scam-bots are computer programs that search the internet for email addresses and phone numbers on many different websites and then call the person in an attempt to get personal information. The scam-bot might say something like “I’m calling on behalf of Bank of America regarding your recent order.”


Clone phishing is a form of cybercrime that occurs when scammers send out emails that look exactly like legitimate, company-issued emails. These tactics can be difficult to spot as they look nearly identical to a legitimate email. However, the scammer will replace any links and downloads with malware designed to search for personal information and infect devices.


Whaling attacks typically target top executives. They are more likely to use social engineering tactics but may also use malware to exploit known vulnerabilities, gain access to sensitive data, or steal funds from the company. A whaling attack is more than just a random phishing attempt; it involves researching an organization and its employees before making an attack. The scammer will use this information to convince the victim that they are who they say they are and increase their chances of being able to obtain confidential information.

Technology is constantly evolving and new methods of scams are popping up every day. While these are common scams, they are not the only ways internet scammers try to get your information. Being familiar with the common types of scams can help you spot red flags in the future and could potentially save your bank account from internet scammers.