Scams are steadily draining more money each year from the U.S. economy, and unlike fraud schemes where a criminal gains unauthorized access to funds, scams often involve victims being manipulated into willingly initiating transactions themselves, leaving them on the hook for the losses.
These losses erode consumer trust in financial institutions and digital platforms, according to Ayelet Biger-Levin, CEO of RangersAI, a company that develops AI models for detecting and preventing scams.
"People are either ignoring their messages [from their bank] or not trusting institutions that are not helping them," Biger-Levin said during a recent presentation at the cybersecurity-focused RSAC Conference.
Scams are particularly tricky for banks to prevent through automated systems, as the activity is performed by the real user from a trusted device and location that pass standard authentication checks.
Despite the increasingly organized nature of scam operations and the challenges banks face to prevent them, there are a number of strategies that banks and other companies are trying to fight off scams — many of them rooted in directly contacting potential victims.
Scams are different from other threats
Financial institutions sometimes treat scams similarly to how they treat account takeover, or ATO, fraud, according to Uri Rivner, CEO and co-founder of Refine Intelligence, a fraud prevention and AML platform company.
In ATO fraud, a fraudster gains the credentials or access needed to control the victim's account — much like a scammer can gain indirect control by psychologically manipulating a victim.
When a bank detects ATO fraud, it typically has enough signals to make an automated decision like freezing the account. Rivner argued that the data for stopping scams is not as good.
"False positives for scams are much higher than account takeover," Rivner said at RSAC. "It's harder to automate decisions."
Not only that, but in cases where a bank does detect a scam, asking the victim direct questions about what is going on might not work.
"If you actually suspect that someone is a scam victim, and you ask them about it, often they will be guided to tell you something that is untrue," Rivner said. "And people in the financial sector know that this is the current situation."
Scams become industrialized global threat
Scams have evolved into a sophisticated, industrialized global threat, often run by transnational crime organizations operating from scam compounds, initially in Southeast Asia but now spread to other regions, according to Biger-Levin.
One type of transnational scam that has also grown out of Southeast Asia is pig butchering, in which the scammer offers the victim an investment opportunity — often cryptocurrency-related — then misrepresents that the investment is growing, as a means of taking even more money.
These operations, sometimes involving human trafficking, use playbooks and advanced technology like AI, deepfakes and voice cloning to refine their methods and target victims, according to
"They've absolutely honed their craft," West said at RSAC. "They do the same things over and over."
Scammers use tools like
The scale of losses is immense; investment scams alone caused about
"We've never experienced a bloodletting like this before," West said. "We have never experienced a situation ever in the history of the United States where this much money is flowing out and flowing into the hands of organized crime."
Customer outreach is essential to fighting scams
The key to success in fighting scams is finding a balance between technology (i.e., AI and machine learning), human intelligence (i.e., investigators and analysts) and customer intelligence (i.e., potential victims), according to Rivner.
Technology is essential for detecting suspicious patterns across millions of transactions, and banks have historically tried to use AI models to flag potential scams, he said.
"That's not enough," Rivner said. "We need human intelligence to actually screen those, and we might also need to get some context from our customers."
Banks can call customers on the phone or talk to them in a branch to try to gather more information about suspicious-seeming transactions, but they can also use real-time intervention user interfaces, or UIs, in banking apps that ask customers additional questions.
Customer outreach is shifting from a "last resort" to a valuable tool, Rivner said. While a simple yes or no answer might suffice for check fraud, in which the victim is likely unaware of the attempt to steal money, scam situations require deeper questioning like, "Why did you do this? Who are you sending the money to? What's your relationship?"
Collaboration and understanding scammer tactics
Improving account opening fraud detection is also critical, as criminals often need to open numerous accounts to siphon money.
Scams often affect more than just the banking industry, according to David Mahdi, the chief information officer of cybersecurity and identity and access management at Transmit Security. For example, attacking a telco via methods like SIM swapping can facilitate attacks against bank customers.
Because of these wide-ranging impacts, there is a need for different domains like identity, fraud and authentication strategies to be married together, Mahdi said.
Scammers meticulously refine their tactics based on demographics and online behavior. They use playbooks and test what works on different groups, according to West.
"They know what works on American males, and they know exactly what to put in front of you to get you to respond," West said. "And they know what works on American females, as well."
West described how pig butchering scammers hone their initial texts and quickly move conversations to encrypted apps like WhatsApp. They also use specific details like owning a Range Rover or taking expensive vacations, supported by "a whole fleet of pictures" of their "model" (the person the scammers are impersonating).
The increasing sophistication and personalization of scam tactics, as highlighted by West, reveal that scammers are master manipulators who understand human psychology and behavioral biases. They exploit moments of vulnerability, whether through fear, greed or the desire for connection, making everyone susceptible regardless of age or technical savvy.
Experts agree that effectively fighting scams requires a fundamental focus on fostering widespread awareness, promoting open conversations without shame and encouraging collective vigilance across communities, law enforcement and the private sector.
