Loading…
Loading…
Page 25 of 41.
Fraudulent game key sellers on Facebook Marketplace and gaming groups offer discounted keys that are invalid, already redeemed, or obtained fraudulently.
PlatformFraudulent phone sellers on Telegram channels and groups advertise flagship handsets at steep discounts, collect payment, and send nothing or a counterfeit device.
PlatformFraudulent removal operators on Telegram collect deposits for moves that are cancelled at the last minute or never fulfilled, leaving customers stranded on moving day.
PlatformFraudulent tour operators buy Google Ads and optimise websites to appear at the top of search results for destination tour queries, collecting pre-payments for experiences they misrepresent or cannot deliver.
PlatformFraudsters impersonate university payment services or scholarship programmes on Instagram, redirecting students to fake portals that capture tuition payment details.
PlatformScammers use WhatsApp messages and groups to advertise discounted phones to unsuspecting buyers, collecting payment for handsets that are never sent or are counterfeit.
PlatformFraudulent property listings appear at the top of Google results through paid ads or SEO manipulation, driving renters to websites that collect deposits for properties the operator does not own.
PlatformFraudulent vacation club memberships and luxury travel packages are promoted on Instagram, collecting large enrolment fees for benefits that are illusory or grossly misrepresented.
PlatformFraudulent carrier support bots and channels on Telegram extract subscriber credentials and one-time codes under the pretence of resolving billing or account problems.
PlatformDegree-mill operators use Telegram channels and bots to sell forged academic certificates and professional licences to people seeking employment or credential recognition.
PlatformScammers move in-game trade negotiations to WhatsApp to conduct fake item exchanges and payment fraud outside the protections of the game platform.
PlatformScam game key stores on Instagram advertise deep discounts on game codes, delivering invalid or stolen keys that fail to redeem.
PlatformAttackers use LinkedIn to research and target high-value individuals for SIM-swap attacks, harvesting the personal details needed to pass carrier identity verification.
PlatformFraudulent guides solicit tour bookings directly via WhatsApp, collecting pre-payments for experiences that are cancelled, drastically inferior, or never delivered.
PlatformFraudulent Facebook pages and groups target young gamers with fake currency giveaways and paid 'boosting' services that charge parents without delivering any benefit.
PlatformFraudulent removal operators promote services via WhatsApp groups and messages, collecting deposits from people relocating who then find no movers arrive on moving day.
PlatformFraudulent landlords advertise rental properties and request holding deposits via WhatsApp before disappearing or denying any rental agreement was made.
PlatformTelegram channels and bots offer timeshare exit services and vacation club memberships, collecting advance fees for services that are never performed.
PlatformFraudulent tour guides and travel operators on Telegram collect deposits for customised travel experiences that are misrepresented, cancelled, or never delivered.
PlatformFraudsters use Telegram to impersonate supplier contacts and announce banking detail changes, diverting business payments to criminal accounts.
PlatformFraudulent transport pages and groups on Facebook collect pre-paid fares for airport pickups that fail to materialise, stranding passengers on arrival.
BrandScammers send emails or texts claiming your Apple ID has been locked or suspended, directing you to a convincing fake Apple sign-in page that steals your credentials and two-factor authentication codes.
BrandCallers or pop-up alerts claim to be Apple Support, warning of a security breach or virus, and pressure victims into handing over their Apple ID credentials or remote device access.
BrandPhishing emails mimicking Microsoft 365 account alerts direct users to a replica sign-in page that harvests their work or personal Microsoft credentials, often with the aim of penetrating corporate networks.
BrandMalicious browser alerts display Windows error screens and Microsoft branding alongside a phone number, tricking users into calling fake 'Microsoft Certified Technicians' who install remote-access software and steal money or credentials.
BrandPhishing emails styled as Google security alerts claim your account has been accessed from an unknown device and drive you to a fake Google sign-in page that captures your Google credentials and backup codes.
BrandTargeted phishing emails impersonating Google Workspace alerts aim to steal administrator credentials, giving attackers control over an entire organisation's Google environment.
BrandScammers send messages that mimic Meta's account-policy notifications to claim your Facebook or Meta account has been disabled, directing you to a fake appeal form that harvests your login credentials.
BrandFraudsters send messages offering a coveted blue verification tick on Facebook or Instagram in exchange for account credentials, payment, or sensitive personal information.
BrandCriminals pose as Instagram support to 'help' users recover a hacked account, but the process hands attackers the victim's login credentials and two-factor authentication codes.
BrandFraudulent messages claim your Instagram account has received a copyright strike or DMCA notice and will be deleted unless you verify your identity through a link — which leads to a credential-harvesting page.
BrandFraudsters use social engineering to obtain the SMS verification code sent when registering a WhatsApp number, then hijack the victim's account and use it to scam their contacts.
BrandAfter hijacking a victim's WhatsApp account, fraudsters message their contacts posing as the account owner and invent urgent scenarios — a lost wallet, a hospital bill, being stranded abroad — to solicit quick money transfers.
BrandScammers send TikTok creators and businesses messages claiming they qualify for official verification and instruct them to 'complete the process' on a phishing page that steals their TikTok login credentials.
BrandFraudulent emails or messages claim a TikTok account has violated copyright policy and will be deleted, directing creators to a phishing page disguised as a TikTok appeals centre.
BrandFraudsters impersonate Telegram or send messages through compromised accounts to trick users into sharing their Telegram login code, enabling a full account takeover.
BrandScammers create fake Telegram channels or bots impersonating cryptocurrency projects, influencers, or Telegram itself, claiming to run a 'verified' giveaway that requires an initial deposit to receive a larger payout.
BrandPhishing emails mimicking Spotify payment alerts claim a subscription renewal has failed and direct users to a fake payment page that harvests credit card details and Spotify credentials.
BrandScammers send emails claiming a Spotify account has been suspended for suspicious activity and direct users to a fake login page that captures credentials and payment information.
BrandPhishing emails claiming a Netflix subscription payment failed direct users to a convincing fake Netflix login and billing page that steals their account credentials and credit card information.
BrandScammers exploit publicity around Netflix's account-sharing restrictions to send fake compliance notices that lure users into a phishing page, harvesting Netflix credentials and payment information.
BrandPhishing campaigns mimicking Disney+ payment alerts direct subscribers to fake billing pages that harvest credit card details and login credentials under the pretence of a failed renewal.
BrandScammers create fake Disney+ login prompts that mimic OAuth social-sign-in flows, tricking users into granting access to their Google or Apple account via a fraudulent authorisation page.
BrandMalicious websites or pop-ups claim a critical Apple software update is required and prompt users to download a file that installs malware, credential-stealing software, or a fake antivirus on their Mac or iPhone.
BrandScammers send fake emails claiming a Microsoft Defender or Windows security subscription is about to auto-renew at an inflated price, tricking victims into calling a fraudulent refund number that leads to account takeover.
BrandPhishing emails claiming a Google account's 15 GB of free storage is full direct users to a fake upgrade page that harvests Google credentials and payment card details.
BrandFraudsters send fake Meta Business Suite notifications to page managers and advertisers, directing them to a phishing OAuth flow that steals their Facebook business account access.
BrandCriminals copy a real Instagram user's profile picture, username, and public posts to create a duplicate account, then use it to deceive the original user's followers into sending money or sharing personal information.
BrandScammers abuse Apple's trusted-device two-factor system by flooding a victim's Apple devices with repeated authentication requests, then calling them pretending to be Apple Support to extract the six-digit code.
BrandPhishing sites present fraudulent 'Sign in with Microsoft' OAuth consent screens that harvest Microsoft work or personal credentials from users who believe they are completing a standard authentication flow.
BrandScammers who have already obtained a victim's Google password pose as Google Support and social-engineer the victim into sharing the SMS two-factor code, completing an account takeover.
BrandFraudulent messages claim a WhatsApp subscription or premium service is about to expire and instruct users to pay via a link or provide payment details to continue using the app.
BrandFraudulent emails or messages claim a TikTok account has been suspended for community guideline violations and invite creators to appeal through a link that leads to a credential-harvesting page.
BrandScammers create fake Telegram support accounts with official-looking names and badges to solicit account information, phone numbers, and verification codes from users seeking help.
BrandScammers pose as Spotify customer support agents through social media or email and offer to help users recover access to their Spotify account, but the 'recovery' process hands over credentials to the attacker.
BrandScammers send emails claiming a Netflix account has been suspended for suspicious activity or unpaid fees, directing users to a fake reinstatement page that harvests credentials and payment details.
BrandPhishing emails impersonating Disney+ claim an account has been suspended due to unusual activity or billing issues and direct subscribers to a fake page that collects credentials and payment information.
BrandPhishing emails impersonating Apple claim an iCloud password reset was requested and direct recipients to a fake Apple sign-in page that harvests their Apple ID credentials and two-factor codes.
BrandFraudulent emails styled as Microsoft Teams message alerts direct recipients to a fake Teams sign-in page that captures Microsoft 365 credentials, often as the first step in a targeted business email compromise attack.
BrandTargeted phishing emails claim a Google Ads account has been suspended for policy violations and direct advertisers to a fake Google sign-in that steals credentials and billing information.
BrandAttackers who have obtained an Instagram password use social engineering to trick users into sharing their two-factor authentication code, completing a full Instagram account takeover.
BrandPhishing messages claim a Facebook Page or business account has received a copyright strike and will be deleted unless the owner appeals through a link that leads to a credential-harvesting page.
BrandAfter taking over a TikTok account, fraudsters use it to DM the victim's followers with investment pitches, emergency money requests, or fake giveaways, exploiting the trust built up by the original creator.
BrandScammers deploy automated Telegram bots that impersonate official services or Telegram itself to collect usernames, phone numbers, and login codes under the pretence of verification or support.
BrandScammers set up fake Netflix support phone lines or social media accounts and direct distressed subscribers to them, then harvest account credentials, payment card details, or install remote access software.
BrandPhishing emails styled as Disney+ password-reset confirmations direct subscribers to a fake sign-in page that captures their Disney+ and linked email credentials.
BrandScammers instruct victims to purchase Apple Gift Cards and share the redemption codes under various pretexts, then immediately drain the balance by redeeming the codes on their own Apple IDs.
BrandPop-up alerts or emails claim a Windows license has expired or is invalid and direct users to call a number or pay through a fraudulent site, ultimately leading to credential theft or fraudulent payments.
BrandScammers send emails claiming a Spotify trial has converted to a paid subscription and offer an easy cancellation or refund through a link that leads to a credential-harvesting page.
BrandFraudsters copy a WhatsApp user's profile picture and display name to create a near-identical account, then message the victim's contacts from a different phone number to solicit money or personal information.
BrandFraudulent Instagram-branded ads or embedded links on third-party sites present a fake 'Login with Instagram' OAuth consent screen, capturing credentials and granting attackers persistent access to accounts.
BrandAttackers send phishing emails with links to legitimate-looking Google OAuth consent screens for malicious applications, tricking users into granting the app persistent access to their Gmail, Drive, or Google account.
BrandScammers send emails claiming a TikTok LIVE subscription or creator programme fee is due for renewal, directing users to a fake payment page that harvests card details and TikTok credentials.
BrandScammers send fake Netflix cancellation confirmation emails that offer a refund through a link, capturing card details and credentials from users who believe they are claiming money back from an unwanted charge.
BrandScammers send fake Disney+ order confirmations for a bundle upgrade the recipient did not authorise, using the surprise charge as a pretext to direct victims to a phishing page for cancellation.
BrandScammers replicate Microsoft's genuine unusual-sign-in alert emails to direct recipients to a fake login page that captures credentials and live MFA codes for immediate account takeover.
BrandScammers pose as Google support agents on social media or forums to help people 'recover' locked Google accounts, extracting backup codes and recovery details that enable a genuine takeover instead.
BrandScammers send emails mimicking Spotify's password-reset notification to trick users into clicking a link that leads to a fake Spotify sign-in page harvesting account credentials.
BrandFraudsters copy a TikTok creator's username, profile photo, and bio to build a duplicate account, then use it to solicit money from followers, promote fake investment links, or run fake merchandise stores.
BrandCriminals send emails or texts that mimic PayPal's transaction alerts, claiming your account has been suspended and demanding you click a link to restore access. The goal is to harvest your PayPal login credentials and payment details.
BrandFraudsters pose as Cash App support agents — often found through fake social-media posts and search-engine ads — and trick users into sharing their sign-in codes or sending money to 'verify' their accounts. Cash App has no public support phone number, making impersonation especially effective.
BrandScammers impersonating Zelle or the victim's own bank instruct people to send themselves money via Zelle to a 'safe account' they control, claiming the funds need to be moved to prevent fraud. Zelle itself warns: a real bank will never ask you to send yourself money.
BrandCriminals send convincing fake payment-request emails styled as Stripe invoices, targeting small-business owners and freelancers who regularly receive legitimate Stripe payment links. Clicking the embedded 'Pay Now' button leads to a credential-harvesting or payment-capture page.
BrandScammers send emails mimicking Wise's transfer-alert format, claiming a large international payment is pending verification and demanding recipients log in via a fraudulent link. Victims who comply hand over their Wise credentials and may lose funds held in their Wise multi-currency accounts.
BrandFraudsters impersonating Revolut call or text victims to claim there is suspicious activity on their account, then talk them into revealing the one-time passcode Revolut just sent — allowing attackers to authorise transfers or log in to the victim's account.
BrandCriminals send fake Robinhood emails or texts claiming your brokerage account has been restricted due to a compliance review or suspicious login, directing you to a phishing site that captures your login credentials and may trigger a 2FA-bypass in real time.
BrandScammers send text messages or emails mimicking your own bank's fraud-alert system, claiming an unauthorised payment has been initiated and you must act immediately to stop it. The link or callback number leads to a phishing page or fraudster posing as a bank fraud specialist.
BrandFraudsters send fake PayPal refund-confirmation or overpayment emails and call sellers to claim an 'accidental' overpayment was made, pressuring them to return the excess via gift cards or bank transfer before the bogus payment is discovered.
BrandCriminals create fake social-media accounts mimicking Cash App's well-known '#CashAppFriday' promotions, telling users they have won a cash prize that requires a small 'verification fee' or their Cash App login details to claim.
BrandCriminals send texts or emails claiming someone is trying to enroll the victim's email address or phone number in Zelle, and that the victim must click a link to block the enrollment. The link leads to a phishing page that harvests banking credentials.
BrandFraudsters contact merchants via phone or email posing as Stripe's risk or compliance team, claiming their Stripe account has been suspended due to a policy violation and demanding login credentials or payment to restore service.
BrandCriminals intercept or impersonate business email communications and instruct suppliers or clients to update their payment destination to a fraudulent Wise account, diverting legitimate B2B payments to the attacker while appearing to come from the legitimate business.
BrandScammers send fake renewal notices for Revolut Premium or Metal plans, claiming the victim's card will be charged and offering a cancellation link — which leads to a phishing page that harvests Revolut login credentials.
BrandCriminals send fake Robinhood alerts claiming an unauthorised cryptocurrency withdrawal has been initiated from the victim's account and instruct them to call a support number or click a link to cancel it — leading to credential theft or remote-access fraud.
BrandCriminals impersonate bank collections departments, claiming the victim has an outstanding debt, unpaid overdraft, or fraudulent charge on their account and demanding immediate payment via gift cards, wire transfer, or cryptocurrency to avoid legal consequences.
BrandFraudsters contact PayPal users by phone or text claiming their two-factor authentication needs to be reset or verified due to a security incident, tricking them into sharing the OTP that PayPal just sent — which the attacker immediately uses to access the account.