Loading…
Loading…
Page 29 of 41.
Scammers send fake 'you were charged' notifications mimicking Cash App payment receipts to panic recipients into clicking a phishing link.
BrandScammers exploit Zelle's irreversible payment model and mimic Zelle bank alerts to trap sellers into shipping goods before payment is confirmed, then trigger bank reversals.
BrandCriminals impersonate Zelle's bank partners and claim recipients owe outstanding Zelle transaction fees or disputed-payment balances, demanding immediate payment.
BrandCriminals send fake recall-refund notices claiming a Zelle transfer is waiting, then use the verification process to harvest bank credentials.
BrandFraudsters impersonate Zelle or a bank's Zelle team and instruct victims to buy gift cards to 'protect' their account or receive a bonus, then drain the card balances.
BrandScammers impersonate Stripe's compliance or finance team and contact businesses claiming unpaid processing fees or negative balances must be resolved immediately or the merchant account will be closed.
BrandFraudsters impersonate Stripe support and demand that merchants purchase gift cards to pay for a fabricated compliance fee or to 'hold funds' during an alleged account review.
BrandScammers send fake 'Stripe payment received' or 'you were charged via Stripe' emails to merchants and consumers to harvest Stripe account credentials.
BrandCriminals exploit Wise's international payment infrastructure and mimic Wise dispute emails to confuse sellers into giving refunds outside the official process, enabling double recovery.
BrandCriminals send fake Wise payment receipts claiming the recipient was charged for a transfer they did not authorise, using alarm to prompt a login on a phishing page.
BrandFraudsters posing as Wise compliance contact users claiming unpaid transfer fees or disputed-balance amounts must be settled immediately to avoid account closure.
BrandCriminals use Revolut's card-linked dispute mechanism to buy goods, trigger chargebacks through Revolut's banking licence, and send fake Revolut dispute emails to delay sellers.
BrandFraudsters impersonate Revolut's compliance department and claim users owe outstanding fees or negative balances, threatening account closure and legal action.
BrandScammers impersonate Revolut and instruct users to purchase gift cards to 'protect' their account balance from a supposed breach, then drain the card values once codes are shared.
BrandScammers intercept or forge business payment instructions and ask recipients to redirect invoice payments to a new Revolut account number, claiming a banking change.
BrandCriminals deposit funds into Robinhood accounts via ACH, execute trades, then reverse the bank transfer — leaving the brokerage to recover the shortfall from the account holder.
BrandFraudsters impersonate Robinhood's finance team and claim users owe margin loan balances or regulatory fees, threatening account closure and legal action to coerce immediate payment.
BrandScammers send fake Robinhood fee or account-funding invoices to redirect users' investment deposits into attacker-controlled bank accounts.
BrandScammers send fake Robinhood trade confirmation emails claiming the user's account was just used to buy or sell securities, using alarm to drive clicks on a credential-harvesting login page.
BrandScammers send fake notices claiming Robinhood is issuing refunds for overcharged fees or a past class-action settlement and ask users to verify identity to collect their payout.
BrandCriminals impersonate a victim's bank and send fraudulent payment-instruction updates, redirecting business or personal wire transfers to attacker-controlled accounts.
BrandFraudsters impersonate a victim's bank to manipulate them into initiating or blocking chargebacks in ways that benefit the scammer rather than the victim.
BrandCriminals send fake notices claiming the victim's bank is processing a product recall refund to their account and needs account verification, then harvest banking credentials.
BrandCriminals impersonate bank collections departments and threaten legal action or credit damage over fabricated loan or overdraft balances to coerce immediate payment.
BrandCriminals send fake invoices appearing to originate from a victim's bank, claiming fees, loan renewals, or regulatory charges are overdue and must be paid to an external account.
BrandCriminals deploy fake bank chatbot pages in paid search results and phishing emails to harvest online banking credentials and one-time SMS codes in real time.
BrandScammers run fake PayPal chat-support pages that walk victims through a 'password reset' process designed to capture new credentials as they are set and immediately change them on the real account.
BrandCriminals send fake notices to merchants claiming Stripe has initiated a batch recall refund to buyers and that merchants must verify their account to approve the refund disbursement.
BrandCriminals operate fake Stripe merchant-support chatbots on lookalike sites, harvesting API keys, bank account details, and Dashboard credentials from merchants seeking help.
BrandCriminals deploy fake Wise support chatbots on lookalike domains to steal login credentials and verification codes from users seeking help with transfers.
BrandScammers send fake Revolut payment receipts claiming the user's card was just charged for a purchase they did not make, prompting a panicked login on a credential-harvesting page.
BrandCriminals run fake Revolut support chatbots on lookalike domains to steal phone-based login credentials and in-app verification codes from users in real time.
BrandCriminals operate fake Robinhood chat-support pages in search ads to harvest brokerage account credentials and two-factor codes from investors seeking account help.
BrandCriminals send fake recall-refund notices claiming a Cash App credit is waiting, then harvest account credentials or redirect victims to send money to 'confirm their $cashtag.'
BrandCriminals call PayPal users pretending to be PayPal's account-security team and socially engineer them into disabling or bypassing their own two-factor authentication.
BrandScammers send fake Zelle payment receipt emails claiming the user's bank sent or received an unexpected transfer, prompting a bank login on a credential-harvesting page.
BrandFraudsters impersonate Wise compliance and claim business or personal accounts must deposit gift-card funds to cover a compliance reserve or avoid regulatory action.
BrandCriminals pose as Stripe customer advocates and coach cardholders to file fraudulent chargebacks against legitimate merchants, with the scammer taking a cut of the recovered funds.
BrandCriminals operate fake Zelle support chatbot pages to harvest banking credentials from users who believe they are resolving a Zelle payment issue.
BrandCriminals call bank customers impersonating the fraud team and persuade them to disable or hand over two-factor authentication codes, enabling full account takeover.
BrandCriminals run fake Cash App support chatbots in search results and social media to collect account credentials and linked-card details from users seeking help.
BrandCriminals impersonate Robinhood's compliance team and demand gift cards to 'cover' regulatory fees, margin maintenance, or a tax withholding requirement on claimed investment gains.
BrandFraudulent websites mimicking Binance's interface trick users into connecting their wallets and signing malicious transactions to claim a fabricated token airdrop.
BrandScammers posing as Binance Smart Chain support staff lure users into fake DeFi 'flash-loan arbitrage' dashboards that steal wallet credentials and drain connected accounts.
BrandCriminals send urgent emails or SMS messages claiming a user's Binance account has been suspended and directing them to a phishing page to 'restore access' — capturing login credentials and 2FA codes in the process.
BrandFraudsters impersonating Coinbase advertise inflated staking returns — sometimes 30 to 50 percent annually — to lure victims into depositing cryptocurrency that is immediately stolen.
BrandCriminals distribute malware posing as a Coinbase desktop app or Coinbase Wallet extension update; once installed, it silently replaces copied crypto wallet addresses with the attacker's address at the moment of pasting.
BrandFraudulent websites cloning Coinbase's brand promise early access to a new 'Coinbase token' airdrop, tricking users into connecting wallets and granting malicious approval transactions.
BrandAttackers build fake 'Coinbase Wallet Connect' pages that present an EIP-712 off-chain signature request; signing it authorizes the scammer's contract to transfer all of the victim's tokens without further interaction.
BrandCriminals impersonating Kraken's customer support offer to recover lost or frozen cryptocurrency assets, then charge advance fees and request wallet access — stealing more from people who have already been defrauded.
BrandFraudsters use Kraken's trusted brand to promote fake DeFi flash-loan yield portals, convincing users to deposit funds or connect wallets to contracts that immediately drain their holdings.
BrandLookalike websites claiming Kraken is distributing a new KRK or exchange token lure users into connecting wallets and signing malicious approval transactions to 'claim' a fabricated reward.
BrandFake 'MetaMask Security Update' pages and counterfeit dApps trick users into signing EIP-712 messages that grant attackers unlimited token spending rights without requiring a seed phrase.
BrandScammers build clones of MetaMask Portfolio's staking interface and promise exaggerated yields, luring users into depositing crypto into attacker-controlled contracts.
BrandCriminals send emails or pop-up notifications claiming a user's MetaMask wallet has been 'suspended' and directing them to a fake appeal page that harvests their Secret Recovery Phrase.
BrandFraudsters posing as MetaMask support agents use social engineering, remote access requests, and fake synchronization screens to gain control of victims' wallets and drain funds.
BrandCriminals build counterfeit 'Ledger Live Earn' portals advertising inflated staking returns to trick hardware wallet users into sending crypto to attacker-controlled contracts.
BrandFake 'Ledger Connect Kit' pages and counterfeit dApps display EIP-712 signature requests styled to look like Ledger hardware wallet confirmations, tricking users into approving malicious token permissions.
BrandCriminals distribute malware packaged as counterfeit Ledger Live installers; once installed, the malware monitors the clipboard and swaps wallet addresses at the moment of pasting, redirecting transfers to attacker addresses.
BrandScammers impersonating Ledger promote 'Ledger DeFi Vault' investment portals offering guaranteed flash-loan arbitrage profits, then steal deposits and demand advance fees to release fabricated earnings.
BrandFraudulent sites claiming Trezor is distributing a new TRZR token airdrop to hardware wallet users prompt victims to connect their software wallets and sign malicious approval transactions.
BrandScammers impersonating Trezor recruit hardware wallet owners into fake 'Trezor Secured Yield' DeFi portals that steal deposits through fraudulent smart contracts.
BrandFake Trezor Suite 'security verification' pages present EIP-712 structured-data signing requests that grant attackers sweeping token approval rights, exploiting trust in Trezor's hardware-verified signing model.
BrandFraudsters create fake 'OpenSea NFT Staking' portals that promise passive income from staking NFTs, then steal the staked assets through malicious setApprovalForAll transactions.
BrandScammers use OpenSea's name to promote fake DeFi flash-loan 'NFT arbitrage' portals that promise profits from automated cross-marketplace trading, then steal deposited funds and NFTs.
BrandFraudsters impersonating OpenSea's support team trick NFT sellers into 'verifying' their accounts through phishing pages that capture wallet signatures, enabling thieves to drain NFT collections.
BrandFraudulent sites announce a fabricated 'OpenSea SEA token' airdrop for active traders and collectors, directing users to connect wallets and sign malicious approval transactions to claim their share.
BrandCriminals posing as OpenSea staff or 'OpenSea-affiliated recovery specialists' offer to recover stolen or wrongly transferred NFTs for an upfront fee — stealing further from people who have already been victimized.
BrandPhishing emails impersonating OpenSea warn collectors that their accounts have been suspended for policy violations and direct them to fake appeal pages that harvest credentials and wallet approvals.
BrandFraudulent Trezor Suite installers contain hidden clipboard-monitoring malware that swaps destination wallet addresses at the moment of pasting, causing unknowing victims to send funds to attackers.
BrandFraudulent portals impersonating Kraken's staking feature promise amplified yields far above Kraken's published rates, then steal deposited assets through fake 'Kraken Pro Staking' contracts.
BrandFraudsters impersonating Kraken support engineers social-engineer victims into disabling two-factor authentication under the guise of resolving an account access problem, enabling full account takeover.
BrandCriminals posing as Coinbase support agents use social engineering to trick users into revealing or bypassing their 2FA, then use the access to drain account balances.
BrandScammers impersonating Binance security staff use urgent messaging to trick users into completing fake 2FA reset flows that hand over active authentication codes, enabling account takeovers.
BrandFraudulent chatbots embedded on fake MetaMask support sites or injected into search results guide distressed wallet users into sharing their Secret Recovery Phrase under the guise of technical troubleshooting.
BrandCriminals operate fake Coinbase support chatbots through sponsored search results and lookalike websites, guiding victims through credential-harvesting flows or directing them to send test transactions to scammer addresses.
BrandLookalike Binance support chat sites capture user credentials and 2FA codes through convincing chatbot flows, enabling real-time account takeovers and unauthorized withdrawals.
BrandFraudsters send SMS messages falsely branded as DHL, claiming a vehicle or delivery truck associated with a shipment has incurred a toll violation requiring immediate payment. DHL never contacts private recipients about toll charges on its fleet vehicles.
BrandCallers or texters posing as DHL demand that recipients pay customs clearance, import duties, or warehouse storage fees using gift-card codes. DHL never accepts gift cards as payment for any service or charge.
BrandScammers send texts or emails posing as FedEx, claiming a parcel is waiting in a nearby locker and that recipients must verify identity or pay a fee through a link to retrieve it. FedEx's legitimate locker service (FedEx OnSite) sends PIN codes through your registered account, never through unsolicited messages requiring payment.
BrandScammers send SMS messages pretending to be FedEx, claiming a toll charge on a delivery vehicle is blocking the release of a recipient's parcel. FedEx manages its own fleet toll accounts and never passes road-toll costs to parcel recipients.
BrandScammers impersonate FedEx collections agents by phone or email, claiming the recipient owes unpaid shipping invoices or warehouse storage fees and threatening legal action or credit damage unless immediate payment is made. FedEx's genuine billing process never threatens legal action via unsolicited calls from unverified agents.
BrandCriminals send messages pretending to be USPS, claiming a parcel has been redirected to a package locker and that recipients must pay a fee or verify identity through a link to collect it. USPS's legitimate locker notifications, including those for Informed Delivery and Parcel Select lockers, never require a separate payment link to access a waiting package.
BrandFraudsters combine USPS impersonation with a student-tax-refund pretext, sending messages claiming USPS is holding a cheque or government voucher related to a student tax refund that requires identity verification or a release fee. USPS does not hold, issue, or distribute tax refunds or education benefit payments.
BrandCriminals impersonate USPS in messages claiming a tax-related document or identity verification letter is awaiting collection, with the goal of harvesting Social Security numbers, birthdates, and financial information to file fraudulent tax returns.
BrandScammers send text messages or emails impersonating Royal Mail, claiming a parcel has been placed in a local parcel locker and that a fee or account verification is needed to retrieve it. Royal Mail's real parcel-locker service, Royal Mail Parcel Collect, and its Safeplace system never charge recipients a fee to access a waiting parcel.
BrandFraudsters send texts or emails pretending to be Royal Mail and claiming a congestion or toll charge incurred by a delivery vehicle is blocking the release of a recipient's parcel. Royal Mail manages road and congestion charges internally and never passes these costs to parcel recipients.
BrandFraudsters impersonate HMRC to harvest National Insurance numbers, UTR codes, and personal details needed to file fraudulent tax returns, claim fraudulent refunds, or take over existing HMRC online accounts.
BrandScammers leave fake physical cards or send texts pretending to be HMRC, claiming a tax document or HMRC letter requires collection or a redelivery fee before it can be forwarded. HMRC does not use redelivery cards, collection fees, or payment links to deliver official correspondence.
BrandScammers impersonate HMRC to target disabled benefit claimants, claiming a tax-related health or disability payment requires re-verification through a link, threatening suspension of disability-linked tax credits or benefit top-ups unless identity is confirmed online.
BrandScammers call or message people — particularly non-UK nationals — posing as DVLA officials, claiming that a driving licence irregularity has triggered a visa or immigration review that could lead to deportation unless a fine is paid immediately. The DVLA has no immigration enforcement powers and does not make such calls.
BrandFraudsters impersonate the Social Security Administration by claiming that a driver's licence renewal or state ID card application has triggered a Social Security number discrepancy that must be resolved online before the DMV can process the request. The SSA does not participate in routine DMV renewal verification and never asks people to confirm SSNs via a link.
BrandScammers impersonate the Social Security Administration by claiming that a vehicle registration renewal has flagged a Social Security number mismatch that must be resolved to avoid licence suspension or civil penalties. The SSA has no role in vehicle registration and never contacts people about registration discrepancies.
BrandFraudsters impersonate the SSA to trick victims into submitting Social Security numbers, dates of birth, and bank account details under the pretence of resolving a tax-related Social Security record discrepancy, enabling fraudulent tax return filing in the victim's name.
BrandCriminals combine toll-violation threats with SSA impersonation, claiming that unpaid toll violations are linked to the victim's Social Security number and that the account will be suspended unless a fine and a Social Security reverification are completed immediately. The SSA has no connection to toll enforcement.
BrandFraudsters impersonate the SSA by contacting students and young workers, claiming that their Social Security account shows an unresolved student tax-exemption or education-credit discrepancy that must be verified to avoid benefit impacts or tax penalties.