AI Chatbot Phishing Assistant Scam
Scammers embed convincing AI chatbots into fake websites and messaging apps to answer victims' questions in real time, building false trust and extracting money or personal data far more effectively than a static scam page.
Last reviewed: 5 July 2026
What this scam is
This scam embeds a conversational AI chatbot — built on the same kind of large language model technology behind mainstream assistants — into a fraudulent website, app, or messaging channel, where it poses as customer support, a sales representative, or an investment adviser. Unlike a scripted phishing page or a scam email, the chatbot can answer follow-up questions naturally, address specific objections, and adapt its persuasion in real time, closing the gap that used to make many scams easy to catch out by simply asking a probing question.
These chatbots appear on cloned bank or retailer support pages, fake delivery-tracking sites, fraudulent investment platforms, and impersonation accounts on messaging apps. They are often available 24/7, respond instantly, and are trained or prompted specifically to keep the conversation moving toward a payment, a personal-data disclosure, or a malicious download or link click.
The scam is distinct from AI voice-cloning or deepfake video scams because it operates entirely in text, at scale, and continuously — a single chatbot can hold hundreds of simultaneous conversations with different victims, each personalised to that victim's stated concern, something no human scam operator could match.
How it works
Scammers configure a large language model with a detailed persona and instructions — for example, posing as a bank's fraud department, a parcel courier's support line, or an investment platform's account manager — and connect it to a chat widget on a cloned or fake website, or to an automated account on a messaging platform. The underlying model is prompted to always steer the conversation toward a specific outcome: clicking a malicious link, providing a one-time passcode, downloading a remote-access app, or transferring funds.
A victim typically arrives via a phishing text, fake ad, or search result and starts chatting, often to resolve what feels like a minor issue — a delayed parcel, a flagged transaction, a login problem. The chatbot responds instantly and convincingly, referencing the victim's own words back to them and answering clarifying questions in a way that feels like genuine, attentive customer service, which lowers the victim's guard far more than a static scam page could.
As the conversation progresses, the chatbot escalates naturally toward the actual goal: asking the victim to 'verify' their identity by entering a card number or one-time passcode into the chat window, sending a payment to 'release' a package or reverse a fraudulent charge, or clicking a link that leads to a credential-harvesting page or malware download. Because the responses feel personalised and attentive rather than obviously scripted, victims who might have spotted a templated scam message often continue engaging far longer than they otherwise would.
Why this scam works
People instinctively extend more trust to something that appears to listen and respond specifically to them than to a static message, and a well-tuned chatbot can simulate attentiveness, patience, and expertise without ever tiring or slipping out of character the way a rushed or poorly trained human scammer might. The instant availability also matters: victims often reach out at a moment of anxiety (a flagged transaction, a stuck delivery) and the immediate, reassuring response satisfies the urge to resolve the problem right away rather than pausing to verify independently.
The scam also benefits from a legitimacy halo effect — because mainstream companies increasingly use AI chatbots for real customer service, encountering one no longer strikes people as unusual or suspicious in itself, removing a cue that might once have prompted more scrutiny.
Common red flags
- Chat support requests a one-time passcode or full card number
- You are asked to pay a fee to 'release', 'verify', or 'unlock' funds or a delivery
- The chatbot pressures you to act immediately without pausing to verify independently
- You reached the chat via a link in an unsolicited text or email rather than the official app
- The chat urges you to download remote-access or screen-sharing software
- Responses feel unusually persuasive or emotionally tailored for a routine support query
- No option to escalate to a verified human representative when requested
- The company's real support channel has no record of your conversation
Sanitized example messages
Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].
I can see your account has a flagged transaction of [amount] — to block it, please confirm the code just sent to your phone.
Your parcel is held at customs, a re-delivery fee of [amount] is required to release it today.
Great question! Many of our investors see returns of [percentage] within the first month, would you like to deposit now?
I understand your concern, let me just get your card details so I can verify your identity and stop the charge.
To fix this issue quickly, please download [remote access app] so I can access your screen and resolve it.
Common variations
- Fake bank fraud-department chatbot requesting a one-time passcode to 'block' a transaction
- Cloned delivery-courier chatbot demanding a small 're-delivery' fee via payment link
- Fraudulent investment-platform chatbot posing as an account manager to encourage deposits
- Impersonation chatbot account on messaging apps posing as a company's official support
- Tech-support chatbot instructing victims to install remote-access software
- Romance or companion chatbot that transitions into requests for money over time
How to verify before you act
Never treat a chat window — however articulate or specific it seems — as sufficient proof you are speaking with a genuine company representative. Independently navigate to the organisation's official website or phone number (typed manually or found through a previous statement, not through any link or number the chat provides) and verify the situation through that separate channel before taking any action the chatbot suggests.
Be especially wary if the chatbot asks you to read out a one-time passcode, move money to 'verify' or 'release' funds, or download any software — legitimate support chat will never require these actions. If you are unsure whether you are speaking with an AI system or a human, asking unusual or off-topic questions can sometimes reveal scripted or evasive responses that break the persona.
Payment methods used
- Cryptocurrency
- Bank/wire transfer
- Gift cards
- Money transfer services
- Payment apps to 'friends & family'
Who is usually targeted
- Online shoppers awaiting deliveries
- Bank customers concerned about fraud alerts
- Prospective investors researching platforms online
- People seeking quick technical support
What to do immediately
- Stop the conversation and do not provide any codes, payments, or downloads
- Independently contact the organisation through its verified official channel
- If you shared a one-time passcode or card details, contact your bank immediately
- Change passwords on any account you fear may have been compromised
- Report the chatbot, site, or account to the organisation being impersonated
- Report the incident to your national fraud reporting authority
- Preserve screenshots of the full conversation as evidence
How to prevent it
- Always verify support requests through an independently found official phone number or site
- Never read out a one-time passcode or verification code to any chat, human or AI
- Be suspicious of any chatbot that asks you to make a payment to 'release' or 'verify' something
- Do not download software recommended by an unsolicited or unverified support chat
- Treat instant, always-available chat support with unusual persuasiveness as a signal to slow down
- Check for the organisation's chatbot on its verified official app or website, not a linked page
- Report suspicious chatbot interactions to the organisation being impersonated
Evidence to preserve
- Full screenshots of the chat conversation including timestamps
- The website URL or messaging account name used by the chatbot
- Any payment confirmation, receipt, or transaction record
- The original phishing text, email, or ad that led you to the chat
- Any software installed at the chatbot's request
Where to report it
- Action Fraud (UK) — UK national fraud & cybercrime reporting centre
- FTC ReportFraud (US) — US Federal Trade Commission fraud reports
- FBI IC3 (US) — US Internet Crime Complaint Center
- Scamwatch (Australia) — Australian competition & consumer reporting
- Your bank's fraud line — Use the number on the back of your card or in your banking app — never a number the caller gives you
Always verify reporting routes and emergency contacts on the official government or agency website for your country.
Frequently asked questions
How can I tell if I'm chatting with a scam AI chatbot?
Look for requests that legitimate support never makes — one-time passcodes, upfront fees to 'release' money or deliveries, or software downloads — and independently verify through the organisation's official channel rather than trusting the chat window itself.
Are AI chatbots used for real customer service too?
Yes, many legitimate companies use AI chatbots for genuine support, which is exactly why scammers can convincingly imitate the format — the presence of a chatbot alone tells you nothing about whether it's genuine.
What if I already gave a one-time passcode to a chatbot?
Contact your bank or account provider immediately using their verified number, as a one-time passcode can allow a transaction or account takeover to proceed within minutes of being shared.
Can these chatbots hold multiple conversations at once?
Yes, this is one of the key differences from a human scammer — a single AI chatbot can carry on hundreds of personalised, simultaneous conversations, which is part of why this scam type has scaled so quickly.