Last year, Americans lost over $12.5 billion to fraud, according to the FTCâa staggering 25% jump from the year before. But hereâs what should really keep you up at night: 2026 is going to be worse.
Why? Because scammers now have access to the same powerful AI tools that legitimate businesses use. They can clone voices, generate realistic video, create entirely fictional identities, and deploy automated systems that work around the clock to steal your money.
The Global Anti-Scam Alliance surveyed 46,000 adults across 42 countries and found that 57% of people were targeted by scams in the past yearâwith nearly a quarter of them losing money. Thatâs not a small problem affecting a few careless people. Thatâs an epidemic.
But knowledge is power. Understanding how these new scams work is your first line of defense. Here are the four scam trends that will define 2026âand exactly what you can do to protect yourself and your loved ones.
1. AI Deepfake Scams: When You Canât Trust Your Own Eyes
The threat: Criminals are using artificial intelligence to create fake video and audio that can perfectly imitate real peopleâincluding your family members, your boss, or anyone else whose voice or image they can find online.
The numbers are terrifying. Deepfake fraud caused over $200 million in losses in just the first quarter of 2025, and vishing (voice phishing) attacks surged by 442% as AI voice cloning became accessible to criminals. Security firm Gartner predicts that by the end of 2026, 30% of businesses will no longer trust video or voice verification alone because the fakes have become that convincing.
How It Works
It starts with data collection. Scammers scrape social media profiles for photos and videos. They download voicemails, TikToks, Instagram storiesâanything with your voice or face. With just 3 seconds of audio, modern AI tools can create a convincing voice clone. A handful of photos is enough to generate realistic video.
Then comes the attack. The most common scenarios:
The âGrandparent Scam 2.0â: You receive a video call from what appears to be your grandson. Heâs crying, says heâs been in an accident or arrested, and needs bail money immediately. The face looks right. The voice sounds right. But itâs entirely AI-generated.
The CEO Fraud Call: An employee gets a video call from their âbossâ instructing them to wire money for an urgent deal. In one famous case, a Hong Kong finance worker transferred $25 million after a video conference with multiple AI-generated company executives.
Romance Scams with Video âProofâ: Scammers maintain long-distance relationships with victims, using AI-generated video calls to âproveâ theyâre real. They look exactly like their profile photos because the AI generates the video in real-time.
How to Protect Yourself
1. Establish a family code word. Pick a secret phrase that only your immediate family knows. If someone calls claiming to be a family member in distress, ask for the code word. No code word, no moneyâperiod.
2. Verify through a separate channel. If your âbossâ calls asking for a wire transfer, hang up and call them back on their known phone number. If your âgrandsonâ needs bail money, text or call their regular phone before doing anything.
3. Watch for glitches. AI-generated video still has tells: unnatural blinking, slight lip-sync issues, weird artifacts around the hairline or ears, hands that look blurry or distorted. Ask the caller to wave their hand in front of their faceâAI often struggles with this.
4. Be suspicious of urgency. Scammers create artificial time pressure so you donât have time to think or verify. Any request for immediate moneyâespecially via wire transfer, gift cards, or cryptocurrencyâis a massive red flag.
5. Keep your social media private. The less audio and video of you thatâs publicly available, the harder it is for scammers to create a convincing deepfake. Review your privacy settings and consider who can really see your posts.
2. Synthetic Identity Fraud: The Invisible Crime Thatâs Costing Billions
The threat: Criminals are creating entirely fake people using a Frankenstein approachâcombining stolen Social Security numbers with fabricated names, addresses, and other details to build synthetic identities that pass standard verification checks.
Synthetic identity fraud crossed the $35 billion mark in losses according to anti-fraud platform FiVerity, with incidents jumping 50% in just one year. The FTC received over 1.1 million identity theft reports in 2024 alone, and many of those stolen details are being used to build these hybrid identities.
Why Itâs So Dangerous
Unlike traditional identity theftâwhere criminals use YOUR name and YOUR details, leaving a clear trail back to youâsynthetic identity fraud creates people who donât exist. This makes it incredibly hard to detect.
Hereâs how it typically works:
- Scammers buy or steal Social Security numbers from data breaches. Childrenâs SSNs are particularly valuable because thereâs no credit history to contradict the fake identity.2. They combine the real SSN with fake names, dates of birth, and addresses.3. They apply for credit, get rejected (as expected for a ânewâ person), but this creates a credit file.4. Over months or years, they build credit history with small accounts paid on time.5. Eventually, they âbust outââmaxing out all credit lines and disappearing with the money.
The Victim Problem
Hereâs the twist: if your SSN is used but paired with a different name, you might never know until you apply for a mortgage and discover mysterious accounts youâve never heard of. Children often donât find out until they turn 18 and apply for their first credit card.
How to Protect Yourself
1. Freeze your creditâand your childrenâs. Contact all three bureaus (Equifax, Experian, TransUnion) and request a credit freeze. This prevents anyone from opening new accounts in your name. For children, youâll need to create a credit file first (they donât automatically have one), then freeze it.
2. Monitor your Social Security statement. Create an account at ssa.gov to check your earnings history. If thereâs income you never earned, someone may be working under your SSN.
3. Use an identity monitoring service. Services like Credit Karma (free) or paid options can alert you to new accounts or inquiries on your credit file. The key is catching unauthorized activity quickly.
4. Be careful with your SSN. Question any request for your full Social Security number. Often, businesses only need the last four digitsâif they need the full number, ask why and how theyâll protect it.
5. Review your free annual credit reports. Go to AnnualCreditReport.com (the only federally authorized source) and check all three bureau reports for accounts you donât recognize.
6. If your child receives mail from credit card companies or debt collectors, investigate immediately. Children shouldnât have any credit activityâthis is a major warning sign.
3. Subscription Traps: Easy to Start, Impossible to Cancel
The threat: You sign up for a âfree trialâ or low-cost introductory offer, and before you know it, youâre being charged monthly fees you never agreed toâand canceling requires jumping through endless hoops designed to exhaust you into giving up.
This isnât just a consumer annoyanceâitâs a $2.8 billion annual drain on American households, and itâs getting worse. The FTC has documented extensive use of âdark patternsââmanipulative design techniques specifically engineered to trick you into subscriptions and prevent you from leaving.
The Playbook
Bait and Switch Enrollment: You click âContinueâ during checkout, thinking youâre completing a one-time purchase, and inadvertently enroll in a subscription. Amazon paid a $2.5 billion settlement in 2025 after the FTC proved their Prime sign-up was deliberately confusing, with internal tests showing customers were accidentally enrolling.
Hidden Early Termination Fees: The âfree trialâ looks risk-free, but buried in the fine print is a hefty cancellation fee if you donât cancel at exactly the right time.
The Cancellation Labyrinth: You signed up with one click, but canceling requires:
- Finding a hidden âCancelâ button- Navigating through multiple pages of âAre you sure?â screens- Being offered discount after discount- Calling a phone number that puts you on hold for 45 minutes- Talking to a âretention specialistâ trained to change your mind
The FTC sued ABCmouse for forcing customers through a âdifficult-to-find, lengthy, and confusing cancellation pathâ that deliberately redirected people away from actually canceling. Uber was sued for charging customers before their free trials ended.
The FTCâs Click-to-Cancel Rule
The good news: The FTC tried to pass a âClick-to-Cancelâ rule requiring businesses to make cancellation as easy as sign-up. The bad news: As of late 2025, this rule has been blocked and isnât in effect. Youâre on your own.
How to Protect Yourself
1. Use virtual credit card numbers. Many banks and services like Privacy.com let you create virtual card numbers with spending limits. Sign up for that âfree trialâ with a virtual card that has a $0 limit after the trialâthe subscription canât charge what doesnât exist.
2. Set calendar reminders. When you sign up for any trial, immediately set a reminder for 2-3 days before it ends. Donât rely on your memoryâcompanies are counting on you to forget.
3. Read the cancellation policy before signing up. Search â[company name] cancel subscriptionâ before you commit. If the internet is full of angry customers describing impossible cancellation experiences, thatâs your warning.
4. Document everything. Screenshot your cancellation confirmation, save the email, record the date and time. If they keep charging you, this documentation is crucial for disputes.
5. Monitor your credit card statements. Set up alerts for any charges. Small, recurring charges often fly under the radarâscammers count on you not noticing $9.99/month among all your other transactions.
6. Use your bankâs dispute process. If youâve clearly canceled and are still being charged, dispute the charges with your credit card company. Include your documentation showing the cancellation.
7. Report to the FTC. File a complaint at ReportFraud.ftc.gov. Even if it doesnât get your money back immediately, these reports help build cases against repeat offenders.
4. Smart Home Hijacking: When Your Devices Turn Against You
The threat: The same smart devices that make your life more convenientâRing doorbells, Alexa assistants, smart thermostats, WiFi baby monitorsâcan become surveillance tools or attack vectors when hackers take control.
Americans own an average of 22 connected devices per household. Each one is a potential entry point for criminals who can listen to your conversations, watch you through your cameras, learn when youâre away from home, and even lock you out of your own devices.
Real Incidents That Should Scare You
Camera Takeovers: Hackers have gained access to Ring cameras and used the speakers to harass families, including terrifying incidents where strangers spoke to children through their bedroom cameras. One widely reported case involved a hacker telling an 8-year-old girl that he was Santa Claus.
Voice Assistant Exploitation: Security researchers have demonstrated attacks where specially crafted audioâeven audio played from a YouTube video at low volume near your deviceâcan trigger Alexa or Google Assistant to make purchases, unlock doors, or reveal personal information.
Thermostat Ransomware: In some cases, hackers have locked smart thermostats at extreme temperatures (either freezing cold or dangerously hot) and demanded payment to restore control.
The Ring âBreachâ Panic of 2025: In May 2025, Ring users across the country reported seeing unknown devices logged into their accounts with login dates they didnât recognize. Social media exploded with âRING HACKEDâ warnings. While Ring ultimately attributed this to a backend bug rather than an actual breach, it highlighted how vulnerable these systems can feelâand how many people use weak passwords that would make real breaches easy.
The Core Problem
Most smart home devices are designed for convenience first, security second. They often ship with weak default passwords, lack encryption, receive infrequent security updates, and connect to your entire home network. One compromised smart lightbulb could potentially give hackers access to everything on your WiFi.
How to Protect Yourself
1. Change every default password. When you set up any smart device, the first thing you should do is change the default password to something strong and unique. Use a password manager to keep track.
2. Enable two-factor authentication (2FA) everywhere. For Ring, Nest, Alexa accountsâanywhere itâs offeredâturn on 2FA. This means even if someone gets your password, they still canât log in without access to your phone.
3. Create a separate network for IoT devices. Many routers allow you to set up a âguest network.â Put all your smart home devices on this network, isolated from your computers and phones that contain sensitive data. If a smart device is compromised, the attacker canât easily jump to your laptop.
4. Keep firmware updated. Enable automatic updates where possible, or set a monthly reminder to check for updates. Outdated firmware often contains known vulnerabilities that hackers actively exploit.
5. Audit your connected devices. Periodically check what devices are logged into your accounts. For Ring, go to Control Center > Authorized Client Devices. For Google Home, check your Google account security settings. Remove anything you donât recognize.
6. Disable features you donât use. If you never use voice purchasing through Alexa, disable it. If you donât need remote access to your thermostat, turn it off. Every feature is a potential attack surface.
7. Cover cameras when not in use. Yes, itâs low-tech, but a physical cover over your camera lens guarantees no one is watchingâno software hack can see through tape.
8. Upgrade your routerâs security. Make sure your router uses WPA3 encryption (or at least WPA2). Change the routerâs admin password from the default. Consider a router with built-in security features that can detect suspicious traffic.
9. Be cautious with cheap, unknown brands. That $15 smart plug from an unknown manufacturer might not receive security updatesâor might already contain malware. Stick with reputable brands that have security reputations to protect.
The Bottom Line: Stay Skeptical, Stay Safe
Hereâs the uncomfortable truth: scammers are getting smarter, faster, and more sophisticated. The same AI that powers helpful chatbots now powers scam calls indistinguishable from real family members. The same data analytics that personalizes your shopping experience helps criminals build detailed profiles of potential victims.
But youâre not helpless. Every scamâno matter how high-techâstill relies on one thing: getting YOU to take action. To wire money. To click a link. To share information. To ignore that nagging feeling that something isnât right.
Your best defense is healthy skepticism:
- Verify before you trust- Question urgency- Confirm through separate channels- If something feels off, it probably is
And perhaps most importantly: talk about scams openly. The reason grandparent scams work is because families donât discuss them. The reason subscription traps persist is because people are embarrassed to admit they fell for one. The more we share these stories, the harder it becomes for scammers to operate in the shadows.
If youâve been targetedâwhether you lost money or notâreport it. Tell the FTC at ReportFraud.ftc.gov. Tell the AARP Fraud Watch Network Helpline at 877-908-3360. Tell your friends and family. Every report helps build the picture that leads to shutting these operations down.
2026 will be a challenging year for consumers. But armed with knowledge and a healthy dose of skepticism, you can make sure youâre not one of the billions of dollars in losses. Stay vigilant, stay informed, and stay safe.
Have you encountered any of these scams? Share your experience in the comments to help warn others. For real-time scam alerts and protection tips, follow Scam Watch HQ on social media and sign up for our newsletter.