AI-powered social engineering scams are getting savvier. Here's how consumers can protect themselves

Social engineering and AI-driven fraud are climbing to the top of global security concerns. The World Economic Forum lists them among the biggest cybersecurity threats of 2025. And the threat is no longer just spam emails with obvious typos. Today's scams are targeted, convincing, and increasingly powered by artificial intelligence.
We're not just talking about phishing links or fake support calls. We're talking about deepfaked voicemails from loved ones. Phony messages that sound like your boss. Emails that mirror your own writing style. AI makes it easy to personalize deception on a massive scale.
In this article, Heimdal breaks down where social engineering started, how it's evolving with AI, and who's most likely to fall for it. We'll highlight real-world examples and finish with straightforward steps to help individuals and organizations protect themselves.
Social engineering relies on psychological manipulation. Scammers trick people into revealing personal information or taking actions they wouldn't normally consider. Basically, it's convincing someone to act against their interests, exposing their private or confidential information.
The concept isn't new. Early scams go back to in-person cons. But the digital shift changed everything. The internet opened new ways to deceive people. Online platforms gave scammers more reach, resulting in faster, broader, and more convincing scams.
According to the FBI's 2024 IC3 Report, this explosion in connectivity has dramatically expanded the scale of attacks.
No one is immune to social engineering, but some people and places see more damage than others.
Older adults face the highest losses. In 2024, individuals 60 and older reported the most complaints to the Internet Crime Complaint Center. They also lost more money than any other age group at over $4.8 billion, up 43% from 2023. Phishing/spoofing and tech support scams hit this group hardest.
Where you live also matters. California, Texas, Florida, and New York had the most reported complaints and the highest losses last year. California saw over $2.5 billion in losses, while Texas lost more than $1.3 billion and Florida about $1 billion.
Organizations are just as vulnerable. The WEF's 2025 Outlook highlights how critical sectors, such as government, healthcare, finance, and infrastructure, face heightened cyber risks.
Today's scams build on familiar tricks but are more convincing. However, classic methods still dominate. Phishing, business email compromise (BEC), romance scams, and fake tech support calls remain go-to techniques. In 2024, the FBI received over 193,000 phishing and spoofing complaints, and BEC scams caused $2.77 billion in losses. AI is making scams like these harder to spot.
Deepfakes. Scammers fake a loved one's voice or mimic an executive in a video.
Hyper-personalized phishing. AI crafts clean, accurate, and targeted emails.
Automation. Large-scale attacks launch in seconds with little effort.
The cost is staggering. According to the IC3 report, investment fraud (often AI-driven) led to $6.57 billion in losses in 2024. Cryptocurrency fraud reached $9.3 billion, with adults over 60 most affected. What was once obvious is now polished and personal.
Urgency and fear remain core tools among scammers. One common scam begins with a fake call or message claiming a loved one is in danger. Victims are pressured to act fast—send money, share banking info, or buy gift cards. Empathy-driven scams work just as well. Romance scams build trust and then ask for money.
The latest twist is generative AI tools. Criminals now use them to build fake identities and clone online profiles. The IC3 warns that this tactic is spreading, especially in financial fraud, with criminals using AI-generated text, images, audio, and video.
Whether it's fear or empathy, the goal is the same. Scammers hope to convince victims that a problem is real and get them to act before thinking.
Stopping these scams starts with spotting the signs.
Verify money or data requests through a separate, trusted communication channel.
Question urgency. Don't act on impulse when receiving unsolicited messages.
Look for deepfake signs, such as robotic speech or visual glitches.
Use strong passwords and enable MFA.
Train employees to detect phishing and fraud attempts.
Require verification for fund transfers and sensitive data requests.
Use strong email filtering and anti-phishing tools.
Report scams at IC3.gov or contact your local FBI office.
Social engineering isn't slowing down. It's adapting, and fast. AI gives scammers new tools to make old tricks far more believable. What used to be low-effort deception is now hyper-targeted, high-tech manipulation.
But while the tools may be new, the core defense remains the same: awareness, verification, and quick reporting. Think before acting, pause when something feels rushed, ask questions, and don't be afraid to confirm through another channel. Technology can help, too. MFA, strong passwords, and smart filters all put up real barriers between scammers and their targets.
The FBI urges everyone, individuals and businesses included, to report scams and share information. Even one report could help someone else avoid the same trap. Staying ahead of AI-driven scams requires preparation. The more you know, the harder it is to be fooled.
This story was produced by Heimdal and reviewed and distributed by Stacker.

Try Our AI Features

Explore what Daily8 AI can do for you:

Learn with AIFact CheckingText to SpeechAI Summary

Related Articles

Los Angeles Times

40 minutes ago

• Los Angeles Times

Man opened fire outside Michigan church before staff fatally shot him, averting mass shooting, police say

WAYNE, Mich. — A man who opened fire outside a Michigan church filled with worshipers Sunday was struck by a vehicle and then fatally shot by security staff who averted a potential mass shooting, police said. Churchgoers attending a morning service at CrossPointe Community Church in Wayne spotted a man driving recklessly and then saw him exit his car wearing a tactical vest and carrying a rifle and a handgun, Wayne Police Chief Ryan Strong said at an evening news conference. The man began firing as he approached the church, striking one person in the leg, Strong said. 'A parishioner struck the gunman with his vehicle as the gunman shot the vehicle repeatedly,' Strong told reporters. 'At least two staff members shot the gunman, causing the fatal wounds.' Police described the suspect as a 31-year-old white male with no known connection to the church. His motive remains unclear, but it appears he was suffering from a mental health crisis, Strong said. The shooting occurred around 11 a.m. in Wayne, a city of about 17,000 people about 25 miles west of Detroit. The person who was shot in the leg was treated for non-life-threatening injuries, the chief said. Nobody else besides the gunman was hurt. Strong said a church member ran the suspect over with his pickup truck, giving security staff time to shoot him. 'We are grateful for the heroic actions of the church's staff members, who undoubtedly saved many lives and prevented a large-scale mass shooting,' the chief said. About 150 people were inside the church at the time. The church's website says it hosts a worship service on Sundays at 10:45 a.m. Worshiper Wendy Bodin said that she heard a loud boom and that when she looked outside, she saw a man sprawled out on the grass in front of the church. 'I thought he got hit or crashed his car or was hurt,' Bodin told WXYZ-TV. 'And another lady saw and pointed to me and said, 'Oh, my, call 911!'' Wayne Police Deputy Chief Finley Carter III said hours later that it was too early to know a motive. FBI Deputy Director Dan Bongino tweeted that bureau 'leadership and support teams' were at the scene and helping with the investigation. Messages left by the Associated Press on Sunday by voicemail and on a Facebook page for the church were not immediately returned. Sancya and Ramer write for the Associated Press and reported from Wayne and Concord, N.Y., respectively. AP writer Todd Richmond in Madison, Wis., and Christopher Weber in Los Angeles contributed to this report.

Yahoo

5 hours ago

• Yahoo

Attack on Michigan church thwarted when security guard kills gunman, say police

An alleged active shooter intent on attacking a Michigan church on Sunday was shot and killed by a security guard, authorities said. The shooting unfolded around 11:15 a.m. local time at the CrossPointe Community Church in the Detroit suburb of Wayne, according to the Wayne Police Department. Law enforcement sources said the suspect drove his Nissan truck into the church and opened fire, ABC Detroit affiliate WXYZ reported. The Wayne Police Department confirmed on Facebook that the suspect was shot and killed by a security guard at the church. At least one victim was shot in the leg during the attack, according to police. Police are investigating a Facebook livestream of the CrossPointe Community Church service in which gunshots can be heard as members of the congregation are seen rushing to evacuate the sanctuary. A bomb-sniffing dog was brought to the scene by the Michigan State Police and a police bomb squad was also brought to the scene, according to officials, but there was no immediate confirmation from police that explosives were involved in the incident. As police investigated a motive for the attack, the FBI said it was sending agents to Wayne to help in the investigation. "Our leadership and support teams are on the ground, at the scene, in Wayne, Michigan providing assistance and investigative support," FBI Deputy Director Dan Bongino said in a statement. The church shooting came during a heightened threat environment across the country following the U.S. attack overnight in Iran that destroyed or severely degraded three of Iran's nuclear facilities, according to White House officials. Acknowledging the heightened threat environment, Homeland Security Secretary Kristi Noem said in a statement that "it is our duty to keep the nation safe and informed, especially during times of conflict." "The ongoing Israel-Iran conflict brings the possibility of increased threat to the homeland in the form of possible cyberattacks, acts of violence, and antisemitic hate crime," Noem said. MORE: Amid recent string of attacks inspired by Israel-Hamas war, some experts worry counterterrorism not a priority The attack in Wayne came in the wake of a public bulletin the Department of Homeland Security issued after the U.S. strikes in Iran, warning that "low-level cyber attacks" against U.S. targets "are likely" and that extremists inside the U.S. would be more likely to turn to violence if Iranian leadership calls for such retaliation. The bulletin further urges the public to report any suspicious activity. It was not immediately known if the church attack has any connection to the U.S. attack on Iran's nuclear facilities. MORE: Minnesota lawmakers assassination timeline: 'He stalked his victims like prey' The attack occurred about a half-hour after Sunday-morning services at CrossPointe Community Church started, according to police. Officers arriving at the scene quickly evacuated the church after learning that a security guard stopped the attack by shooting and killing the suspect, according to police. The suspect's name was not immediately released. The security guard was also not immediately identified by authorities. ABC News' Luke Barr, Pierre Thomas, Mariama Jalloh and Victoria Arancio contributed to this report. This is a developing story. Please check back for updates.

Yahoo

6 hours ago

• Yahoo

Security guard kills gunman, thwarts attack on Michigan church, say police

An alleged active shooter intent on attacking a Michigan church on Sunday was shot and killed by a security guard, authorities said. The shooting unfolded around 11:15 a.m. local time at the CrossPointe Community Church in the Detroit suburb of Wayne, according to the Wayne Police Department. Law enforcement sources said the suspect drove his Nissan truck into the church and opened fire, ABC Detroit affiliate WXYZ reported. The Wayne Police Department confirmed on Facebook that the suspect was shot and killed by a security guard at the church. At least one victim was shot in the leg during the attack, according to police. Police are investigating a Facebook livestream of the CrossPointe Community Church service in which gunshots can be heard as members of the congregation are seen rushing to evacuate the sanctuary. A bomb-sniffing dog was brought to the scene by the Michigan State Police and a police bomb squad was also brought to the scene, according to officials, but there was no immediate confirmation from police that explosives were involved in the incident. As police investigated a motive for the attack, the FBI said it was sending agents to Wayne to help in the investigation. "Our leadership and support teams are on the ground, at the scene, in Wayne, Michigan providing assistance and investigative support," FBI Deputy Director Dan Bongino said in a statement. The church shooting came during a heightened threat environment across the country following the U.S. attack overnight in Iran that destroyed or severely degraded three of Iran's nuclear facilities, according to White House officials. Acknowledging the heightened threat environment, Homeland Security Secretary Kristi Noem said in a statement that "it is our duty to keep the nation safe and informed, especially during times of conflict." "The ongoing Israel-Iran conflict brings the possibility of increased threat to the homeland in the form of possible cyberattacks, acts of violence, and antisemitic hate crime," Noem said. MORE: Amid recent string of attacks inspired by Israel-Hamas war, some experts worry counterterrorism not a priority The attack in Wayne came in the wake of a public bulletin the Department of Homeland Security issued after the U.S. strikes in Iran, warning that "low-level cyber attacks" against U.S. targets "are likely" and that extremists inside the U.S. would be more likely to turn to violence if Iranian leadership calls for such retaliation. The bulletin further urges the public to report any suspicious activity. It was not immediately known if the church attack has any connection to the U.S. attack on Iran's nuclear facilities. MORE: Minnesota lawmakers assassination timeline: 'He stalked his victims like prey' The attack occurred about a half-hour after Sunday-morning services at CrossPointe Community Church started, according to police. Officers arriving at the scene quickly evacuated the church after learning that a security guard stopped the attack by shooting and killing the suspect, according to police. The suspect's name was not immediately released. The security guard was also not immediately identified by authorities. ABC News' Luke Barr, Pierre Thomas, Mariama Jalloh and Victoria Arancio contributed to this report. This is a developing story. Please check back for updates.