Local specialists share the red flags and smart habits that can protect you.
How can you avoid financial scams? Experts are here to help.
A few months ago, a smart, successful, savvy colleague called me in tears: She’d received a text from our boss, asking her to (1) go to Wawa to (2) purchase Apple gift cards and (3) scratch off the code on the back, then (4) text the numbers to her. Always a dutiful employee — someone who is often responsible for buying staff gifts because of her good taste and reliability — she did as she was told.
Only problem was, when she called our boss to tell her it was done? Said boss had no idea what she was talking about. Turns out, my colleague was one of the countless victims of this increasingly common, albeit bizarre, local scam. In an era when scammers are working en masse and their methods are increasingly sophisticated, she is decidedly not alone.
Maybe you or someone you know have been targeted in a plot like this. Or maybe you’ve heard about the other common Philly scams, people getting fake PPA parking tickets and PPD speeding tickets — via text? Financial scams abound — Pew reports that “online scams and other internet crimes are skyrocketing, with a record $16.6 billion in losses reported to the FBI in 2024. The federal government, banks and companies are all sounding alarms.” And AI is making scams not only more ubiquitous, but more convincing.
So we spoke with local experts to find out what you need to know about financial scams these days — and how to protect yourself and the people you love.
It’s not you, it’s them.
Robert Eastwood, SVP, chief information security officer at WSFS Bank, says one question he’s often asked by victims of scams is: Why me? But the reality is, it’s not personal. “These threat actors have access to volumes of data from previous data breaches. If you had your information compromised in five different companies over the course of five years, that scammer can collate all of that data to understand your profile.”
“We’re in a scary place,” explains Justin “Gus” Hurwitz, senior fellow and academic director of the Center for Technology, Innovation and Competition at the University of Pennsylvania Carey Law School. AI is making it such that, nowadays, scams operate at scale. “They don’t target individuals — they target everybody,” he says. He puts the math thusly: If you send out 100 million emails or robodial 10 million phone numbers and even .01 percent of people respond to the email or answer the phone, and then you rope in 0.1 percent of those people into a conversation and start building a false sense of trust with those people, it’s possible they’ll ultimately feel trusting enough to do “something stupid.” “It’s just random, hoping to find someone who makes an innocent mistake,” Hurwitz says.
AI is only making it easier. “This could be apocryphal, but I’ve heard rumblings that AI is essentially putting a lot of scammers out of business,” Hurwitz says. It’s not reducing the number of scams, it’s allowing the successful scammers to operate at scale, so they no longer need to have an office building full of people who are spending time developing contacts and trying to bait people. “They can do it more cheaply using AI to do 95 percent of that work.”
Rege Aunshul, professor in the department of criminal justice at Temple University, says that as sophisticated as AI is making scams, the same psychological phenomenon is making them work: social engineering. “AI doesn’t change the heart of the scam — it just makes it more believable and easier to deliver at scale,” she says.
At its core, social engineering, she says, refers to situations when scammers manipulate people into doing something they otherwise would not have done by preying on their social network and psychology. “They will exploit trust, emotions, and a sense of urgency,” Aunshul says. Consider the stories you’ve surely heard about elders, in particular, falling victim to “Romeo scams,” where someone claiming to be a long-lost classmate from high school reaches out on Facebook, establishes an online relationship, then starts asking for favors, like, for instance, opening a bank account (which scammers commonly use to launder money). Aunshul emphasizes that it’s not just elders who are preyed upon: She sees college students regularly targeted through social media, gaming, and job search platforms – everything from young women being approached to model “if only they send in a fee,” to job candidates being offered fully remote roles if they’ll “send money for the at-home equipment they’ll need.” “Everyone,” she says, “is vulnerable.”
You can protect yourself.
As savvy as scams have become, experts agree you can take measures to protect yourself. Be proactive about educating yourself. Aunshul’s team at Temple offers free community workshops on exactly these kinds of topics, and sends attendees home with materials to share with their loved ones (sign up and learn more about the clinics here).
As Eastwood says, develop good “cyber hygiene.” Be cautious what you put on social media. Always use two-factor authentication when it’s offered. And never reply to a text requesting payment or passwords. “Automatically assume that it’s fraudulent,” Eastwood says. “Delete it, do not respond. Once you respond, they know they have a good hit, and they will follow up with subsequent social engineering attempts.” Use a reputable password management tool, never write down your passwords, and do not keep your banking cards with your phone; in fact, consider buying a card protection sleeve, to keep your data from being vulnerable to RFI scanners.
Above all, says Hurwitz, listen to your gut. “People don’t give you free stuff,” he says. If you get an email suggesting you have an unclaimed prize, or a text saying you’re entitled to money from a settlement, be skeptical. Never give out information or text codes to your phone — legitimate financial institutions will never ask you for that information. And if you do get something that seems possibly legitimate, don’t call the number on the letter or email you’ve received — look up the number of the agency the sender is claiming to be (ie, call the PPA or PPD if you receive a ticket). Hurwitz also discourages using your debit or checking/ACH account for online payment; at least with credit cards, there can be some recourse.
Help is out there.
If you do get scammed, don’t keep it to yourself out of embarrassment. Report it to your local police and national organizations like the Federal Trade Commission. (See the list of additional places to report scams below.) Immediately call your bank and financial institutions to cancel your cards and request new ones. And help your friends and family learn from your mistakes — you can teach them what Aunshul calls her three-step protection plan: Pause, verify, and prepare an action plan for who to call if you, like countless victims worldwide, find yourself in trouble.
Key Places to Report Scams
Courtesy of Rege Aunshul, professor in the department of criminal justice at Temple University.
- Federal Trade Commission (FTC): The main federal agency for fraud: ReportFraud.ftc.gov
- (Related) IdentityTheft.gov: Use this FTC site to report and recover from identity theft.
- State Attorney General: Find your state’s office via the National Association of Attorneys General.
- Local police/sheriff: File a report with local law enforcement to create a record of the crime.
- FBI (IC3): Report internet-based scams, identity theft, and serious financial fraud at https://www.ic3.gov/
- Better Business Bureau (BBB): File complaints regarding businesses at https://www.bbb.org/scamtracker/reportscam
- Report Elder Fraud: Call the National Elder Fraud Hotline at 833-FRAUD-11 (833-372-8311).
- Use the USAGov Scam Tool: Find specific reporting agencies based on the type of scam: https://www.usa.gov/where-report-scams
This piece is part of a multi-year editorial series sponsored by WSFS Bank and Bryn Mawr Trust.
Have a financial topic you’d like to know more about? Submit your question here and we’ll do our best to answer it.