Common Fraud Typologies

Common Fraud Typologies and Practical Protection

This material summarises the most common schemes encountered by users and organisations, including impersonation of banks and regulators, fictitious investment offers, and phishing. Its purpose is to help readers identify indicators of risk more quickly and respond in an orderly manner.

Key Warning: never disclose seed phrases, private keys, one-time codes, passwords, or remote access to your devices.

Tip: try short queries — regulator, investments, crypto, phishing, deepfake, account.

Impersonation Investments and Crypto Identity Theft Phishing and Deepfakes Protection Checklist Where to Report

Impersonation of Banks, Regulators, and Security Teams

One of the most common schemes involves the impersonation of trusted roles. Fraudsters present themselves as a bank, regulator, law-enforcement body, compliance officer, or “security specialist” in order to pressure a user into transferring funds, disclosing codes, or granting control over a device.

How the scheme typically appears:

pressure through urgency: “your account is about to be blocked”, “the transfer must be confirmed urgently”, “final warning”;
unofficial channel: the approach is made through a messenger, personal number, or third-party email rather than through an official process;
collection of confidential data: they request verification codes, seed phrases, passwords, or remote access.

Practical Protection:

verify the contact only through the official website, the number shown on your card, an official register, or a previously known channel;
do not follow links in such messages and do not continue the conversation until independent verification has been completed;
never approve payments or disclose confidential data “for verification”.

Investment and Cryptocurrency Schemes

Substantial losses often arise in scenarios where the user is shown fictitious profits, a fake “investor dashboard”, false licences, or promises of immediate withdrawal after an additional payment.

Typical indicators:

guaranteed return or a “risk-free strategy” with minimal explanation of the product itself;
false legitimacy: copying logos, licence numbers, and references to regulators without genuine verification;
withdrawal trap: profits are “visible” in the interface, but a new payment or tax is demanded before withdrawal;
multi-stage grooming: initial contact through social media, messengers, or a romantic storyline, followed by a move to an “investment opportunity”.

Practical Protection:

verify not only the existence of registration, but also whether the organisation is authorised to provide the relevant service in your jurisdiction;
treat any payment requested to “unlock a withdrawal” as a serious red flag;
verify the domain, reviews, official registers, and public warnings before making any transfer.

Identity Theft and Account Takeover

Fraudsters use data breaches, social engineering, and weak passwords to gain control over accounts, payment profiles, and user communication channels.

Threat indicators:

unexpected notifications about a password change, a login from a new device, or the addition of a new payee;
requests to complete “additional verification” through an unofficial channel;
loss of control over a phone number, a SIM swap, or problems receiving verification codes.

Practical Protection:

use unique passwords and multi-factor authentication, preferably via an authenticator application;
enable login and transaction alerts, and regularly review statements and device history;
limit the amount of personal information publicly available on social media and listings.

Phishing, Smishing, Vishing and Deepfake Scenarios

Phishing emails, SMS messages, and voice calls remain among the most scalable methods of fraud. Increasingly, fraudsters also use AI-generated text, voice, and imagery to enhance credibility and create a sense of urgency.

How it appears in practice:

links to fraudulent login pages, “secure documents”, and “verification portals”;
calls built around an alleged urgent problem, requiring a transfer of funds or disclosure of codes;
voice messages imitating a relative, manager, or “investigator”.

Practical Protection:

do not follow links in unsolicited messages; enter the address manually or use bookmarks;
carefully verify the domain, including extra characters, hyphens, and alternative zones;
follow the call-back rule: end the call and contact the organisation directly using its official number.

Practical Protection Checklist

Verification discipline: verify requests only through official channels and do not rely on forwarded screenshots.
Credential protection: do not disclose codes, passwords, seed phrases, or remote access credentials.
Link hygiene: avoid unsolicited QR codes and links; use bookmarks or manually enter the address.
Device security: keep your operating system and applications up to date and check for the presence of any remote access software.
Financial monitoring: monitor statements, enable transaction alerts, and respond immediately to any suspicious activity.

Operational rule: if a request combines urgency, confidentiality, and a demand for payment or access to data, treat the situation as high risk until independently verified.

Where to Report and Next Steps

In case of suspected fraud, first limit the damage: stop further transfers, secure access to your accounts, and preserve evidence. If a transaction has already been executed, immediately contact your bank, payment provider, or exchange and inquire about available protective measures.

Reporting to ISFCA helps identify recurring patterns, prepare warnings, and correlate your case with other signals. For timely analysis, URLs, phone numbers, payment details, wallet addresses, screenshots, and a brief chronology of events are particularly useful.

Report a Case

Contact ISFCA