The 9 Most Common Scam Attempts in 2025

Wealth Advisor protecting finances from scams
 by 

Fraud and identity theft aren’t slowing down. They’re just evolving and becoming harder to detect. At Sound Stewardship, we see dozens of serious attacks every year across the 200+ client families we serve.

Bad actors are getting smarter. With AI tools, even the most amateur scammer can now create a convincing scheme.

Here are nine of the most common fraud attempts we’ve seen recently and what to watch out for.

1. Unpaid toll texts

After a trip to Minnesota, I started getting texts from “Minnesota E-ZPass” claiming I had unpaid tolls. Since I had legitimately gone through tolls (and paid), it took me a moment to realize these were scams.

These messages use urgent prompts such as “must be paid immediately” to trigger panic and get you to click before thinking. The links lead to fake websites designed to steal your payment info.

2. Fake purchase confirmations

We’re seeing more emails or texts confirming fake purchases or shipments. A common example is a phishing email that looks like it’s from Amazon saying, “Your purchase has been completed and will ship in 24 hours unless canceled.”

The goal is to get you to click the link to “cancel.” Unfortunately that link often leads to a fake Amazon login site used to install malware.

3. Wrong Number Texts

These texts start innocently: “What are you doing tonight?” You reply, “Wrong number,” and think nothing of it. But once you engage, scammers use social engineering to keep you talking and gather personal details such as your age, job, or location.

With AI chatbots, these conversations can stretch for months or even years, eventually including malicious links or threats.

4. “There’s Been a Breach!” Alerts

These phishing emails look like they’re from your bank or investment custodian, warning you to change your password immediately. They provide a convenient link leading straight to a fake login page that steals your credentials.

5. Fake CAPTCHAs

We’ve all had the experience of needing to prove we’re not a robot online.  I recently came across an attack where a legitimate website had been compromised and was offering a fake version of these CAPTCHA tests. I clicked on the test without realizing it, but was then offered steps for additional verification. 

Sensing something amiss, I determined that the initial click had pasted dangerous code into my computer’s clipboard. The hacked site was attempting to get me to execute that code in a dialog box, most likely in an attempt to install nefarious spyware on my system.

6. Man-in-the-Middle Attacks

In these sophisticated hacks, a scammer tracks legitimate communications between two parties and attempts to insert fake information (such as misdirected wiring instructions) without the other party realizing it.

7. Grandparent Scams

These “grandparent” scams prey on emotions. A fraudster pretends to be a family member (often a grandchild) in distress. They might claim they’ve been in an accident, arrested, or stranded somewhere and urgently need money. The message often includes pleas like, “Please don’t tell Mom or Dad.”

The goal is to create panic and secrecy so you act quickly without verifying the story. Always confirm through another channel before sending any funds.

8. Marketplace Frauds

Online marketplaces are a favorite hunting ground for scammers. They’ll post fake listings or pretend to sell an item you’re interested in. Then comes the hook: “Send a deposit to hold the item.” Once you pay, the seller disappears…and so does your money.

Stick to secure payment methods and avoid sending money outside the platform’s official channels.

9. Fake DocuSign Requests

Electronic signature tools like DocuSign are widely trusted which makes them a prime target for scammers. Fraudsters send emails that look like legitimate DocuSign requests, often tied to something urgent like a contract or financial document. The link then takes you to a fake login page or downloads malware onto your device. Always check the sender’s email address carefully and be wary of unexpected emails creating a sense of urgency.

How to Protect Yourself

Because threats are only increasing, we recommend these steps to keep your information and finances secure:

  • Think before you click. Use extreme caution when clicking links or viewing attachments.
  • Use a password manager. Password managers create and store complex and unique passwords across all accounts. A good password manager can also alert you to breaches or phishing attempts.
  • Enable two-factor authentication (2FA). 2FA adds an extra layer of security and should be used wherever possible.
  • Never use Public Wifi networks. Instead, utilize a phone hotspot for greater security in coffee shops, airports, etc.
  • Freeze Your Credit. Follow these steps for each of the major reporting bureaus.
  • Consider identity protection such as Zander’s ID Theft Protection. This is a type of insurance coverage that provides stolen funds reimbursement and recovery services. Considering the benefits of this coverage is one step to protect what you’ve built.

We’re Here to Help

Scams are getting more sophisticated, but working with a financial planner can be a strong defense. At Sound Stewardship, our Wealth Advisors not only help you grow your wealth, they also help you protect it. Connect with a Wealth Advisor today to take the first step towards financial peace of mind.

< Back to Insights

Connect With Us

Let’s talk about how our team of advisors can serve you.
Get Started
Sound Stewardship, LLC
9101 W. 110th St., Suite 150
Overland Park, KS 66210
Get Directions
Phone: 913-317-6000