Payments Security

Anyone Can be a Victim: Understanding Scam Risk Across Customer Segments

Criminals don’t always choose victims at random. While many scams are broad and opportunistic, criminals also segment, personalize, test and refine their tactics. To understand how various groups are targeted and what financial institutions can do about it, we will begin with the psychology that drives modern scams operations. This introductory article sets the foundation for a deeper exploration of victim demographic and event specific vulnerabilities covered throughout this series — Understanding Scam Risk Across Customer Segments.

Criminals Use Public Information to Craft Believable Scams

Criminals look for characteristics that make a victim more susceptible and likely to engage with them. The more information available through compromised sources, social media or public websites, the easier it is for a criminal to identify potential victims and craft believable pretexts. Some victim characteristics include:

  • Emotional vulnerability: Loneliness, stress, grief and major life transitions can impact judgment.
  • Social isolation: Limited access to trusted contacts or family reduces help from others who might spot red flags.
  • Apparent financial position: Criminals tailor their “ask” based on what they believe a victim can send or do.
  • Employment status or position: Reveals who has access, authority and predictable responsibilities, or conversely, those who are seeking employment opportunities.
  • Geographic proximity: Criminals impersonate businesses, financial institutions or organizations with which a potential victim is most likely to be familiar.

Criminals then map these traits to specific communication methods: email, SMS/text, social media direct messages, messaging apps or phone calls. Their goal is to reach targets in a way that feels ordinary, familiar and non-threatening.

For financial institutions, understanding segmentation helps clarify why cases may cluster within certain groups and informs how scam education can be tailored for different customer segments. It also helps fraud teams anticipate the potential scam journey based on account activity, payment requests or unusual deposit behavior.

Social Engineering and Scam Tactics Behind Targeting

Criminals tailor their social engineering techniques based on the information and vulnerabilities they uncover about a target. These characteristics help shape their scripts, sequencing, and the tactics criminals rely on to perpetrate scams. As such, criminals may:

  • Use urgency and pressure to force action
  • Impersonate legitimate people, businesses or government agencies for credibility
  • Use “too good to be true” offers to entice victims
  • Employ fear and threats to manipulate victims
  • Request money or sensitive information
  • Build trust and relationships to gain personal information
  • Copy legitimate websites and links to deceive victims
  • Request confidentiality to avoid exposing the scams prematurely
Girl in front of a laptop receiving email messages

Explore the Scam Tactics downloadable resource (PDF) in the Scams Mitigation Toolkit to dive deeper into each of these scam tactics.

Technology Amplifies Targeting

Advances in technology have fundamentally changed the scale and precision of scams, enabling automation and personalization to become core components of the criminal’s playbook.

Image representing GenAI
  • Generative artificial intelligence enables criminals to produce personalized emails, text messages and even synthetic voices. Content that once required time and skill to generate now can be generated in seconds.
  • Bots can test thousands of scam variations simultaneously, tracking which messages lead to engagement and increasing the criminal’s likelihood of success.
  • Data available due to data breaches, publicly available via social media or other online sources allow criminals to make informed guesses about a potential victim’s emotional state, financial situation and connections. Criminals can use this intelligence to determine their approach, such as what tone they should use, what story to tell and what type of “request” to make.

For financial institutions, this means scams increasingly mirror legitimate communications. Customers can benefit from education on how criminals are able to produce more convincing impersonation attempts.

What’s Ahead in this Article Series

Tailored scripts and persuasive social‑engineering tactics make scams highly convincing, enabling criminals to exploit moments of vulnerability in ways that can put anyone at risk. This monthly series of articles: Understanding Scam Risk Across Customer Segments will offer deeper exploration of how different groups (e.g. youth, elderly, employees, etc.) are targeted and why.
By understanding the psychology and economics of scams targeting, financial institutions can refine customer education and strengthen prevention strategies. The more financial institutions understand how criminals target different groups, the better equipped they can be to help customers avoid becoming their next victims.