Scam dictionary

Scam jargon explained in plain English. Each term gets a one-line definition; tap any entry for a fuller explanation, examples, and related scams. For the detailed reference, see the full glossary.

A

Account Takeover: When a scammer gains control of your account, often using a stolen password and a tricked OTP.
Advance-Fee Scam: A scam that asks for an upfront payment to unlock a prize, job, loan, or larger sum that never arrives.
AI voice scam: A scam that uses AI to clone a familiar voice - a relative, boss, or official - to fake an emergency or payment order.
Authorised Push Payment Fraud: When you are tricked into sending money yourself to a scammer's account.

B

Bank Impersonation: Pretending to be your bank by text, call, or email to steal logins or move your money.
Blackmail / Extortion Scam: Threats to harm, expose, or embarrass you unless you pay.
Business Email Compromise: A targeted scam where criminals impersonate a colleague or supplier to redirect a payment.

C

Chargeback scam: A scam where a buyer pays, receives the goods, then reverses the payment (chargeback) to get both.
Charity Scam: Fake appeals that exploit generosity, often after disasters.
Credential Theft: Stealing usernames and passwords, usually through fake login pages.
Crypto Airdrop Scam: Fake 'free token' offers that lead to wallet-draining sites.
Crypto professor scam: An investment scam where a 'professor', mentor, or VIP group gives 'guaranteed' trading signals on a fake platform.
Crypto Wallet Scam: A scam that tries to get your wallet seed phrase or a 'verification' transfer to drain your crypto.

D

Deepfake / AI Voice Scam: Using AI to fake a voice, video, or image of someone you trust.
Delivery Fee Scam: A fake 'small fee' to release a parcel, capturing card details.
Digital arrest: A scam where fake police or officials keep a victim on a long video call, claiming they are under 'digital arrest' until they pay.
Domain Spoofing: Faking or imitating a trusted domain in links or email addresses.

E

Escrow scam: A scam using a fake 'secure escrow' service to take your payment while pretending to protect the deal.
Evidence preservation: Capturing and safely storing proof of a scam - screenshots, dates, amounts, references, and accounts involved.

F

Fake airdrop: A bogus crypto 'free token' giveaway used to lure you into connecting a wallet or paying a fee.
Fake invoice: A scam invoice or 'you were charged' notice designed to make you pay, call a fake number, or enter card details.
Fake login page: A page that imitates a real login screen to capture your username, password, and two-factor codes.
Fake Payment Confirmation: A trick where a 'screenshot' or message claims a payment was sent to make you release goods.
Fake Recruiter: A scammer posing as a recruiter to gather personal details or fees.
Fake support scam: A scam where someone impersonates official support for a bank, platform, or tech brand to gain access or payment.
Fraud report: The act of reporting a scam or fraud to your bank, payment provider, and the relevant authority.

G

Gift Card Scam: A scam that demands payment in gift cards, which are hard to trace and reverse.

I

Identity theft: When someone uses your personal details - name, ID, or financial data - to impersonate you or open accounts.
Impersonation Scam: Pretending to be a brand, official, friend, or family member to gain trust.
Invoice Fraud: Fake or altered invoices that redirect payments to a scammer.

J

Job Scam: Recruitment fraud using fake offers to collect fees, bank details, or 'task' deposits.

K

KYC scam: A scam where you're told to 'update your KYC' (know-your-customer details) or your account will be blocked.

L

Look-alike Domain: A web address made to resemble a real one, using small changes like swapped letters or extra words.
Lottery / Prize Scam: A claim that you won a prize or lottery you never entered, requiring a fee or details.

M

Malicious attachment: An email or message attachment that hides malware or a phishing link, often disguised as an invoice or document.
Malware Attachment: A file attached to a message that installs harmful software when opened.
Malware link: A link that installs harmful software or opens a credential-stealing page when tapped.
Money Mule: Someone who moves money for criminals, often unknowingly, which is illegal.
Mule account: A bank or crypto account used to move stolen money, often opened by a victim tricked into 'processing payments'.

O

OTP Scam: A scam that tries to get the one-time passcode that protects your account, so the scammer can log in or approve a payment.
Overpayment Scam: A 'buyer' overpays and asks you to refund the difference, then reverses the original payment.

P

Payment redirection: A scam where a fraudster changes the bank details on a real invoice or request so your payment goes to them.
Phishing: A scam where a message pretends to be from a trusted organisation to trick you into giving details or clicking a harmful link.
Pig Butchering: A long-running scam that builds a relationship or friendship before steering you into a fake investment.
Pretexting: Inventing a believable story or role to gain your trust and information.

Q

QR Code Scam: A scam that uses a QR code to send you to a fake payment or login page.
Quishing: Phishing that uses a QR code to send you to a fake or harmful page.

R

Recovery Agent Scam: A person claiming they can recover your lost money for an upfront fee.
Recovery Scam: A follow-up scam that targets previous victims by promising to recover lost money for an upfront fee.
Remote Access Scam: A scam where a fake 'support agent' gets you to install software so they can control your device.
Rental / Deposit Scam: Fake listings that take a deposit for a property that is not available.
Romance Scam: A scam that builds a fake romantic relationship to ask for money or help with 'emergencies'.

S

Safe Account Scam: A trick where a fake bank tells you to move money to a 'safe account' they control.
Scam-as-a-service: Ready-made scam kits, phishing pages, and drainer tools sold to other criminals, lowering the skill needed to scam.
Seed phrase: The secret recovery words that control a crypto wallet - anyone who has them controls all its funds.
Seed Phrase Scam: Any attempt to get your crypto wallet recovery words.
Sextortion: A threat to share private or intimate images unless you pay.
Short link scam: A scam that hides a malicious destination behind a shortened or redirect link.
Shortened URL: A link that hides its true destination behind a short redirect.
SIM swap: A scam where your phone number is moved to a scammer's SIM so they can intercept your calls and security codes.
Smishing: Phishing carried out by SMS or text message, often about deliveries, banks, or fines.
Social Engineering: Manipulating people through trust, fear, or urgency rather than hacking technology.
Spoofing: Faking a sender name, phone number, or email address so a message looks like it comes from someone you trust.
Subscription Renewal Scam: Fake 'your subscription is renewing' messages that harvest card details.
Suspicious Link: A link with traits common in scams: shorteners, look-alike domains, odd words, or insecure connections.

T

Task Scam: A 'job' that pays for simple tasks but then asks you to top up your own money to continue.
Tech Support Scam: Fake support warning of a virus or problem to gain access or payment.
Ticket Resale Scam: Fake or duplicate tickets sold through messages and social posts.
Toll / Fine Scam: Texts about unpaid tolls, parking, or congestion charges with a payment link.
Two-Factor Authentication (2FA): An extra security step beyond your password, such as a code or app approval.

U

URL Query Token: Long codes added to a link that can identify or track you, or tie a phishing page to you.

V

Verification Code Scam: Tricking you into sharing a login code, often to hijack a messaging account.
Vishing: Phishing carried out by voice call, where a caller pretends to be your bank, a company, or an authority.

W

Wallet connect scam: A scam where 'connecting' your wallet to a malicious site and signing a request approves draining your assets.
Wallet drainer: Malicious code or a signature request that empties a crypto wallet once you connect or approve it.