Physical Address
304 North Cardinal St.
Dorchester Center, MA 02124
Online scams are a constant and costly threat Americans make approximately $119 billion annually. It doesn’t just happen online. Robocalls and text scams have struck Highest level in six years in 2025.
Now with the spread of artificial intelligence Scammers are more sophisticatedUsing AI tools to bypass spam filters and trick people into revealing sensitive information or making false payments.
Attackers can use large language models – trained to mimic human writing – to create highly personalized, grammatically error-free emails and phishing texts that convincingly impersonate real individuals. They can also use machine learning to create audio transcriptions that mimic the pitch, tone, and patterns of someone’s voice.
As an author with a very public online presence, I’ve received dozens of advanced scams in recent months (more than 10 of them as I drafted this article), mostly with the goal of getting me to buy non-existent marketing packages.
Here’s what I’ve learned about identifying scams, especially those that use artificial intelligence to bypass your spam filters.
Common features of AI scams
Technically, it is impossible to be 100% sure that something was created by AI. Even Pangram, an AI-based plagiarism checker that claims to outperform human experts in identifying AI-generated content, can produce false positives because There is no nuance.
However, there are some red flags to watch out for.
Does the message lack unique information?
The most common scam emails I receive are from purported fans claiming to want to help market my business. After experiencing an initial moment of excitement—there’s nothing better than receiving fan mail—I realized that their email was rearranging words from one of the simplistic phrases in my book without any new or unique information. This tells me that the AI model deleted data from my Goodreads page to create its scam message.
Even if you don’t have a Goodreads page, you can still easily find out information about yourself online. Check public knowledge versus sensitive data that only someone close to you has.
For example, a friend’s grandmother once discovered a scam when someone claiming to be her grandson called her “grandma.” Her real grandchildren gave her a different name.
Does the message claim to be from a famous person?
Another common type of scam in my professional network is someone claiming to be a respected author, a well-known agent or a major publisher who has a sudden interest in your work. As someone who has published five books, I can promise you that no famous person will email you unless you’ve had a previous conversation.
Here is one example of a scam my friend AGA Wilmot, an award-winning author, received that claims to come from a reputable author to get them to download a file that likely contains malware.
This fraudulent email encouraged the recipient to download a free guide to the book that likely contained malware.
Likewise, your favorite influencer or celebrity is unlikely to suddenly care about you unless their content goes viral.
Even then, there are ways to verify the authenticity of the message by checking the famous person’s social media profiles or website, or by confirming the phone numbers used to text or call you.
Does the letter use awkward or overly formal language?
While scams in the past were often identified by sloppy language, typos, and strange formatting, Content generated by artificial intelligence It tends to go the other way. Emails and text messages that are formatted with large language templates are usually free of typos. Phone calls often use highly polished and formal language, like what you might find on a company’s terms of service page, rather than casual communication.
Just because something is written in formal or polished language does not mean it is legitimate.
Is there a suspicious email address or phone number?
Fraudster email addresses can often be identified by one of the following:
- suspicious area, It’s often a company similar to the one they’re trying to impersonate (such as “paypal1.com” for a scammer impersonating PayPal). The domain may also be completely unrelated to the person or company.
- Suspicious username, It is often similar to a real username (such as “contact12” for a scammer impersonating a company’s customer service). An email may also be a random set of words or numbers.
- unbranded email domain, Such as gmail.com. While some legitimate inquiries will come from unbranded email addresses, certified professionals at larger companies will have dedicated email addresses associated with their company domain. Likewise, company departments, such as customer service, will have email addresses with branded domains.
Suspicious phone numbers can be difficult to identify, although I’ve found that any call from a number that shares the middle three digits of my phone number is a scam. Long distance calls from area codes you don’t recognize may also be scams.
Does the message use urgent language?
Always be suspicious when someone uses urgent language and tries to force you to act quickly.
Many scams create a sense of urgency Using phrases like “immediate action required” to get you to act without paying attention to context clues. The truth is that very few things, especially via email or text, require immediate action.
While this knowledge can help identify some scams, it can also make phone scams more dangerous. If someone is in real trouble, they will call you – so it’s important to understand the other signs of phone scams and stay level-headed when someone calls you claiming there’s a crisis.
Are there unexpected attachments?
Email scams often use attachments that contain viruses or other malicious code. Scammers trying to obtain your payment app information may attach invoices to their emails to make them appear more real.
Are there misleading links?
Another common scam tactic is to send you Links to malicious websites Which often impersonate real websites like PayPal or banks. As with the email addresses we discussed earlier, they will contain domains that either mimic the sites you’re copying or don’t make sense at all. Always review the URLs of any links you receive to see if they are legitimate before clicking on them.
Does the message violate company policies?
Many organisations, especially financial institutions such as banks and tax authorities, have strict rules about how and when they can contact you, which are often publicly listed on their websites. If a message that claims to come from one of these organizations violates these rules — such as asking for personal information via email when company policies say they would never do that — it’s likely a scam.
How to identify scams that bypass your spam filters
Spam filters catch a lot of spam on your email platform and phone, but they can’t always keep up with the increasingly sophisticated scams that bad actors create using AI.
The following strategies, drawn from my own experience and advice from cybersecurity experts, can help you deal with scams that hijack your filters.
Create a system to verify the identity of people who contact you
Want to avoid being scammed out of your hard-earned money by people impersonating your loved ones with them? Artificial intelligence voice reproductionBut you also want to be able to help your family when they need it. Create systems you can use to verify your loved ones’ identities when they call for help, such as a code word, number, or nickname that can be verified in urgent situations.
Scrutinize messages claiming to be from authority figures
Since there is so much information online, it is easier to impersonate people. Let’s take a look at an email I recently received that claimed to come from an editor at a large publishing house.
Another email scam allegedly comes from a real editor at an approved publisher.
This scammer did his research. The editor is a real person at Pan Macmillan, and the signature includes her real photo and the company’s real URL. At first glance, it seemed real.
However, I was able to identify it as a scam using some of the clues I discussed earlier. First, one of the senior editors must have an email that includes a company domain, but that message came from a Gmail address. Second, using my full name in the salutation instead of just my first name suggests the use of artificial intelligence. Finally, the information about my book is taken entirely from publicly available blurbs and reviews.
All of this confirmed my initial feeling that this was a scam, likely resulting in a request for money or personal information. Ban Macmillan also confirmed my suspicions by releasing a dossier Fraud alert About scammers impersonating Pan Macmillan employees.
Contact the person or company the scam claims to be coming from
If you’re still unsure about an email, text message, or phone call, your next step is to reach out directly to the source of the message through the official contact information found on their website. For example, if you receive a text message to click on a link to deliver a FedEx package, it’s easy to contact FedEx independently or check their website to confirm.
Unfortunately, you won’t always be able to do this when a scammer is pretending to be an individual. For example, I couldn’t find a contact email for the editor who was impersonated in the scam email I shared above. In these cases, you will have to rely on your instincts. If it sounds too good to be true, it probably is.
Use Malwarebytes’ reverse phone lookup tool
Malwarebytes, one of our Editors’ Choice winners Best antivirus software in 2026was recently launched for free Reverse phone lookup tool To help you determine if the phone number is real or not. Simply enter a phone number and Malwarebytes will scan it and compare it against a database containing millions of registered scam numbers. All of this happens almost instantly, and the results will tell you whether the number is safe, suspicious, or a confirmed scammer. Malwarebytes will also share caller information if available so you can decide whether or not to answer the call or send a text message.
Pay close attention to unwanted links
Fraudulent URLs are often easily identified because they mimic real websites or use a random combination of letters and numbers. However, some domains may appear to be owned by real people or companies. In these cases, try Googling the domain and adding the word “scam” to determine if the URL is associated with scams. This method is not foolproof, but it has proven useful.
Do not click on unwanted attachments
Always take a close look at file names before opening attachments that you did not request, especially if they come from email addresses you are not familiar with. Malicious attachment file names often include random letters, numbers, or symbols.
Another way to determine if an attachment is malicious is to look at a preview of the file without downloading it. You do this by hovering your mouse over the attachment and pressing the space bar, which generally launches the application’s preview or quick search feature, allowing you to view the contents of the file without actively saving, downloading, or executing it in its entirety.
AI scams are on the rise, but you can stay safe
AI-driven scams claim to be more sophisticated than ever 62% more victims In 2025 compared to 2024. The most important approach is to be skeptical, pause and look for evidence. Methods, including checking emails and phone numbers against contact information on company websites or creating a password your loved ones can use to ensure they actually contact you in a crisis, are powerful ways to help you stay safe. As a general rule, never share personal information or sensitive data unless you have verified the identity of the other party.
There are also steps you can take to minimize the damage if you are scammed, including proactive steps like making a purchase Identity theft protection To secure your assets.
