Spot the Signs: How to stay ahead of social engineering scams

As our world becomes faster, smarter and more interconnected, scammers are evolving in parallel, developing ever more sophisticated ways to exploit trust. By harnessing new technologies and behavioural insights, they are refining their methods to appear ever more credible and convincing.

While attacks on systems continue, today’s fraudsters are increasingly targeting people, often relying on psychological manipulation to achieve their goals.

Understanding social engineering

Many modern scams fall under the umbrella of social engineering, which is the use of deception and emotional manipulation to influence a person’s behaviour. In the digital world, cybercriminals use these tactics to build false trust, create urgency or fear, and ultimately trick people into sharing confidential information or taking actions that can cause financial harm to themselves or their employer.

Across Europe, research shows that the majority of people have experienced some form of scam or fraudulent attempt to capture their personal information, whether that’s their name, contact details, or financial data. Nearly three in five (58%) have received phishing emails or fraudulent text messages (63%), while over half (53%) have been targeted via phone or voice call scams. Social media scams affect around two in five people, and tech support impersonation has tricked roughly one in three. Even QR code scams are on the rise, impacting nearly a quarter of Europeans. 

Romance scams are also widespread, with one in four people (24%) encountering fake profiles, requests for money, or online relationships that lead to financial exploitation. These scams hit younger generations hardest, with 40% of Gen Z and 35% of Millennials affected, compared with 21% of Gen X and 11% of Boomers. These figures make it clear just how pervasive scams have become and highlight why awareness and vigilance are critical for people of all ages.

Education is the first line of defence

Protecting consumers and businesses from malicious activity is a priority, and it starts with awareness. When people understand how scams work, they’re more likely to spot the warning signs before it’s too late. To help people stay one step ahead, we’ve highlighted three of the most common social engineering scams to watch out for:

• Imposter fraud - Criminals pose as trusted organisations (such as banks, retailers, or government bodies) to pressure victims into sharing personal or financial details.
• Phishing - Fraudulent emails, texts, or messages designed to look legitimate, often urging immediate action like clicking a link or resetting a password, leading victims to disclose sensitive information or install malicious software.
• Romance or honeypot scams - Scammers build emotional relationships over time, gaining trust before exploiting it for financial gain. For example, Kirsty, a small business owner based in the United Kingdom, entered what appeared to be a promising new relationship that soon revealed itself to be deceptive. In our recent Anatomy of a Scam episode, we follow her story as she begins to rebuild her life in the aftermath, supported closely by her family.

How businesses can protect consumers

Mastercard combines identity, AI and open banking to help protect consumers from scams, from card and account‑to‑account payments to fraudulent account openings. 

• Mastercard Identity verifies that people are who they claim to be throughout the entire account lifecycle. This helps prevent scammers from opening or taking over accounts to apply for credit, create “mule” accounts or impersonate others.
• Once a payment is initiated, Mastercard behavioural biometrics analyse how a user interacts with their device – from typing patterns to on‑screen movements – to flag unusual behaviour.
• For real‑time account‑to‑account payments, Consumer Fraud Risk gives banks the intelligence to detect and stop payments to scammers. It uses AI and Mastercard’s unique view of account‑to‑account transactions to help intervene before funds leave the account. As of 2025, 15 banks (representing 90% of UK account-to-account payments) use CFR to protect their customers by identifying and stopping scam payments before the funds leave the victim’s account.