Javascript is not enabled.

Javascript must be enabled to use this site. Please enable Javascript in your browser and try again.

Skip to content
Content starts here


Leaving Website

You are now leaving and going to a website that is not operated by AARP. A different privacy policy and terms of service will apply.

Glossary of Scam and Fraud Terminology

From A to Z, here’s a guide to the frequently used lingo of deception

As fraud grows, so does the language used to describe those scams. To keep you abreast of the terminology, we’ve created a guide to common phrases used when discussing internet and phone swindles. Scroll through the alphabetical list for some of the most important terms and acronyms.

Jump to Section


Artificial intelligence. Technology that gives computers the ability to think and learn on their own. This technology can be used to copy voices, also called voice cloning, and give the impression that you are having a conversation with an individual you know.

Botnet. A network of computers — which may include your machine even though you don’t realize it — that scammers have infected with hidden software to secretly send spam or mount cyberattacks.

Brute-force attack. A hacking method to find passwords or encryption keys by trying every possible combination of characters until the correct one is found.

Catfishing. Creating a fake online profile to intentionally deceive, usually through a romance scam.

Check washing. When a criminal steals a paper check, often from a mailbox, and erases the original payee and amount using household chemicals, filling in a new payee and amount. The check is then presented to a bank to be paid to the thief or an accomplice with money from your account.

Clickbait. A story or link designed to attract a reader’s attention. By clicking the link, you may share information unwittingly or inadvertently download malware or spyware.

Cloning. Intercepting the unique identifying number that a cellphone transmits through radio waves and copying the number to another phone. A thief then will use the second phone, charging the legitimate owner of the first phone for data use and calls on the cloned phone.

Cramming. The illegal placement of unauthorized charges on your phone bill for unrequested services or calls not made.

Crypto scam. Criminals may impersonate celebrities, prospective partners or financial advisers offering a way to make money investing in cryptocurrencies. These virtual currencies, such as Bitcoin, are not backed by any government or central bank. Investment gains may look significant via the crypto exchange you are trading on, but those numbers are fraudulent.

Drive-by download. The transmission of a virus or malware onto your computer or mobile device when you visit a compromised website. It happens without your clicking anything on the site.

spinner image Image Alt Attribute

AARP Membership— $12 for your first year when you sign up for Automatic Renewal

Get instant access to members-only products and hundreds of discounts, a free second membership, and a subscription to AARP the Magazine.

Join Now


Ghosting. Theft of the identity of a dead person to fraudulently open credit accounts, obtain loans or get utility or medical services in the person’s name. It is only one type of identity theft.

Grandparent scam. When a criminal poses as a target’s grandchild or other close relative frantically asking for money due to an accident, an arrest or being stranded while traveling. Information gleaned from social media helps make the impersonation believable. The target is asked to quickly transfer cash or prepare gift cards or money that an accomplice will pick up.

spinner image cartoon of a woman holding a megaphone

Have you seen this scam?

  • Call the AARP Fraud Watch Network Helpline at 877-908-3360 or report it with the AARP Scam Tracking Map.  
  • Get Watchdog Alerts for tips on avoiding such scams.


Hacker. Someone who uses the internet to illegally break into computers.

Hostage load. Your household goods held for ransom by fraudulent moving companies. These criminals advertise a low price for their work, but once they have your stuff on their truck, they may either disappear after the advance payment or demand more money to deliver it.

Identity theft. The stealing of your personal information to open accounts or apply for government programs. You don’t receive these benefits. Instead you are left with demands for payment and damaged credit.

Keystroke logger. A usually covert piece of software that tracks sequential strokes on your keyboard to allow remote hackers to capture your passwords and online banking and credit card information. It’s often downloaded when you click on a bogus link in email as part of a phishing scam.


Mail theft. When mail containing checks is fished out of mail collection boxes, taken from mail trucks or stolen from mail carriers. These checks may then be washed — the handwritten ink erased and replaced with new information — eventually extracting money from your bank account.

Malware. Short for malicious software, this term encompasses computer viruses and other types of programs that cybercriminals use to disrupt or access your computer, typically with the aim of gathering sensitive files and accounts.

Malvertising. Online advertising that contains malware activated when you click on the ad.

Man-in-the-middle attack. When a criminal secretly intercepts and possibly alters messages between two parties who believe they are securely communicating with each other.

Money mule. Also called money mover or cutout, the target is often unwittingly used to transfer money or packages to a third party, sometimes getting to keep a commission for the effort. In reality, the person involved becomes part of a money laundering scheme.

Peer-to-peer payment apps. Cash App, Venmo, Zelle and other cash transfer apps allow you to send money through your phone. But read the fine print carefully before using them. You probably won’t be reimbursed for any losses that occur.

Pharming. When hackers use malicious programs to route you to their websites that are often convincing look-alikes of well-known sites, even if you’ve correctly typed in the address of the site you want to visit.

Phishing. The use of authentic-looking emails, often purporting to be from a bank or government agency, to persuade a recipient to respond with sensitive personal data. 

Shopping & Groceries

Coupons for Local Stores

Save on clothing, gifts, beauty and other everyday shopping needs

See more Shopping & Groceries offers >


Ransomware. Malicious software that restricts or disables your device or may hijack and encrypt files, then demands a fee to restore the device’s functionality.

Robocall. Automated calls with prerecorded messages offering exclusive deals to entice a target to share financial or other sensitive information. The recipient presses a number on the phone’s keypad to be connected with a live operator.

Scareware. Malicious software used in tech support scams that displays on-screen warnings of nonexistent infections on your computer to persuade you to call a number for assistance, only to be connected to a criminal who seeks to steal money or sensitive information.

Sensitive personal information, also called personally identifiable information. Data connected to a company’s customers that can be used to determine individuals’ identities, such as their full names, addresses, email addresses, phone numbers or Social Security numbers.

SIM swaps. Thieves may either convince your cellphone carrier to transfer your number to the thieves’ phone and existing SIM card or they may claim your SIM card has been damaged and get a replacement card sent to them. Once in possession of a SIM card associated with your phone number, the thieves may be able to access your credit card, bank and other financial accounts.

Skimming. The capture of information from the magnetic stripe on credit and debit cards by devices secretly installed on card-reading systems at gas pumps, ATMs and store checkout counters.

SmishingPhishing attempts that go to your mobile devices via text message. Named for short message service (SMS) technology.

Spear-phishing. Phishing with personalized email, often appearing to be from someone you know.

Spoofing. The manipulation of your phone’s caller ID to display a false name or number.

Spyware. A type of malware installed on devices to track your actions and collect information without your knowledge.

Suspicious activity reports. Financial institutions must file these reports to law enforcement when they suspect fraud. The reports also allow the Treasury Department’s Financial Crimes Enforcement Network to identify crime trends and patterns.

Synthetic identity. Information from stolen ID cards combined with fake information to build a new identity, making this fraud difficult to detect.


Trojan horse. Software, hidden within apparently harmless data or masquerading as a regular program, that when activated can corrupt data on your hard drive or send files and account information to hackers. 

Vishing. Short for voice phishing, it’s the use of recorded messages or live people — usually claiming to be from a bank or government agency — with the goal of convincing you to reveal personal or account information for identity theft.

Virus. A piece of malicious software that can spread from computer to computer or file to file. It comes to life only when you take a specific action, such as running a particular program or sharing a particular file.

Voice cloning. Software or artificial intelligence that mimics a voice. This enables criminals to convince their target that they are talking to a grandson, daughter or someone they know. In a romance scam, voice cloning may be used to simulate the voice of a male or female love interest.

Worm. Like a virus, this malicious software can spread among computers. But it doesn’t need any action from you to do so.

This story, originally published Sept. 14, 2023, was updated with additional definitions.

Discover AARP Members Only Access

Join AARP to Continue

Already a Member?

spinner image cartoon of a woman holding a megaphone

Have you seen this scam?

  • Call the AARP Fraud Watch Network Helpline at 877-908-3360 or report it with the AARP Scam Tracking Map.  
  • Get Watchdog Alerts for tips on avoiding such scams.