The New Phishing: How AI Imitates Trust and What to Do Next

Ross Marino |
Categories
Technology

A decade ago, many scams were easy to spot. The emails sounded wrong, the grammar was sloppy, and the story fell apart on a second read. That has changed. Artificial intelligence is helping criminals write fluent messages, copy familiar tones, and even imitate voices convincingly. [4]

Why this matters for your financial life: email and text are still the most common paths into your day, and phishing remains one of the top reported internet crimes. That mix of everyday channels and more realistic messages is why a steady response matters more than memorizing every new tactic. [1]

Why scams feel more convincing now

AI gives scammers leverage in three places at once: language, scale, and realism. Messages that once felt clumsy can read like a careful note from a company you use or a person you know.

Some calls now use cloned or AI‑generated voices, and news coverage has highlighted regulators and law enforcement responding to AI‑voice robocalls. Realistic detail can sound convincing, but it does not prove the message is genuine. [4]

Impostors also borrow trust. Investor alerts and consumer reporting describe fraudsters posing as licensed professionals or familiar financial brands, sometimes with look‑alike websites and profiles that pass a glance test. A narrow “verify this now” request can be the hook. [5][3][2]

Dovetail Principle: Important Financial Decisions Need Breathing Room.

Scammers rely on speed. A short pause and a separate‑channel check protect the decision you are about to make.

What today’s scams look like

The pattern repeats across channels: something you recognize, something urgent, and pressure to act before you have time to think. It might be a text that appears to come from your bank about a transaction, a polished email with a link to “fix” an account, or a call that sounds like a family member in trouble.[1][2][6]

Requests for unusual payment types are a common warning sign. Gift cards, wire transfers, and cryptocurrency are hard to reverse and are often used to bypass normal safeguards. Treat any demand for those payment methods as a stop sign, not a shortcut. [3]

The protection is a process, not a hunch

You do not need to master every new scam to improve your odds. A simple process helps you slow down the moment, check a path you already trust, and protect your accounts. That process also reduces pressure when a message feels urgent, unusual, or just slightly off.

Start with the goal: protect clear thinking at the decision point. Then move in order: pause, verify, and protect. A steady routine serves you better than a perfect memory of reasons to slow down.

First: Pause and break the script

Treat urgency as a warning sign, not a reason to move faster. Scams try to narrow your options by claiming there is a problem that only a quick click, reply, or payment will fix. Give yourself breathing room. If the message is real, it will still be real after a short pause.

Do not click links or open attachments from unexpected messages. If you think the message might be legitimate, open a new browser window and navigate to the known website yourself. Hover to preview links on a computer. When in doubt, leave the message and move to a trusted path. [2]

Next: Verify through a separate channel

If a message appears to come from your bank, custodian, advisor, or a family member, do not use the number or link in the message. Use contact information you already trust, such as the number on the back of your card, a bookmarked site, or a known email address.

That separate‑channel check breaks the trap that relies on you staying inside the scammer’s message. [2] Investment‑related impersonation deserves special care. Before you act, confirm the firm's professionalism and reliability through sources you locate yourself, not through links you were sent.

Go directly to Investor.gov for firm and professional lookups and compare what you see with any documents you received. [5]

Then: Guard your accounts and your circle

A few protective steps add helpful friction. Turn on multi‑factor authentication where available, especially for email, financial, and social accounts. MFA makes it harder for someone to access an account even if a password is guessed or stolen. [7]

Set a family plan for real emergencies. Agree on a code word and a callback routine so you can confirm a true situation without relying on a single incoming message. Remind loved ones that a convincing voice is not proof. Verify first. [6]

Build a routine that slows the moment down

  • Pause first. If a message feels urgent or secret, stop and reread it with fresh eyes. [2][3]
  • Verify through a trusted path. Navigate to the known website or call a known number you look up yourself. [2]
  • Avoid links and attachments you did not expect.

Type the address yourself when you need to check. [2] - Strengthen account access. Turn on multi‑factor authentication for key accounts. [7] - Use a family code word and call‑back plan for emergencies. [6]

Carry a steady response, not fear. When a message looks urgent or slightly off, you can slow the moment down, verify through a trusted path, and keep important financial decisions from being rushed by someone else’s timeline. [1][4][5][6]

About the Author

Ross Marino, CFP®, CeFT®, is the Founder & CEO of Dovetail Financial and creator of Human-First Financial Guidance®. He helps people nearing or living in retirement connect their lives and wealth so that financial decisions become clearer, more personal, and easier to navigate. 

Read More Articles

Notes

  1. Federal Bureau of Investigation, “FBI Releases Annual Internet Crime Report,” press release and IC3 highlights, accessed May 15, 2026. fbi.gov
  2. Consumer Reports, “How to Identify a Phishing Email,” accessed May 15, 2026. consumerreports.org
  3. AARP, “Gift Card Payment Scams: Payment by gift card? It’s a scam!,” updated 2025, accessed May 15, 2026. aarp.org
  4. Associated Press, “AI‑generated voices in robocalls can deceive voters. The FCC just made them illegal,” Feb. 8, 2024, accessed May 15, 2026. apnews.com
  5. U.S. Securities and Exchange Commission (Investor.gov), “Beware of Fraudsters Impersonating Investment Professionals and Firms — Investor Alert,” Dec. 11, 2024, accessed May 15, 2026. investor.gov
  6. AARP, “Criminals Pose as Grandchildren in Grandparent Scams,” updated Feb. 13, 2025, accessed May 15, 2026. aarp.org
  7. Consumer Reports, “The Best Way to Use Two‑Factor Authentication,” accessed May 15, 2026. consumerreports.org

Disclosure: This content is provided by Dovetail Financial Group LLC (“Dovetail Financial”) for informational and educational purposes only. It is not intended as, and should not be construed as, individualized investment, tax, legal, or accounting advice; a recommendation to buy or sell any security; or a recommendation to adopt any investment strategy. Because each person’s situation is unique, readers should consult their own financial, tax, and legal professionals before taking action based on this content.

Information contained herein is believed to be reliable, but its accuracy or completeness is not guaranteed. Any opinions expressed are current as of the date of publication and are subject to change without notice. All investing involves risk, including the possible loss of principal. Asset allocation and diversification do not guarantee profits or protect against losses in declining markets. Past performance is not a guarantee of future results. Dovetail Financial Group LLC is a registered investment adviser. Registration does not imply a certain level of skill or training. Additional information about Dovetail Financial Group LLC, including Form ADV Part 2A and Form CRS, is available at adviserinfo.sec.gov. © 2026 Dovetail Financial Group LLC. All rights reserved.