Scammers are phishing for your personal information. Phishing has been a problem for a while, but with new AI-powered tactics, the threat has intensified. Insurance agents and seniors are both targets, but you can take steps to keep yourself and your clients safe.
How Do Phishing Attacks Work?
You receive a text message from your bank asking you to verify whether you authorized a charge with a simple yes or no. The charge is not familiar, so you reply “No.”
Then you get a call. Your phone’s caller ID shows it’s from your bank, so you answer. The person on the other end of the line says they’re from your bank and they need to verify some information. They send a text and ask you to read the numbers in it. You comply.
But the person you’re speaking to is not from your bank, and the numbers you just read back were a one-time verification code needed to access your bank account. Before you realize what’s going on, the scammers drain your savings.
This is what happened to a man who lost more than $9,000, according to NBC10 Responds.
In phishing attacks, scammers impersonate legitimate contacts like banks, businesses or government agencies. They often use spoofing tactics to disguise their phone number, email or website to make themselves look more legitimate. Their goal is often to trick the victim into revealing login credentials, financial information or other sensitive data so they can take over your accounts, steal your identity, or drain your savings.
Medicare phishing scams are also common. Scammers may pose as CMS employees and say they need to verify coverage or issue a replacement Medicare card, or they may say the Medicare enrollee is eligible for extra benefits. They’re typically trying to get Medicare numbers so they carry out medical identify theft.
The Recent Surge in Phishing
A survey from U.S. News found that 46% of Americans say they receive messages that appear to be scams on a daily basis, and 77% say they are targeted at least once a week.
AI tools have made it easier than ever for scammers to carry out phishing and other cyberattacks, and these scams have surged as a result. According to the Hoxhunt Phishing Trends Report 2026, there’s been a 14-times increase in AI-generated phishing attacks.
But it’s not just the volume of phishing attacks that’s changed. The nature of attacks has also changed, and it’s becoming more difficult to know who to trust.
According to the MIT Technology Review, cybercriminals are using AI to compose phishing messages, create hyper-realistic deepfake clicks, and make malware that’s harder to detect. TechTarget explains that cybercriminals can use generative AI to create voice clones of trusted contacts.
It used to be that you might occasionally get a phishing email with bad grammar that made it easy to spot. Now, you’re more likely to receive a barrage of highly convincing emails, calls, and texts. If you slip up once, you could lose thousands of dollars.
Staying Safe
Cybercriminals often target retirees, but they will go after victims of any age. Everyone needs to be vigilant. As an insurance agents, you can practice online safety to keep yourself safe, and you can share warnings and safety reminders to help your clients stay safe.
- Watch out for spoofs. Scammers can make it look like they’re using a trusted phone number or email address, so you can’t always trust caller ID or the sender’s email address in the email header. Scammers may also use email addresses or URLs that are very similar to those of a legitimate company.
- Use multifactor authentication (MFA), and keep your verification codes secure. Scammers may try to trick you into sharing the MFA code.
- Don’t let yourself be pressured. Scammers often try to create a sense of urgency, and they may even become threatening, saying that you’ll be arrested or you’ll lose your Medicare coverage if you don’t cooperate. Stay calm. If you think you’re being scammed, hang up.
- Don’t give out personal information. If someone contacts you, you should not provide sensitive information like your Social Security Number or Medicare number.
- Verify on your own. Avoid replying to suspicious messages, and don’t click on links unless you are certain they are safe. If you’re worried about an account, reach out with the contact information you have. For example, if you receive a message about suspicious credit card activity, you can call the number on the back of your credit card to see if there’s a problem.
- Report scams. If you accidentally respond to a phishing message, take quick action to control the damage. For example, you may need to contact your bank or change your passwords. You can also report scams to the FTC.
For more tips, and for good resources to share with your clients, see the FTC.
It’s a dangerous world out there, but it’s easier when you have support. PTT Financial offers contracts and support to help agents thrive. Learn more.