How to Protect Yourself from Fraud in 2026 and Avoid Losing Money
Technology has made managing finances faster and more convenient, but it has also increased the risks. Today, fraudsters do not always need physical documents to steal money or take out a loan in someone else’s name. In many cases, your trust, personal data, and a confirmation code are enough.
In this article, we explain how these schemes work in 2026 and what really helps protect you.
What Fraudsters Need
In most cases, fraudsters only need a basic set of personal data: passport or ID card details, PINFL (Personal Identification Number of an Individual), and a phone number. In addition, they try to gain access to transaction verification methods.
Sometimes fraudsters ask people to “complete enhanced verification,” for example by uploading a selfie with their ID document. In reality, what matters most to them are one-time SMS codes or codes from banking apps, as well as access to online banking and card details.
How Fraudsters Gain Access
Some data leaks from services where people leave personal information: delivery services, marketplaces, online payment platforms, and telecom providers.
“Unfortunately, we have to admit that we ourselves have become used to leaving our data almost everywhere. If you take a close look at the permissions in your Google account or the history of connected services, you may be surprised by how many platforms already have access to your data. And that is only the tip of the iceberg.
Cookies, forms, Telegram bots, delivery forms, and subscriptions create a digital footprint that may later be used in fraudulent schemes.”
The rest they usually obtain through social engineering. Fraudsters call pretending to be bank employees, security staff, or telecom representatives and try to trick people into revealing a code, sharing card details, or granting access to a banking app. This is often the moment when people lose access to their accounts.
How to Recognize a Fraudster
If someone calls claiming to be from a bank and says that a loan is being taken out in your name right now, the fraudster’s goal is to trigger a strong emotional response. Most often, that response is fear and a sense of urgency. In that state, people are easier to persuade into taking action, sharing sensitive information, or confirming a transaction.
It is important to remember one simple rule: neither a bank, nor a telecom operator, nor a government agency will ask for confidential information over the phone or through messaging apps.
This includes SMS codes and codes from mobile apps, PIN codes and passwords, as well as card details, including the CVC or CVV code.
You will also never be asked to share your screen, install a “security” app, click a link, or make a transfer “for verification.” Under the pretext of cancelling a loan, fraudsters may ask you to disclose a confirmation code. That must never be done either.
Any such request is a sign of fraud. In that situation, the best thing to do is end the conversation immediately and contact the bank yourself through official channels.
“Remember: there are no situations so urgent when it comes to your money or a loan application. Fraudsters deliberately create a sense of urgency and pressure so that you do not have time to assess the situation calmly.
Many victims later say that it was difficult to think clearly during the call. That is a normal reaction to psychological pressure.
In such a situation, one simple step can help: contact family members or friends and talk through what is happening. An outside perspective often helps you quickly understand what is really going on.
If you have any doubts, it is better to pause and seek advice. This simple action can protect your money.”
Common Fraud Scenarios and How to Respond
The most common type of fraud relies on social engineering. Fraudsters exploit trust and use plausible scenarios to get people to hand over confidential data or transfer money themselves.
As a rule, such calls are prepared in advance. Fraudsters think through the conversation, speak confidently, may mention certain details, and create the impression of an official interaction.
It is important to remember that such calls always have one goal: to get your data and access to your money.
“A suspicious transaction is currently being processed on your card or account” (vishing)
What it means
Fraudsters are trying to obtain an SMS or push notification code, your card details, or access to your app under the pretext of cancelling a transaction.
What to do
Do not confirm any transactions and do not share codes over the phone. End the call and contact the bank yourself using the official number.
“You need to urgently transfer your money to a safe account, otherwise it will be stolen” (vishing)
What it means
Fraudsters are trying to convince you to transfer money under the pretext of protecting your funds.
What to do
A bank will never ask you to transfer money to a “safe account.” Do not make any transfers and contact the bank through official channels.
“There has been a data leak at the bank or among employees, and an investigation is underway” (vishing / spoofing)
What it means
Fraudsters are trying to scare you and force you to follow their instructions. They may pretend to be law enforcement officers or security staff and ask you to transfer money, disclose codes, or “assist with an investigation.”
What to do
Government authorities do not handle such matters over the phone or through messaging apps, and they do not request codes or transfers. End the conversation and do not take any action.
“Dictate the code to the robot or enter the digits on your phone” (vishing)
What it means
Fraudsters are trying to obtain a one-time code while lowering your guard. They may ask you to dictate it “to the robot” or enter digits on your phone during the call.
What to do
Do not enter or share codes with either a person or an automated system. End the call.
“Install an app for protection or a security update” (vishing / remote access scam)
What it means
Fraudsters are trying to persuade you to install a remote-access application such as TeamViewer, AnyDesk, or similar tools. Through it, they can see your screen, intercept codes, and control your device.
What to do
Do not install applications at the instruction of the caller. Download apps only on your own, from official stores, and only when necessary. If in doubt, verify the information with your bank.
“You’ve won a prize” or “You’ll receive a bonus for completing a survey” (phishing / smishing)
What it means
Fraudsters are trying to lure you to a fake website in order to gain access to your data. They may also ask you to enter your card details supposedly to receive the prize, or suggest making a small payment, after which they either debit your money or link your card to a third-party service.
What to do
Do not click on links in such messages and do not enter your card details. Do not make any payments. Verify information about giveaways only through the organizers’ official resources.
“Profitable investments / high returns / quick income” (investment scam)
What it means
Fraudsters offer you the chance to invest money in what appears to be a profitable project and ask you to transfer funds to an “investment account” that actually belongs to them.
What to do
Do not transfer money without a contract and proper verification of the company. Do not send funds to personal cards and do not trust promises of guaranteed returns.
“We can improve your loan or card terms — just confirm the code” (vishing / phishing)
What it means
Fraudsters offer to activate a benefit or improve your terms and ask you to disclose a one-time code or card details under the pretext of arranging the service.
What to do
Any changes to product terms are made only through the bank’s official channels. Do not share codes or card details over the phone.
“Tell us which banks you have cards or accounts with” (pretexting / social engineering)
What it means
Fraudsters are trying to gather information in order to prepare a more convincing attack later.
What to do
Do not disclose which banks you have accounts or cards with. Do not answer follow-up questions and end the conversation.
A Universal Phrase That Helps Protect You
I will verify the information and call back using the official number.
“As artificial intelligence continues to develop, fraudsters are creating increasingly personalized scenarios and using real data more and more often. They may address you by your full name, mention your place of work, or refer to information from public sources.
That is why it is important to focus not on how convincing the story sounds, but on the substance of the request. If someone asks you to disclose a code, transfer money, install an app, or provide access, that is a sign of fraud no matter how plausible the conversation may sound.”
What You Can Say to Fraudsters
If you have any doubts, do not argue and do not try to prove anything. The safest option is to end the conversation calmly and verify the information through official contacts.
“I will verify the information and call back using the official number.”
If you want to better understand who is calling, you may ask a few clarifying questions. The key point is not to share any of your own data.
- “Which bank are you calling from?”
- “Which card or product are you referring to?”
- “When did the transaction take place and for what amount?”
- “What exactly have I won?”
- “Why are you sure this is my number?”
You may also ask for the caller’s name and position, the name of the organization, and the official call center number.
If the person on the line starts getting confused, avoids direct answers, rushes you, or becomes irritated, these are all typical signs of fraud.
What You Should Avoid Saying
In suspicious conversations, it is important not to use phrases that may be interpreted as confirmation.
Do not use wording such as “I confirm.” Do not share SMS or push notification codes. Do not disclose your personal data, including your full name and other identifying information.
This helps prevent fraudsters from using your words and data against you.
Signs That Help You Quickly Recognize a Fraudster
Pay attention to the caller’s behavior and the nature of the request.
Fraudsters often rush you, do not give you time to think, and may raise their voice.
They may demand secrecy, forbid you from calling anyone else, and intimidate you with threats of liability or consequences.
They often call through messaging apps, while the displayed name or number may look official.
They may ask you to share your screen or read out a code from a notification.
They may also tell you that you have won a prize or received a discount and then ask for your card details “for verification” or “linking.”
Any one of these signs is enough reason to be cautious and end the conversation.
How to Check Whether a Loan Has Been Taken Out in Your Name
If you have any doubts, it is important to verify the information immediately through official channels.
Contact your bank through its official contacts and ask whether there are any applications or loans in your name. Check your credit history via my.gov.uz or through your bank’s services. Where possible, enable notifications about any changes.
If the situation seems suspicious, follow a simple rule: end the call, call the bank back using the official number, and do not disclose any codes or data during the original conversation.
What to Do If a Loan Has Been Taken Out in Your Name
First, verify the facts and preserve anything that may help with the investigation. Save SMS messages or push notifications, take screenshots, note the date and time, and record incoming phone numbers. Where possible, check your credit history through your bank or via my.gov.uz.
Then contact the bank through official channels, report the situation, and ask them to register your complaint stating that the loan was issued without your consent. Ask whether debits or repayments can be suspended while the case is under review. Also request copies of the loan documents, including the application, the agreement, the identification method used, and details of how and when the transaction was carried out.
At the same time, it is important to secure your access credentials. Change your passwords, review active sessions, and disconnect suspicious devices. Pay attention to linked cards and transaction limits in the app.
Contact law enforcement and file a report. Present the facts briefly and clearly. State how you learned about the situation, which amounts and banks were involved, which phone numbers called you, and which messages you received. Be sure to obtain the case registration number — you will need it for communication with the bank and for any further action.
If the bank’s review process is delayed or you receive a refusal despite clear signs of fraud, you may file a complaint with the regulator in accordance with the established procedure. If necessary, the next step may be to go to court. In such cases, it is best to involve a lawyer so that your claim is properly prepared and the evidence is compiled correctly.
“It is important to remember that the first few hours after an incident are especially critical for preserving as much information as possible. The more evidence you have, the faster the review process will be. Take screenshots of messages, notifications, and call history. Fraudsters may delete correspondence in order to leave no trace.”
How to Reduce the Risk of Financial Fraud
When making payments online, it is important to use only safe and trusted methods.
Do not follow payment or “refund” links sent through messaging apps or email. Always check the website address. It should be free of errors, use a secure connection, and display the padlock icon.
Pay attention to how the payment is confirmed. Secure payments are processed using 3-D Secure technology. After entering your card details, you are redirected to the bank’s page and confirm the transaction using a one-time code.
Be cautious with phishing messages. Emails or messages that appear to come from a bank or a well-known brand may actually lead to fake websites. On such pages, fraudsters try to obtain your login credentials, passwords, or card details.
Following these simple rules can significantly reduce the risk of losing money.
How to Protect Documents and Personal Data (Passport/ID and PINFL)
- Do not leave your passport or ID card as collateral at rental points or service locations.
- Do not share copies unless absolutely necessary, and destroy unneeded documents in a way that makes them impossible to reconstruct.
- If your document is lost, report it immediately and apply for a replacement — this reduces the risk of your data being misused.
It is also worth strengthening the protection of your phone and banking apps. Set a password or biometric lock on the device, use a separate password for your banking app, and enable additional transaction confirmations. Do not hand your phone to strangers.
An additional protective measure may be to place a restriction on taking out a loan in your name. This can be done through my.gov.uz or the MyGov app. To do this, sign in, select the service for placing a restriction on entering into a credit agreement, and activate it. If necessary, the restriction can be removed in the same way.
If You Have Already Interacted with Fraudsters
If the conversation seemed suspicious or you have already shared any information, it is important to act immediately.
Change your passwords and codes, end all active sessions, and disconnect unfamiliar devices.
Contact your bank through official channels and, if necessary, ask them to temporarily restrict access to your card or app.
Going forward, check your credit history regularly and enable notifications about changes, where available.
Other Common Fraud Schemes
Fraudsters do not rely only on fake bank calls and phishing links. There are other scenarios that are equally important to know about in advance.
“A friend or colleague urgently asks you to transfer money” (deepfake)
What it means
Fraudsters may use fake accounts, fabricated messages, or even cloned voices in order to gain your trust and pressure you into urgently transferring money or sharing information.
What to do
Do not make a decision immediately. Verify the request through another communication channel and contact the person directly.
“Voice deepfakes are another risk to keep in mind. If a ‘relative’ or ‘colleague’ calls you from an unfamiliar number or through a messaging app and urgently asks for money, pause and verify the information.
As an additional measure, you can agree on a code word with your loved ones in advance. In the event of an urgent request, they should be able to say it. This is a simple way to make sure you are speaking to the real person.”
“Scan this QR code to pay, log in, or receive a discount” (QR phishing)
What it means
Fraudsters use QR codes to redirect you to a fake page and obtain your card details, login credentials, password, or transaction confirmation.
What to do
Scan QR codes only from trusted sources. Before entering any data, always check the page address.
“Easy work with high income — just pay for training or registration” (job scam)
What it means
Under the pretext of employment, fraudsters try to obtain money or collect your personal and banking data.
What to do
Do not pay money in order to get a job, and do not share your data without verifying the employer.
“Support me in a vote or contest — click the link” (phishing / account takeover)
What it means
Fraudsters are trying to obtain a confirmation code and gain access to your account so they can then message your contacts pretending to be you.
What to do
Do not enter your phone number or messaging app codes on third-party websites. Even if the message came from someone you know, first verify directly with that person whether they actually sent the link.
“A real-life example illustrates this well. A friend’s mother, who is a doctor, received a link in Telegram asking her to vote for the best specialist. She opened the site and saw her real colleagues there. Naturally, she decided to vote. After that, a message appeared asking her to verify her account. Once she entered her phone number, she received an official code from Telegram. Even though the message clearly stated that the code would grant access to the account, she entered it. The fraudsters immediately took control. Fortunately, we managed to intervene quickly, terminate the unauthorized sessions, and cut off their access.”
To Sum Up
Fraud schemes keep evolving, but their goal remains the same: to gain access to your money through your codes, your card details, or your trust.
To reduce the risk, it is important to follow basic rules. Keep confidential information private, including card details, passwords, and codes from SMS messages and push notifications. Do not hand your card or phone to third parties, and do not click on suspicious links.
Enable transaction notifications, review your statements regularly, and pay attention to any unexpected debits. If you notice suspicious activity or receive a suspicious call, contact your bank immediately through official channels and, if necessary, restrict access to your card or app until the situation is clarified.