Whether it’s scam text messages, fake ads, unsolicited social media messages, or just plain old phishing emails, the methods used by cybercriminals to hook their targets are getting more sophisticated and believable.

That’s the upshot of a report released Wednesday by Google ahead of its Safety Engineering Center’s inaugural Scams Summit. The research pointed to recent Federal Trade Commission data showing that reported fraud losses jumped 25% to $12.5 billion last year.

Experts say that’s partly due to new technologies, including those powered by artificial intelligence, which are helping cybercriminals boost both the believability and quantity of their scams. To make matters worse, Google says plenty of people still don’t know what the red flags of a scam are.

“Scammers are more effective and act without fear of punishment when people are uninformed about fraud and scam tactics,” Google said in the report.

Need some help spotting online scams? Here’s a look at five trending online scams outlined by Google’s researchers and some tips for how to avoid them.

Customer support scams

Scammers impersonate legitimate companies like tech-support providers in an attempt to trick people into handing over sensitive information. They exploit their targets by capitalizing on their worries about IT problems. They’ll also exploit web vulnerabilities to show targets fake tech-support phone numbers. 

How to stay safe: Use the contact information included with your device or in your tech-support contract. Unsolicited messages or pop-ups offering help should be ignored, and remote access to your device should only be granted to legitimate providers. Double-check tech-support numbers to make sure they’re legitimate before you call them.

Malvertizing

Scammers use fake online ads to spread malware. Google says they often offer “free” or “cracked” versions of popular software. What’s interesting now, Google researchers say, is that scammers are increasingly targeting more sophisticated users, including people with valuable online assets, like crypto wallets, and social media influencers.

Google says that in some cases, the malvertising could be the first step in a bigger attack. The attackers will convince their target that the software is safe, urging them to turn off security alerts and antivirus protections to allow the software access to their device.

How to stay safe: Only download software from sites you know to be legitimate, and be very skeptical of any ad that offers free versions of licensed software. Security warnings from browsers or antivirus software should not be ignored or disabled.

Fake travel websites

Vacation scams are spiking ahead of the summer travel season. Scammers use fake websites to lure vacationers into bookings, promising great deals and unbelievable experiences. They often masquerade as popular hotel chains or a legitimate travel agency.

How to stay safe: Consumers should be extremely skeptical of super-low prices or massive discounts. Use secure payments with buyer protection and avoid wire transfers. Bookings should be confirmed directly with hotels or airlines. And don’t forget to ask about hidden fees.

Package-tracking scams

These involve messages that appear to be from legitimate delivery companies or online retailers. They often trick targets into paying bogus additional fees the real company wouldn’t charge.

What’s interesting about these scams now, the researchers say, is that the cybercriminals behind them are able to use phishing software kits to mimic the websites of legitimate companies almost instantly, boosting both their sophistication and scale.

How to stay safe: Be skeptical of unexpected delivery texts that urge you to act right away. Avoid clicking shortened links. If you’re expecting a package, go straight to the delivery company’s site to check the status.

Toll road scams

The rise of cashless toll systems has brought with it a freeway full of fake text messages claiming that people have unpaid tolls. The hope is that drivers will hand over their credit card numbers or other personal information.

How to stay safe: This is another case where you need to think before you click, even if the message says you must act immediately. If you’ve recently used a toll road, confirm the fees directly with the official toll company. Don’t click on links from unknown phone numbers or emails.