How Social Engineers Steal Millions — and Ways to Prevent the Scams
Fraud Detective Marc Evans provides insight into how scammers use social engineering to scam individuals and businesses.
Episode 46: Erin West sits down with Marc Evans, an active metropolitan fraud detective and the founder of Fraud Hero, to explore social engineering scams. Marc brings front-line insight into the schemes hitting hardest, from tech-support cons and business email compromise to casino heists pulled off entirely over the phone. He traces his own path into fraud investigation, including a personal brush with identity theft that almost cost him his law-enforcement career before it began.
Scroll down for: Guest Bio - Chapters - Useful Links - Sponsors - More Stolen
Marc and Erin unpack how scammers exploit psychology — manufacturing authority, urgency, and trust — to steal money before victims even realize what has happened. They talk about how cryptocurrency ATMs have become the payment method of choice for scammers, and cover the efforts to rein them in. Marc shares his vision for Fraud Hero, an education platform designed to stop scams before they start by giving everyday people and businesses the knowledge he uses on the job.
“Pause, think, and verify... the scammers don’t want you to. They want you to move as fast as possible and not think logically.”— Marc Evans, Fraud Hero
Marc identifies four of the scams in which he sees social engineering used most often:
Bank fraud scams that use text messages, emails, and phone calls to alert you to a fraudulent charge.
Law enforcement imposters that tell you that you’ve missed a jury summons or they have a warrant for your arrest.
Tech support scams where they pretend to be Apple, Microsoft, or another tech company and warn you about a virus on your computer or pose as a legitimate support team.
Romance scams and investment scams in which the scammer builds a relationship of trust, then leverages that to ask for money or lead you into a fake investment scheme.
Five Key Takeaways
Scammers use carefully rehearsed formulas. Fraud is not opportunistic guesswork. Marc describes a layered “scam formula” that begins with data research, escalates with a pretext call designed to establish authority, and moves into a script that introduces a fake executive or professional. In one case, scammers hired a legitimate locksmith — a week in advance — to crack a business safe, then directed an unwitting employee to pay the locksmith from the stolen cash.
Time is the best weapon victims have. Once money leaves your account — especially via wire transfer or crypto — recovery becomes nearly impossible. Marc’s fastest-ever recovery was $350,000 in 15 minutes because the victim reported within seconds of sending the payment. He urges a simple mental model: When a pipe bursts, you turn off the water before calling the plumber. If you suspect fraud, make sure the first call is to your bank to freeze outbound transfers. Then call law enforcement or family. Every hour of delay dramatically shrinks the window for asset recovery.
Crypto ATMs are a massive fraud pipeline. There are more than 30,000 cryptocurrency ATMs in the United States, 10 times as many as in Canada. Also called bitcoin ATMs or crypto kiosks, they’re often in gas stations, convenience stores, and smoke shops. Estimated losses routed through these machines exceeded $333 million in 2024. Scammers using these machines to collect money keep victims on the phone for hours to prevent them from seeking a second opinion. Where regulations enforce daily transaction limits, they route victims to multiple machines on the same day.
Scammers weaponize urgency and authority. Successful social-engineering attacks often pair an authority with a deadline that prevents rational thinking. A caller claims to be a fire inspector threatening to shut down a casino at 2 am. Or a sheriff’s deputy warns of an active arrest warrant. Marc suggests a three-step mantra: Pause, think, verify. Businesses should establish out-of-band verification codes so employees can confirm the identity of anyone claiming to be an executive.
Community action and legislation make a difference. Marc designed warning posters, placed them on the crypto ATMs most frequently used in jury-duty scams in his city, and hasn’t received a single incident report from those machines since. At the state level, Indiana became the first to ban crypto ATMs entirely (March 9, 2025). About 20 more states are advancing legislation — many backed by AARP — to regulate or ban the devices. Marc’s Fraud Hero nonprofit education project is expanding into an on-demand learning platform to provide businesses and individuals with investigator-grade knowledge from law enforcement.
All scams are after the same thing: How do we get you to give us the most money in the shortest time? — Erin West, Stolen Podcast
Prevention isn’t complicated; it is just undervalued. The scam industry runs on the assumption that you will not act until it is too late. Prove them wrong.
Take Action: Identify a Vulnerability in Your Own Life
Pick an entry point where a scammer could apply pressure — your workplace’s payment-authorization process, a family member’s awareness of crypto ATMs, or your own habit of clicking sponsored search results — and close it. That might mean:
Identifying a verbal code word with a family member that anyone claiming to be law enforcement must provide
Photographing the nearest crypto ATM in your neighborhood so you can warn others
Forwarding this episode to your company’s operations manager with a note about implementing a verification protocol for wire transfers
Who Is Marc Evans?
Marc Evans is a Cybercrimes and Fraud Detective, a Certified Fraud Examiner, and the Founder of Fraud Hero, where he provides training and education to financial institutions, law enforcement, and senior communities. He has investigated cyber and fraud-related crimes and has been in law enforcement for over 13 years. These investigations have included social engineering, ransomware, credit card fraud, money laundering, and identity theft, among other crimes. His work has uncovered multiple criminal methodologies, led to many arrests and convictions, and recovered millions in lost funds and assets.
Episode Chapters
00:00 Introduction
03:29 The Journey to Becoming a Fraud Detective
07:17 Understanding the Landscape of Fraud
08:23 The Role of Social Engineering in Scams
10:28 Tech Support Scams Explained
14:46 The Importance of Quick Reporting
18:52 Casino Scams and Social Engineering Tactics
23:10 Building a Scam Narrative
26:16 The Complexity of Scam Victims
29:07 Conclusion and Insights on Fraud Prevention
31:13 The Role of Social Engineering in Fraud
35:26 The Impact of Crypto ATMs on Scams
44:02 Community Action Against Scams
48:10 Fraud Hero: A Mission to Educate
Useful Links
Subscribe to Stolen for straight truth, survivor-centered storytelling, and bold conversations about the scamdemic and the people fighting back. Find Stolen on YouTube, Apple Podcasts, Spotify, Amazon Music, and other major podcast platforms.
Sponsors of Stolen
BioCatch prevents financial crime by recognizing patterns in human behavior, continuously collecting 3,000 anonymized data points – keystroke and mouse activity, touch screen behavior, physical device attributes, and more – as people interact with their digital banking platforms. With these inputs, BioCatch's models reveal patterns that distinguish the criminal from the legitimate.
Scamnetic is a leader in AI-powered scam detection and prevention, protecting individuals, businesses, and financial institutions from digital scams. With solutions like KnowScam and IDeveryone, Scamnetic delivers real-time scam insights, identity verification, and intervention. Restoring trust, reducing losses, and empowering organizations to safeguard customers in an increasingly complex digital world.
Recent Episodes of Stolen
