Phishing technique: Message from a friend/relative

Fakhar Imam
March 26, 2020 by
Fakhar Imam

Like many other phishing scams featured on this site, friends-and-family imposter scams are common. These scams usually begin with a phone call impersonating a friend or relative, or often a grandchild in trouble. That is the reason this scam is also known as a “grandchild scam.” Other attack avenues may include email, SMS, or social media messages. 

The fraudster may call you and pretend to be your friend or relative, claiming to have been in an emergency and needing quick funds. A common story is that they were in a road accident and need money to compensate injured victims or to avoid a jail sentence stemming from safety violations. Other emergency situations may include leaving a foreign country due to an epidemic or paying a hospital bill or college fee to avoid penalties. Scammers will act quickly and try to get money before you realize it is a scam.

Phishing simulations & training

Phishing simulations & training

Build the knowledge and skills to stay cyber secure at work and home with 2,000+ security awareness resources. Unlock the right subscription plan for you.

This article will help you to be mindful of the friend/relative imposter scams, including grandparent scams. We’ll look at how family/relative scams work, some tricks used to circumvent your logical response and recommendations to avoid such scams.

Grandparent scams

A con artist in a typical grandparent scam impersonates a grandson or granddaughter by calling or emailing a grandparent and claiming that he or she is in distress or trouble. The scammer claims they need their victim to transfer money that will be utilized to get bail, pay attorney’s fees or handle another fictitious financial or health emergency. 

According to the U.S. Senate’s Special Committee on Aging, older Americans lose $3 billion a year in financial scams. Con artists victimize old people through friend or family imposter scams, sweepstakes, fraudulent business opportunities and technical support scams.

How does the friends-and-family/relative scam work?

According to a report published by the FTE in 2018, many reports about monetary loss were submitted to the FTE named as “imposter family/friend.” 58% of them claimed that the telephone was a method of contact used for friends-and-family imposter scams.

If the victim is tricked into believing the message or phone call, hackers demand money through a PayPal account payment, reloadable card, gift cards, cash, emailing or money order/check.

In addition to phone calls and emails, another common way to phish friends and family members is to use social media. According to the Better Business Bureau, scammers have turned to Facebook Messenger as a means of contact. They are hacking people’s accounts on Facebook and scamming their family members and friends for money, usually via prepaid gift cards or wire transfers.

In 2018, a woman from Springfield became a victim of a Facebook grant scam and lost $2,000 as a result. In this scam, the hacker claimed to be the victim’s pastor’s wife and told her that she was eligible for a grant of $150,000, but that she would have to pay an amount of $2,000 in advance through a gift card. After the verification via a channel other than Facebook, she found that her pastor’s wife knew nothing about this and the whole story was a scam.

What tricks do scammers use in friends-and-relatives imposter scams?

Scammers use several tricks in friends-and-relatives imposter scams to circumvent the victim’s logical response. 

  • Scammers attempt to impersonate the victim’s loved one convincingly. They mostly use social media to gather information about the victim’s friends and family members. For example, scammers hack a victim’s Facebook account, impersonate him and borrow money from his friends and family members. There is a great possibility that everyone would not verify the request through a phone call
  • Scammers are always in a rush. They use pressure tactics to trick you into wiring money quickly so that they can achieve their goal before the truth is revealed. For example, the fraudster impersonating your friend or family member may threaten you with arrest or pressure you into paying immediately. And if you refuse, the police would raid your house
  • Fraudsters also use secrecy cards to hide them as imposters. For example, they may say things such as, “don’t tell my brother” in order to prevent you from checking up on their story
  • As said before, grandparent scams are very common tricks fraudsters use to get illegitimate funds. They play with a victim’s emotions to achieve their nefarious goals

Emotional manipulation is a key tactic of these scammers. In a case recorded by CBS Evening News, Barbara McCullough was victimized by a scammer who claimed to be her grandson and asked for $10,000 as bail money. When she pointed out that he didn’t sound like her grandson, the scammer claimed to be ill and cried, emotionally manipulating her. McCullough gave him the money.

Recommended actions

If you receive a message or phone call from someone claiming to be your friend or relative and asking for money urgently, don’t trust this communication and keep in mind the following best practices:

  • Don’t give a prompt response, no matter how urgent the story is
  • Verify the caller’s identify by asking some questions that a stranger could not possibly answer
  • Make a separate phone call to the friend or relative to check whether the phone call or message is genuine or not
  • Ensure the veracity of the story by verifying from people living around your potential victim friend or relative
  • Beware of requests for secrecy. For example, if someone masquerades as your close relative and asks you that “don’t tell my dad and mom,” this might be a scam and you should not trust the story
  • Don’t pay any grants demanded through social media such as Facebook. Call your friend or relative and verify whether he is involved in the supposed grant or not

NCL’s Fraud Center suggests the following tips to detect and avoid the grandparent scam:

  • Be wary of the urgent solicitation of funds
  • Independently contact your relative (or parent of the relative) to check the veracity of the story
  • Con artists mostly use a wire transfer as a method of payment; therefore, it is always recommended to treat wire money suspiciously
  • Beware of the grandparent scam and treat any urgent call or emergency call with suspicion
  • Report any suspicious calls to the appropriate department of your country’s law enforcement
  • Don’t wire or send money unless you verify that the request for funds is legitimate


As we have seen, friends-and-relatives scams are very common, with social media tricks being the primary method of attack. Other common tricks include impersonation, secrecy, pressure tactics and appeals to sympathy, such as a grandchild in need. 

Since these scams circumvent the victim’s logical response, many tools, such as antivirus programs, are less than helpful. Instead, you must be aware of some phishing best practices, such as verifying the request through a secondary phone call or asking some questions that a stranger could not possibly answer.

Phishing simulations & training

Phishing simulations & training

Build the knowledge and skills to stay cyber secure at work and home with 2,000+ security awareness resources. Unlock the right subscription plan for you.


Fakhar Imam
Fakhar Imam

Fakhar Imam is a professional writer with a master’s program in Masters of Sciences in Information Technology (MIT). To date, he has produced articles on a variety of topics including on Computer Forensics, CISSP, and on various other IT related tasks.