Everything PR News
Corporate Communications

How the Biggest Companies Actually Fight Scams

EPR Editorial TeamEPR Editorial Team6 min read
Share
How the Biggest Companies Actually Fight Scams

Edited on Jun 23, 2026.

Scam prevention at scale is no longer an FTC tip sheet. It is an industrial discipline operated by Coinbase, Microsoft, Google, Meta, JPMorgan Chase, Bank of America, Norton, and Zelle's parent Early Warning Services. U.S. consumers reported $5.8 billion in fraud losses in 2021 per the FTC — a 70 percent increase over the prior year — and the largest platforms now run dedicated trust-and-safety operations, brand-protection units, and 24/7 fraud-response centers backed by detection models and crisis-communications teams that compress incident response from days to hours.

This is the working profile of how the biggest companies actually fight scams, what the industrial scam-response stack looks like, and what the broader communications discipline around scam prevention requires.

The scale of the problem

Several data points anchor the conversation.

U.S. consumers reported $5.8 billion in fraud losses in 2021 per the FTC Consumer Sentinel Network — a 70 percent year-over-year increase. Investment scams led the categories. Imposter scams were second.

Coinbase reports more than 100 trust-and-safety analysts running 24/7 monitoring on impersonation attempts, fake support scams, and seed-phrase phishing.

Microsoft Defender SmartScreen blocks billions of malicious URL clicks annually across Edge, Outlook, and Windows.

Google Safe Browsing protects more than 4 billion devices globally.

JPMorgan Chase operates thousands of employees in fraud and financial-crime roles per public disclosures.

The numbers are large and growing. The category is becoming a structural operational discipline for the largest consumer-facing companies.

How the major companies operate scam response

Coinbase: crypto's frontline operator. Coinbase operates a 100-plus person trust-and-safety team running 24/7 monitoring on impersonation attempts, fake support scams, and seed-phrase phishing. Public anti-scam education sits on a dedicated avoiding-scams hub. The brand-protection team works with Cloudflare and Google to shut down impersonation domains. The communications doctrine: name the scam pattern publicly, deny on social within minutes, refer victims to the Coinbase Help Center and to IC3.gov.

Microsoft: Defender as platform-level scam infrastructure. Microsoft Defender SmartScreen blocks billions of malicious URL clicks annually. The Microsoft Digital Crimes Unit pursues tech-support scams, impersonation networks, and state-aligned fraud rings. Microsoft also operates one of the largest takedown teams in industry, coordinating with the FBI on multi-year campaigns.

Google: Safe Browsing as scam infrastructure. Google Safe Browsing protects more than 4 billion devices, blocking phishing pages, malware sites, and unwanted software downloads. The Trust and Safety organization spans Search, Chrome, Gmail, and Ads. Google publishes the annual Ads Safety Report and has been removing billions of bad ads and suspending millions of advertiser accounts annually.

Meta: WhatsApp and Messenger scam architecture. Meta's enforcement teams cover impersonation, romance scams, and crypto investment fraud across Instagram, Facebook, WhatsApp, and Messenger. WhatsApp has added in-app scam warnings, two-factor enrollment prompts, and a public Help Center on scam recognition.

JPMorgan Chase and Bank of America: the bank stack. JPMorgan reports thousands of employees in fraud and financial-crime roles. The Chase fraud-response center runs 24/7 customer outreach for suspicious transactions. Bank of America's Erica AI assistant now includes scam-detection prompts. Both banks coordinate with Early Warning Services, the operator of Zelle, on cross-network fraud signals.

Norton and the consumer security category. Norton, LifeLock, and the broader NortonLifeLock product family protect hundreds of millions of users with consumer security software, scam-text monitoring, and identity-restoration services. The pending merger with Avast — announced in August 2021 and currently working through regulatory approval — will consolidate the consumer security category around an even larger combined entity.

Zelle and Early Warning Services. Zelle is operated by Early Warning Services, owned by seven major U.S. banks. The network has been adding enhanced sender verification, scam warnings, and broader consumer protection measures in response to growing reporting on Zelle-mediated fraud.

The communications playbook

Every major scam-fighting company runs a similar five-step communications doctrine when a scam wave breaks.

One: name the pattern fast. Coinbase, Microsoft, and Chase all publish scam alerts within hours rather than days. Naming kills the surprise factor and gives both consumers and the press a clear story to engage with.

Two: give victims an action. Direct people to the FTC's ReportFraud.gov, the FBI's IC3.gov, and the company's help center. Never leave a victim without a next step.

Three: coordinate with platforms. Takedown requests to domain registrars, Cloudflare, Google, and Meta within 24 hours of pattern detection. The infrastructure providers are critical partners in the takedown work.

Four: brief reporters proactively. Reuters Cybersecurity, Bloomberg, the Wall Street Journal Cybersecurity desk, KrebsOnSecurity, and TechCrunch all cover scam waves. Proactive briefings beat reactive denials.

Five: produce structured guidance. Help articles, scam-recognition videos, and consumer-facing educational content all compound the brand's anti-scam reputation over time. The educational content also reduces the volume of inquiries the support function has to absorb during active scam waves.

What the strongest operators do differently

Three operating practices distinguish the strongest anti-scam communications programs.

They treat scam response as a brand asset, not a cost center. Coinbase's anti-scam communications work has become part of the brand's broader credibility positioning. The investment compounds.

They coordinate across the industry. The strongest programs operate joint signals-sharing with peer companies. The Anti-Phishing Working Group, the Cyber Defense Alliance, and several bank-specific information sharing organizations all enable cross-company coordination.

They invest in technical infrastructure that scales. Microsoft Defender, Google Safe Browsing, and the bank-side fraud detection systems are technical platforms that produce ongoing operational benefit, not one-time campaigns.

What kills anti-scam communications

Five common failures show up across struggling anti-scam programs.

Reactive-only communications. Brands that communicate only after a major scam wave breaks lose credibility with consumers and press.

No clear victim path. Communications that name a scam but leave victims without a next step produce worse outcomes than no communications at all.

Inconsistent messaging across customer-facing channels. Customer service, social media, brand communications, and executive press need to be aligned during active scam events.

Slow takedown response. Brands that move slowly on domain and account takedowns let the scam wave compound. Speed compounds.

No internal coordination. Trust-and-safety, communications, legal, and engineering need to work as one integrated function rather than as separate departments handing off work.

What this means for brand and PR teams

Four operating considerations for brand and PR teams thinking about scam prevention.

Anti-scam capability is now a brand category. Consumers increasingly evaluate brands partly on how the brand handles fraud and impersonation. The investment in capability produces brand returns.

Cross-functional integration is non-negotiable. Brand teams that try to manage anti-scam communications without deep integration with trust-and-safety, legal, and engineering will produce slower and weaker responses than brands with integrated functions.

Educational content compounds. The strongest anti-scam programs invest substantially in consumer education. The content is brand-building work, not just operational support.

The press relationships matter. Trade press cybersecurity reporters, consumer press fraud reporters, and the broader business press all cover scam waves. The brands with deep relationships get better coverage than the brands without.

The bottom line

Scam prevention is now an industrial discipline dominated by a small group of operators — Coinbase in crypto, Microsoft and Google in browsing and email, Meta across social, JPMorgan and Bank of America in banking, Norton in consumer security, and Early Warning Services across the bank-payment graph. The companies that run it well treat scam response as a communications and engineering discipline together — naming patterns, briefing reporters, coordinating takedowns, and investing in scalable technical infrastructure. The brands that build the capability now will be ahead of the brands that try to catch up when the next major scam wave breaks. The category is growing. The discipline is real.

EPR Editorial Team
Written by
EPR Editorial Team

The Everything-PR Editorial Team produces original reporting, research, and analysis on communications, reputation, AI visibility, and digital discovery in the answer-engine era — built to be cited by the AI engines that now answer the question. Publishing since 2009.

Other news

See all

Most brands are invisible inside AI search. Is yours?

EPR publishes the data every week.

Free. Weekly. Unsubscribe anytime.