For the past few years, a handful of glamorous, high-rolling scam artists who conned their way into elite society — making hundreds of thousands, millions, or even billions of dollars along the way — have captivated American media.

But that’s not how most people get scammed, according to an article by Rebecca Jennings on Vox.com. The real way is far less sordid and more likely to actually happen to you: Robocalls, IRS fraud, and good old-fashioned stolen passwords are still some of the leading ways that Americans lost $16.8 billion to scams in 2017.

That’s according to a new book by Frank Abagnale, whose name you might remember being next to Leonardo DiCaprio’s when the actor played him in “Catch Me If You Can”. The 2002 Steven Spielberg film was based off Abagnale’s memoir of his time as a teenage con man in the 1960s.

After serving five years in prison in the ’70s, he became a security consultant for the US government. He now works with the FBI.

In “Scam Me If You Can”, which was published this summer, Abagnale tells the stories of catfished single people, social media identity theft, and fraudulent GoFundMe pages that swindled money and personal information from victims.

He chats with Vox.com about why you’re getting so many more robocalls, why the password must die, and how we’re currently living in the golden age of scams.

You’ve worked with the FBI for 43 years. What are the biggest changes you’ve seen among popular scams since then?

Crime is basically the same; the only thing that’s changed is today there are so many forms of communication and the ability to scam someone from thousands of miles away without ever really having personal contact with them.

In the old days the con man was a confidence man. He had to gain your confidence. He dressed well, he spoke well, he had a great vocabulary. He was a likable person and at the same time he was a human being, so he had a little emotion and a little compassion. He might’ve said, “I’m not going to take this old man for all his money. I’m just going to take a little of his money.”

Today you’re dealing with some guy who’s sitting in his pajamas on a laptop with a cup of coffee in his kitchen in Moscow. He never sees you. You never see him. He doesn’t know anything about the victim other than to victimize them. So all of that compassion has gone away and, unfortunately, they will take you for every penny you have.

Do scammers usually scam one person at a time or many at once?

When they do a romance scam, for example, which have doubled in the last couple of years, they basically have 12 or 15 people that they’re romance scamming. When doing the research for this book for five years, I found that millennials actually got scammed more than seniors, but seniors lost a lot more money because they have more money.

You list a variety of ways that people make themselves vulnerable to scam artists. Do you think there’s one most important one?

In doing the research for this book over these five years, the one thing I recognized in going through all of these scams, at some point there were two red flags: Either I’m going to ask you for money and when I do, it’s immediate. “Go down to Walmart, get a Green Dot card, come back and read me the number on the back, or give me your credit card over the phone.”

Second, I’m going to ask you some information. “What’s your social security number? What’s your date of birth?”

I may call and say I’m your bank and I’ll start out just talking to you. But at some point in the conversation I’m going to ask you for personal information, and that’s the red flag. When you see that red flag it’s time to hang up the phone and make sure you didn’t solicit that call. They called or emailed you. You need to verify that is who it’s supposed to be before you give them any information or give them any money.