The best way to protect yourself from online scams is to learn about them. Here is the information you need to stay safe.
The most common scams on the Internet
Think you’re too smart to fall for one of the most common scams online? Think again. It’s easy to get caught up in the excitement of a great vacation deal or the panic of owing the IRS back taxes. Scammers can be very convincing, and there are getting to be more and more of them. In fact, the FTC got more than 2.8 million reports of fraud in 2021, which caused more than $5.8 billion in losses, which is a huge 70% increase from 2020.
That’s a big jump, to say the least, and the way our world has changed has made it the ideal place for scams to grow. Experts say that the pandemic is one of the main reasons, since millions of people started to depend on “card not present” purchases on retailers’ websites. This is now the most common way for credit card fraud to happen, as 80% of cases happen this way.
People also felt more alone and isolated because of the pandemic, which led them to connect online, for better and for worse. “It’s easy for scammers to find and connect with victims on social media,” says Jason Glassberg, co-founder of Casaba Security. “The victims can then be “socially engineered” into giving personal information, visiting a malicious link, or sending money.” More than one-quarter of the people who say they were scammed in 2021 say it started on social media.
So, how can you keep yourself safe? People fall for online scams when they are not ready for them. If you know about these common ways to get scammed, you’ll think twice before you click. We’ll also help you improve the security of your passwords, the security and privacy of your smartphone, and your online security in general. This way, you’ll have a strong defense against hacks, attacks, and computer viruses. Here’s what you need to know to stay safe and avoid becoming a number.
1. Free-trial rip-off
How it works: You see an offer on the internet for a free one-month trial of a great product, like a weight-loss program, a teeth whitener, or something else that promises amazing results in a short amount of time. You think that all you have to pay is $5.95 for shipping and handling.
What’s actually happening: Terms that force you to pay $79 to $99 a month in fees for the rest of your life are often buried in the fine print and written in a color that blends into the background. Cancelling these subscriptions can be difficult and take a long time.
Christine Durst is an expert on internet fraud who has worked with the FBI and FTC. She says, “These guys are really smart.” “They know that most people don’t read the fine print before clicking “I agree,” and those who do just look for numbers. So the companies write out the numbers with no dollar signs. Everything in the text that has to do with money or time gets washed in.”
Read the fine print on offers and don’t believe every testimonial to avoid this subscription scam. You can also use TinEye.com, a search engine that looks for similar photos on the Internet, or you can do a reverse image search yourself. If you see that woman with perfect teeth promoting different products everywhere, it’s likely that her “testimonial” is made up. Trustworthy companies will let you cancel, but if you can’t get out of a “contract,” cancel your card right away and then talk to the company about a refund. If that doesn’t work, talk to the company that owns your credit card.
2. Fake Wi-Fi hotspot scam
What happens: You’re in a coffee shop or airport, and you log into the Wi-Fi there. It could be free, or it could be like Boingo Wireless, which is a paid service. You connect, and it seems like everything is fine.
What’s really going on is that the site looks real, but it’s actually a scam that a criminal runs from a laptop. He’s probably right next to you, and you don’t know he’s looking through your computer for banking, credit card, and other passwords. If it’s a fake pay site, he also gets your credit card information, which he’ll then sell to other thieves.
Big picture: There are fake Wi-Fi hot spots everywhere, and it can be hard to tell them apart from the real ones. A cybersecurity consultant named Brian Yoder says, “It pays well and is easy to do.” “Criminals copy the real website of a Wi-Fi provider like Verizon or AT&T and change it so that it sends your information to their laptop.”
Avoidance move: Make sure you aren’t set up to automatically connect to networks you don’t like. For PCs, go to the Control Panel and look for the Network and Sharing Center. Click the link for the Wi-Fi network you are using right now. A box with a tab called “General” should appear. Click on “Wireless Properties.” Then, uncheck the box next to “Connect automatically when this network is in range,” and click OK to turn on. For Macs, click the Wi-Fi button in the upper right corner, click “Open Network Preferences,” and then check “Ask to join new networks” and “Limit IP address tracking.”
Before you go on a trip, it’s also a good idea to buy a $20 Visa or MasterCard gift card so that you can buy Wi-Fi access at the airport without giving out your credit or debit card information. You can also set up an account ahead of time with companies at airports you’ll be going to. Set up your own hotspot if your cell phone plan lets you.
Also, and this is very important, don’t bank or shop online from public hotspots unless you know the network is safe. Look for “https” in the URL or a small padlock icon to the left of the URL in your browser. Lastly, keep an eye out for these signs that someone has broken into your computer.
3. Bogus contest scam
How it works: You get a direct message or a comment on a social media post telling you about a contest for a free iPad, a trip to Hawaii, or some other expensive prize. “Just click on the link to find out more,” says the message. The con artist will tell you that you need to pay a small fee, which they will call “taxes,” “shipping and handling charges,” or “processing fees,” in order to get your money.
What’s really going on: This online scam happens mostly on Twitter, but it can happen on any social media or networking site or even through email or text. If it happens over the phone, the caller will ask for your email address so they can send you a link to claim your prize. The link takes your money for the “prize,” steals your credit card information, and also downloads a “bot” that lets a hacker use your account to send spam emails.
Big picture: Scammers are using URL-shortening services, which let them make links that look like they could be real. When people can’t see the real URL, it’s easy for bad people to post links that are harmful. “Once you click on the link, you leave your device open to phishing or malware,” says Glassberg.
They also use your desire to get rich to their advantage. Even though it may be hard to pass up the chance to win a sweepstakes that could change your life, you should never wire money, send cash, or pay for your prize with gift cards or cryptocurrency. The FTC says, “Don’t do it.” “Con artists use these kinds of payments because it’s hard to figure out who got the money. And getting your money back is almost impossible.”
Avoidance strategy: It’s best not to click on links from people you don’t know, but if you’re really curious, do some research first. Check out their profile if someone contacts you on social media. You can also Google the name and phone number of the person or company to see what comes up. If any of the search results include the word “scam,” that’s all you need to know.
4. Scareware scam
How it works: A window pops up with a name like “Antivirus XP 2022” or “SecurityTool” that sounds like a real antivirus program. It says that your computer has been infected with a dangerous bug. You are asked to click on a link that will scan your computer. Of course, the scan finds a virus, and the company promises to clean up your computer for a fee, usually around $50.
When you click on the link, the fake company will install malware on your computer. As expected, there won’t be any cleaning up. But the thieves now have your credit card number, you’re out of money, and your computer is on life support.
Dave Marcus, director of security and research at McAfee Labs, a company that makes antivirus software, says that “scareware” affects more than a million users every day. He says, “This is a very clever trick, because people have been warned about computer viruses for 20 years.”
If you see a pop-up warning about a virus, close the window without clicking on any links and then run a full system scan with real antivirus software. Norton or McAfee are both good choices. In this case, it’s best to stick with well-known brands because the fakes are likely to infect your device. The real businesses will use clear, calm language, while scam sites will always have five alarms going off. Norton warns about pop-ups that use a lot of exclamation points, tell you to act quickly, and are hard to close. As a side note, this kind of urgency is common in other online scams, like some gift card scams.
5. Smishing cons
The way it works is that your bank or credit card company sends you a text message saying there’s a problem and you need to call them right away with some account information. They might tell you that your account has been hacked and that you need to act quickly to keep your money safe.
What’s really going on is that the “bank” is a con artist who wants your account information. If you do, you’re giving your credit card information to scammers who will charge you for things you didn’t buy.
The big picture: This is smishing, which stands for “SMS phishing” and is the text-message version of “phishing,” which is a very profitable email scam. “It’s easy to find cell phone numbers on the Dark Web, and sending smishing messages is much easier than sending phishing emails,” says Glassberg. “They are much shorter, don’t need to be formatted, and the attacker doesn’t have to worry about getting past spam filters and antivirus software.”
Also, since many banks and businesses use text messages to send alerts, this scam looks like it could be real.
Avoidance strategy: If you get a text message like this, the best thing to do is call your bank. “But don’t accidentally call your bank,” warns Steven J.J. Weisman, a well-known expert on scams, identity theft, and cybersecurity. “Some scammers buy phone numbers that look like those of real banks and credit card companies. They do this so they can get calls from consumers who may have accidentally called their bank or credit card company by mistake.” Watch out for these phone scams that can also take your money.
6. Con on charities
How it works: You get an email or a direct message on social media with a picture of an orphan from a developing country who is malnourished. “Please give whatever you can today,” the charity asks, and then asks for money. The email suggests sending a Western Union wire transfer and detailed personal information, like your address, Social Security number, and checking account information, to speed up relief efforts. This is for the kids!
What’s really going on is that the charity is a trick to get your money and banking information. Nothing you send goes to help people in need. Every penny you send goes to the person who is trying to scam you. Even worse, the scammer now has access to all your personal information. If you don’t act quickly, they’ll empty your bank accounts, charge up your credit cards, and maybe even steal your identity.
Hackers lure people into their traps by making fake personal, business, and charity accounts on social media. “They might use tricks like catfishing, fake deals and special offers, spoofed businesses, or taking over real accounts to spread malicious links,” says Glassberg. “Phishing attacks happen a lot on these sites because people aren’t as careful with messages on Facebook, Twitter, and LinkedIn as they are with emails. Also, the platforms don’t filter spam or look for links that could be harmful.
Avoidance move: Donate to real charities through their own websites instead of clicking on links in email solicitations. Real organizations that help people will accept donations by credit card or check, and they won’t ask for wire transfers, bank account information, or Social Security numbers. Donations by text message are fine as long as you check with the organization to make sure you have the right number.
Here’s what to do if someone steals your laptop.
7. Romance scam
How it works: You meet someone on a dating site, Facebook, in a chat room, or while playing a virtual game. You quickly become close because you share pictures and talk on the phone. Soon, it’s clear that you were meant to be together, but your true love lives in another country and needs money to get away from a cruel father, get medical care, or buy a plane ticket so you can finally be together.
The truth is that your new love is a con artist. There won’t be a teary hug at the airport, and there won’t be a happy ending. You’ll lose your money and maybe even your trust in people. You fell for a romance scam. It might be hard to admit it, but it’s true.
The big picture is that online social networking has given heartless con artists new ways to trick lonely people into fake friendships and relationships so they can steal their money. The FBI says that in 2021, a whopping 24,299 people reported romance scams, and the total amount of money they lost was more than $956 million. Only business email compromise (BEC) schemes and investment scams stole more money than these online scams.
Avoidance strategy: “It’s hard to be too paranoid on the Internet,” says Durst. “But don’t be frozen with fear—be smart.” Dating and social networking sites can be a great way to meet people, even from other countries. However, if someone you only know from the Internet asks you for money, you should quickly log off. It was never about love; it was always about what the con artist could do to get money from you.