While the internet can be a great place and it has done a lot of good, it also has its fair share of problems. There is misinformation of various forms online, there are predatory actors and hackers, and there is internet fraud. And all of it could be a threat to you, your business, or those close to you.
The good news is that you aren’t hopeless in this situation and there is plenty you can do to protect and prepare yourself. It might take some work and a bit of research, but give yourself some time and the methods some attention, and you will be just fine.
Here is what you need to know:
Facts About Internet Fraud
How bad is the problem, and what does the online landscape look like? Here are some facts about the state of cybercrime and internet fraud as it stands now:
- Internet fraud and other forms of cybercrime cost the world a total of $318 billion per year.
- Cybercriminals are usually not the lone hackers you read about on the internet or see in the movies. Instead, most cyber criminals work in collectives or as part of organized crime, where they might specialize and coordinate. It is estimated that there are 1900-2000 different cybercriminal organizations currently operating.
- Out of people that are contacted by a scammer, 50 percent engage with said scammer.
- People over 65+ are common targets for scams, given that they are usually the most vulnerable and the least likely to know about the common tricks.
- Phishing is perhaps the biggest problem in cybersecurity. About 90 percent of data breaches are a result of a phishing attack. And often hacking isn’t necessary. All it takes is a scammer convincing an employee to hand over sensitive information or access to an account.
- There are 83 Million fake Facebook accounts, many of them used in scams or for fake online dating. A large proportion of free dating profiles are also scams.
Types of Internet Fraud (and How to Protect Yourself)
To protect yourself from internet fraud, you need to have at least a partial understanding of how it works. There are common scams that cybercriminals use, and most of the problems you’ll encounter online will be a variation of one of these:
Greeting Card & Holiday Scams
Ever receive an odd happy birthday or holiday card online in your email from someone you haven’t heard of before or an email address with this massive string of letters and numbers? Most of the time these days they go directly to the spam folder, but occasionally one goes through. And they are usually part of a greeting card or holiday scam.
You may be invited to insert your information to receive a gift of some sort. Don’t do this, it is a variation of a phishing scam. You may be invited to click a link. This will lead to malware. The entire email could effectively be a link to malware. Whatever you do, don’t download anything from the email.
In any case, the best way to deal with this is to just ignore and delete the offending email. Don’t even open it if you know what it is right away.
Phishing scams are perhaps the most common type of scam online, and unfortunately, they are still effective. What is a phishing scam? It is when a scammer will present a false front in communication and attempt to gain data or get the recipient to click on a link as a result, leading to either identity theft, the installation of malware, or another similar consequence. It might just try to get people to insert their username and password into a false site so that the scammer can steal the account later. It’s a broad type of scam with lots of potential use cases for the scammer.
It is typically done by email, though in recent years the practice has extended to social media messages and other forms of online communication. Be wary of phishing in all your email inboxes.
To avoid phishing scams, never give information out if you are unsure as to the recipient. Use your better judgment when thinking about who is contacting you and why. Could there be another motive at play? Note that while you might think you’re being helpful with something, that’s often what scammers rely on. And you might get contacted by a hacked account, so be wary of even emails from people you supposedly trust if something seems off.
It is much easier to impersonate someone online than it is in real life. In real life, you need a change of wardrobe, likely plastic surgery, and a whole lot more. Online, the most you need is an account that could reasonably be someone else, a stolen profile photo, and a little bit of knowledge of someone’s contacts and interests.
Through all of this, you can still be vulnerable to fraud even if your information is not readily available. If a scammer has a way to contact you, they have a way to target you. Often the scammer will include a sense of urgency in the request so that you don’t have time to think about it. It might be for bail money, to pay off a dangerous debt, or to escape a travel plan gone awry. You need to keep a clear head.
You might also get contacted by someone’s hacked account. They will almost certainly not be acting normally, and you might just get sent a random link with little to no context. Ignore these contacts, and perhaps let your friend know their account has been compromised.
If someone doesn’t seem like they are themselves or they are asking for too much online, give them a call or see them in person (on a video call works as well). It’s unlikely that the scammer will be able to impersonate someone in that regard. You can also just ignore the request for the moment if you know that the person wouldn’t act that way.
In what is an especially nefarious tactic, some scammers and cybercriminals will impersonate cybersecurity professionals (or other people working in an official capacity) to trick people into handing over personal information. Ever seen an official message about how customer support will never ask someone for their password or certain types of information? This is why.
You might also commonly see this in the form of malware that will take your information hostage (ransomware) taking the form of a cybersecurity program. If you see something in your browser taking the form of a cybersecurity alert, be appropriately suspicious. If it pops up and doesn’t want to let you go, it is absolutely part of a scam.
Avoiding this type of scam comes down to trust and accountability. Is there a way you can verify the credentials of someone you are working with? Note that more complex scams will have a fake website up, so check if a trusted organization has reviewed or worked with them in the past.
Online Dating & Romance Scams
Ever since the advent of online dating (even before official sites came along), there have been various forms of romance scams. Even before the internet came along con artists were preying on lonely men and women to gain money.
It is pretty easy to fake a profile online, even with multiple photos of the same person. There is often an “unreal” sense of the profile, however, and it will likely not appear natural. The information in the profile will appear minimal or odd. After a while on dating apps, someone can usually pick out the scam profiles, or at least lump them in with the people they’d want to swipe left on anyway.
In most cases the fraud is obvious, or the fraud would be indistinguishable from someone else who has bad intentions. You can block and report such profiles on the site. And you’ll likely get matched with such profiles from time to time and not get much of a good response. Overall, these profiles are unavoidable but are best ignored.
Deeper into the scam or the “relationship,” be wary of anyone who asks for anything too quickly or is wary to meet up. Long distance relationships can easily be scams, so verifying identity through other means is incredibly important. If you have to pay to just meet up with someone (outside of normal date expenses), they aren’t worth your time. Similarly, don’t give away private information online to someone who asks through the mask of a dating profile.
You could encounter someone who just wants you to click a link to malware or get into a deeper relationship with you for more money. Be wary of both.
One of the most common scams is a site putting a product or service up for sale and the retailer failing to deliver. It isn’t particularly intelligent or glamorous, and it’s been done for millennia, but you should be aware of it online.
See if there is a way to verify that the online retailer is reputable. Make sure they aren’t trying to impersonate another website. Additionally, using a payment processor such as PayPal or even using a credit card is better than using something like a debit card or e-check online, unless you are absolutely certain you can trust the retailer. You can make chargebacks and file complaints, and eventually get your money back.
Lottery Fee Fraud
One of the most common schemes that can also take several different forms, lottery fee fraud essentially tells the intended victim that they won a lottery (that the victim never entered). However, to collect the prize, they have to pay a small (or large) fee. Have you ever heard of a legitimate lottery like that? Usually, you pay taxes after collecting your winnings. It could also be a prize for a large gift card or a luxury item. Scammers use whatever will get people’s attention.
The best way to avoid this type of scam is to simply not interact with it in any way in the first place. If you did not sign up for a lottery, you did not sign up for a lottery. Often scammers will invoke the names of Walmart, Amazon, your bank, or another common entity to think you entered. Lottery fee fraud is often one of the most dangerous and effective forms of fraud because of the effort put into the “you won” letters. This is not the case. You did not win. Ignore them and go on with your day.
Credit scams are common and profitable forms of fraud. Nearly all the time these come in the form of credit card scams as they are the most readily available sources of credit and they do not require nearly as much verification. And the amount of credit card information available online is astonishing, to the point where you can probably buy that information on the dark web for less than $10.
And this and the identity fraud statistics mentioned earlier mean that credit cards and the entire industry around them are wrapped in an online fog of fraud that is a lot harder to see through than most people think. And dealing with financial tasks isn’t the easiest thing in the world, to begin with, even when it is all legitimate.
What does all of this mean for you? It means that you need to be careful about what “deals” and offers you might find online.
It doesn’t help that a lot of credit offers online can feel like scams in the first place, but often the key is making sure you are working through official channels. Additionally, if an offer seems too good to be true, it is. It takes quite the credit score to get a credit card with a massive spending limit and a two percent interest rate. How would the hypothetical credit card company make any money?
If you are especially worried about falling victim to this type of fraud, always start out on a bank or lender’s official website. They may or may not engage in predatory lending practices, but they will not defraud you or scam you for your money or financial information like a cybercriminal would. And if you’re still nervous, go to the bank or loan office in person. Research is your friend.
There are plenty of worthy causes out there, and plenty of worthy organizations and non-profits that support and aid those causes. However, not every charity is worth your time and some are outright rooted in fraud. And we aren’t necessarily talking about the non-profits that spend too much on admin (though you should avoid those as well). We are just talking about straight scams that will pocket your charity money and run.
Alternatively, a group or website might be impersonating an otherwise worthy cause. You will want to be careful about the websites you visit and make sure you are on the proper and official site for the non-profit of your choice. There are plenty of resources to help you double-check this. And searching for your charity of choice instead of clicking on a link from some website will help you as well. It is much like the idea of asking to call a customer support line back if they call you to see if they are the real deal.
Be wary of anyone who aggressively solicits a donation online from you. Most legitimate charities will not act this way. Similarly, there are plenty of sites that can help you determine whether a charity is valid or not, and how well they allocate its funds. Charity Navigator is a great option, as it is Charity Watch. If a cause does not show up on something like this, then that should give you a heavy pause.
You may also want to avoid individual opportunities to give such as pages on GoFundMe and the like, unless you know the person directly and their circumstances. It’s hard to track what the recipient does with the money, and a lot can be fabricated online.
The Nigerian Prince
In truth, there are plenty of variations of this these days and it is a very small chance someone will contact you as a Nigerian Prince (it’s just become cliché at this point). They are filthy rich and are feeling very generous. The only problem is that they are having issues accessing their wealth. They just need a little help from you to deal with processing and administration fees. If they’re feeling bold, they’ll ask you for your personal information so they can set up an account in your name.
But someone may try to come to you with a similar type of opportunity or plea. Ignore it. Why would a Nigerian Prince contact you of all people? And aren’t there agencies and lawyers that could help out with their problem that would be vastly more qualified? The entire issue just breaks apart with a bit of thought.
The original example is absurd, but the variations might still be dangerous. You might get a bit more realistic of a sob story in an email, pretending to be in dire straights now but need just a little help to get back on their feet and ready to pay you back in turn. The documents and evidence they provide might look convincing. Don’t fall for it.
Additional Types of Fraud
Naturally, these are not the only forms of fraud that are used by criminals. If there is a system in place, there is probably a way someone is trying to use it for fraud. If there is trust to be taken advantage of, someone is trying. And as new technologies and apps make their way to the market, you will find that there is going to be a scam on them or using their name in some way.
You will also see the classics replicated online. Don’t try to buy a public bridge online. Similarly, be careful of gambling online. It’s often poorly regulated at best, and often illegal. If someone tries a scheme on the street, there’s probably a digital version of it. Loan sharks of various forms exist online, and that’s without mentioning what types of shenanigans you can get into on the darknet.
Just keep your eyes on the news occasionally and stay aware of new developments in technology and you will be just fine. It doesn’t need to be a full-time job.
Best Cybersecurity Practices
While internet fraud is mostly about social engineering and making sure you aren’t tricked or scammed, you need a framework of best cybersecurity practices to start with. These strategies can help you protect yourself from hackers getting ahold of your information or putting you in another bad position:
- Start by making sure you have a security program installed and that it is regularly updated. It does not need to be the absolute best-paid program in the business, but it does need to be reputable and from a company that supports its product.
- Make sure your passwords are in order. Try not to use the same password for multiple sites, and make sure that it is long and complex enough to not be brute-forced. Change them regularly. If this seems like a lot of work, then you might want to use a password manager to handle things for you. That way you only need to have
- If you are a member of an organization, note that you are affected by the weakest link in your organization. While you may or may not have the power to change things, note that a simple talk with your management or executive could prevent an attack or scam going through that costs your workplace millions of dollars. The more sensitive information your business works with, the more important cybersecurity is.
- Public networks are a menace to your cybersecurity without additional security. In these instances, we recommend a VPN, which will hide your IP address and give you an encrypted connection. Make sure you use a premium option and that you actually use it. It might slow down your connection in some cases, but the safety is worth it.
Internet Fraud in the Future
Perhaps the one thing we can say is that internet fraud is somewhat unpredictable in its exact methods. There are common scams and traps, for sure, but they will come up in different ways and be a nuisance for people to keep track of. Dealing with the unexpected is when you are most likely to fall victim to these scams. Use your common sense at all times.
For instance, we might see a lot more scams involving NFTs, the blockchain, and cryptocurrency, all being things that people are interested in but often don’t understand. Some might say they are all a scam, to begin with, but there are degrees of concern to be had here.
One other worrying technology when it comes to internet fraud is the advancement of chatbots and artificial intelligence. Currently, there usually needs to be someone actively working on a scam for it to really work or for the scam to be personalized. Most people otherwise ignore the endless spam and attempts that come their way. But what if the scams were more intelligently designed, and able to go several steps further than what people are used to? This could mean that usual defenses and strategies will not work so well, and we will need to rethink cybersecurity and anti-fraud measures.
Whatever the case, we must hope to be prepared for whatever comes our way.
One Last Checklist for Today
Don’t know where to start? Go over the following points and make sure that you do each one as soon as possible:
- Install proper cybersecurity software on your computer and learn about proper cybersecurity protocol.
- Change your passwords and privacy settings to your satisfaction. The defaults might not be private enough for you.
- Learn about the different types of internet fraud. Make sure to review new tactics and variations on them.
- Start having the practice of not keeping your main email address and phone number available to the public. If you need to have contact information for professional reasons, keep a professional email address.
- Perform a Google search on yourself to find out what information is publicly available.
- Go back and see if you have been contacted by any scammers or compromised accounts. It might be wise to think about how they got ahold of your contact information, to prevent future nuisances. It’s unlikely you can do much, but prevention is key.
- Start getting into the practice of thinking critically about online communications. Not only will it help you avoid scams, but it will help you communicate better with those around you.
- Try to take note of any instructions sites give or warnings or scams that are going on in groups you are a part of. Scammers will usually try the same trick on many people to maximize returns. Effective scams are found out and reported on quickly.
Cybercrime, fraud, and other illegal activities online are not going away anytime soon. However, with some preparation and regular education on the topic, you can protect yourself from the worst of it and avoid having to deal with issues down the line such as identity theft. We hope that this information has served you well and that you aren’t panicking about the state of the internet. These issues will always be with us, but they don’t have to ruin your life. Stay safe and have a great time online.