Internet scams have been around nearly as long as people have been working and playing online, even when people's connections couldn't do much more than slowly load a picture and some email text at the same time. Even then, people would try to get money from supposed relatives, trick people into thinking an emergency has taken place, steal social security numbers, or take advantage of someone's generosity.
All the above scams still exist, but there are also new contenders to deal with alongside the old scams wearing new faces. To stay safe, you should make yourself aware of these scams, teach yourself how to pick them out without a second thought, and learn general good practices when operating with other people online, whether you think you know them already or not.
While the following list and tips aren't comprehensive by any measure, they do represent the most common problems and scams you might find online in 2023.
For as long as the internet has existed in a public capacity, there has been some form of phishing scam. Even before the internet, the same tactics were used over the phone, and more phishing emails are sent out each day than you can imagine. The good news is that email and messaging spam filters keep most of them out. They are not foolproof, however, and if a scammer gets ahold of a more direct emailing list, they might try to use it a few times before eventually getting caught.
This means that you need to know more about them and not just rely on the tech giants to keep you safe. To start with, they might come in one of the following forms:
- Your boss (or rather someone impersonating your boss) needs access to something or the password to an online account. And they need it right away. If they are audacious, they might try to get you to send some gift cards to an email address you have not heard of.
- Your family member is trying to log into your shared Netflix or streaming account and needs the password and login information again. Strangely, they decided to email you instead of call or text.
- Someone claiming they are a past friend or someone you previously have met (but you shockingly don't remember) sends you an email stating that they are in a bad spot or an emergency, and thus need money.
- You get an email from Facebook stating that your account has been compromised or automatically logged out of, and you need to log in once again after clicking this link. The branding on the email does look a tad off, however, and you noticed a spelling error.
- A common variation of this is that you must update your payment details in some manner.
- You have gotten a free coupon for a complimentary product of your choice. Just input some information here so they can get it to you.
- Alternatively, you won a contest! Input your details here so they can send you the prize.
- Your login or account is about to expire, so you need to click this link soon and input your login information. Although the site is not exactly how you remember it.
- Someone is threatening legal action against you (for one of a dozen reasons) unless you send them information or money for the "next step" of the process.
- A tech support agent from your company or one of the companies or services you work with asks for some information to fix a problem on their end.
- Alternatively, a scammer tries to take advantage of your existing technical difficulties.
And this is only the tip of the iceberg. In truth, there are many more types of phishing scams and variations of them than could be reasonably listed. It is far more important to understand general patterns and trends among them than to memorize every kind.
To protect yourself from a wide range of phishing scams, do the following:
- Never provide passwords over email or messaging, if possible. If your boss requests access, use either a password manager program to share the password (this can often be reversed) or simply call them and provide them with the information that way. If there is a complete reluctance to provide evidence of identity, you should be suspicious.
- Looking at the details will often allow you to see through "official" emails. Don't just skim over requests and blindly follow instructions online.
- Use multi-factor authentication whenever possible. A scammer might be able to get your login details, but getting those for your phone as well is a much more difficult task.
- Immediately discard anything from a company or body you do not have a relationship with if they are immediately asking for information. If you think about it, how did they get access to your email in the first place?
- Remember that tech support likely doesn't need your password to operate properly and can almost certainly change things on the back end. They might need some form of verification, such as your birthday, to make sure they are not the ones being scammed, however.
- Kaspersky protects you from risks to your privacy and virus attacks. You get protection against dangerous apps, along with a ton of other security and performance features.
Essentially, most of what we ask you to do is to logically think through the communication you are getting. If something is so urgent, official, or important, why is it being sent over email, which is unreliable where cold contact is concerned? Is the information or money requested necessary, and is it truly the best way to solve their supposed problems? Some of the better scammers will think these questions through, but eventually, all of their stories will have holes in them.
This year has been a troubling one for many. While there has been an outpouring of support from those who can donate monetarily, there are also those who would take advantage of the situation, setting up fake charities and scams designed to take advantage of people's generosity. Not only do these scammers steal from you, but they are also effectively stealing from the reputable organization you would otherwise donate to.
A charity scam could look like any other charity or funding page, except that the intentions on the other end of the computer screen aren't good. It can be difficult to screen out bad actors unless you are a professional in the field, but as a rule, the more transparency, the better. An organization with an address or a much more official infrastructure is much less likely to be a scam.
Also, while charity scams will come in any form, be less trusting of links and organizations that seem to revolve around an ongoing crisis or recent tragedy. It is easier for people to believe an organization has been formed recently, and people are more likely to react emotionally. Quite often, scammers will use this fact and try to duplicate organizations trying to do actual good.
To protect yourself, do the following:
- Research any organization that is asking you for donations. Not only will this help you avoid scams, but you will also be able to learn more about the issues you care about and how to get the best value for your money.
- Try to avoid donating directly to individuals unless you can be sure beyond the shadow of a doubt that their case is real. Instead, donate to an organization that would hopefully alleviate the general problem. Even if you think you know the person, it is better not to get taken advantage of by them.
- Often links posted on forums or social media can lead to a false charity, so do some more direct searches yourself, even if they lead to the same organization. Scams usually don't make the first page of Google searches.
- Use sites that will research and verify reputable charities such as Charity Navigator or Charity Watch.
This is less of an online-exclusive scam, but instead a much older scam with an online component or twist. You will likely see an ad or hear about a way online to make money quickly. Some will look more professional; others will try to be more personable. All follow the same script of luring you in, taking your money, and then vanishing.
To protect yourself from investment scams online, you should be doing the following:
- Never provide your financial information or give money to anyone online unless you can be absolutely sure they are a reputable company or advisor. Look for (but don't rely on) easily found materials on the organization as well as reviews and non-fraudulent write-ups. What legitimate financial institution doesn't like good publicity, or at least an ability to market themselves.
- You can also likely figure out that a firm or individual is no good if there are negative write-ups about them.
- An easy way to learn about potential investment advisors is Broker Check by FINRA. If they do not show up on it, that's a reason for concern.
- Use common sense when reading or listening to claims made online. If there's a method that can provide a 20% yearly ROI (or often much higher, according to the scammers), why isn't everyone doing it? Why aren't professional Wall Street investors spending hundreds of hours and millions of dollars investigating them? While there are hot tips and good breaks, there is no such thing as a risk-free lunch with investing.
- If someone is trying to rush you to make a decision, it is a bad sign.
Payment App Scams
This is a relative newcomer given the more recent uptick in Venmo, Zelle, and CashApp (among others) usage by the average person. You may receive a text or other form of communication on or relating to the platform, asking for money or saying there was a technical issue and that you either need to send more money or provide some personal information "again."
Quite often, the texts or messaging you get from "Venmo" (or another app) or a user will be carefully designed to look like it's from the official company, perhaps using similar brand names or URLs (common tactics for other types of scams). They also will not wait long to try and get your information or money.
To prevent yourself from falling for this scam:
- Question any message on such a platform that comes out of the blue.
- Take some time to learn precisely what official messaging should look like. Identifying official emails correctly will not only be a skill helpful at avoiding payment app scams, but also many types of phishing scams.
- Check any claims you have against records. If you don't have records, now is a great time to start keeping them, which is easy thanks to modern software and apps.
- Since they are a newer scam, all of the main methods scammers might use in the future likely haven't been tried out yet. As a rule, if you feel suspicious, wait a bit, and find a way to confirm outside of the application.
- While it may cost a bit of money to do so, consider using a credit card on your app of choice. It's far easier to reverse a fraudulent charge, and many credit card companies will be happy to help you through the crisis.
Tax, IRS, and Social Security Impersonation Scams
These are more common by phone, but you have almost certainly received a random call from a robotic voice claiming to be the IRS or Social Security Administration. Often preying on the elderly and disabled, these scams mostly attempt to scare the victim into parting with either money or information to solve a completely invented problem.
These are especially terrible scams, so avoid them with the following methods:
- Remember that the only way you should expect the IRS to contact you is through the mail. Likewise, Social Security is going to try and contact you through the most official channels possible.
- There might be some rather personal information involved with the scam. Do not fall for it and realize that these scammers have managed to find details on you before.
- The IRS should not be hostile or threatening to you when they make contact. They will not insult you. Calling law enforcement is not the first play in their book. They will not demand immediate payment, and they generally will be willing to work with you. Effectively, be suspicious of any false sense of urgency.
- The method of payment asked for should not be the least bit suspicious. Could you imagine the actual IRS taking payments via pre-paid credit cards?
Job or Hiring Scams
What is something that naturally requires you to submit more information than you'd normally be comfortable with to an organization or person you don't know very well? A job application would be near the top of most people's lists, and because of that, scammers have taken advantage of the possibility and have posted fake job ads for a long time.
You may see them asking for information at the start of the application process, often rather boldly, or you may see that you've been selected for an additional round of the process or screening, where you'll need to put in your information for further consideration or background checking.
How to avoid falling victim to this type of scam:
- Don't immediately provide information on any kind of application until you know it is entirely legitimate. There should be worthwhile contact info on the posting.
- Verify as much as possible that the position exists and that there is a proper application process. If it's a random listing on Craigslist and nowhere else, you should be suspicious of it, if not outright ignore it.
- If there doesn't seem to be much of a hiring process beyond "give us your information, and we'll get back to you," either it's a scam, or it's not necessarily a reliable job in the first place.
- If you have to pay to apply, it's probably not a legitimate employer.
- Remember that while an employer can ask for references, so can you.
- Most legitimate job listings aren't ways to "get rich quick."
Cybersecurity or Malware Scams
This is often done in conjunction with a piece of malware that has been installed on your device. It can perhaps be viewed as a more advanced version of the ransomware industry that has unfortunately been around for a long time and thriving.
If it comes in the form of a program installed on your computer, you have a bit more to worry about, as you might be dealing with ransomware. This is more difficult to do remotely (though entirely possible), and you might need to boot your computer in safe mode, find the offending program, and uninstall it (forcefully, if you have to). If there are still issues, you should either consult more in-depth resources or expert help.
If it's not a piece of malware at first, the scam likely involves a "cybersecurity" site telling you there's a new scam or problem online, and they have the solution (for an exorbitant cost).
To protect yourself from this type of scam:
- If you ever feel like your computer is being held hostage, never pay what the potential scammer wants. Nothing is stopping them from asking you to pay more in the future.
- Often you might get connected to a "tech support specialist" over the phone who might ask for information. Do not fall for it.
- A lot of these scams start on shady websites. Avoid these websites, and whatever you do, do not download any tools or programs from them. They might try to halt your exit or trick you into clicking on a link. Exit as soon as you notice you are on one.
- Take advantage of VPNs. VPNs are used to guard against eavesdropping, interruption, and restriction of private web traffic. ExpressVPN has a proxy feature that enables you to access the internet anonymously from any location.
Have you ever met anyone on a dating site that just seemed too good to be true? They have super attractive profile photos, are just a bit too far away from you to visit easily, and just seem to have money problems continually? If so, it is quite possible they were or are trying to pull a variation of a romance scam on you.
There are variations for every online app, especially the free ones (scammers and overhead costs do not usually get along, but don't let that lull you into a false sense of security). However, they all boil down to the scammer trying to build a "relationship" with you to the point where you feel ok sending them money. And then more money, until you refuse or get onto them, in which case they vanish.
You can protect your wallet and your heart by doing the following:
- While some degree of trust is required for online dating, get as much verification as possible before interacting further with a person. While some people naturally enjoy their privacy, some information needs to be put forward.
- Never send money to someone you have met on an online dating site if you have not met them in person. Even if you want to make the usually unwise move of paying for a relative stranger you met online to see you, buy the ticket directly. If you do that, you might notice some changes in behavior. If you want to send a gift, do not expect to see anything back.
- Always put your safety first when you might meet someone in person, and have a backup plan. This is important both for general dating safety and for avoiding scams.
- Try to stay somewhat private online. Some of the cleverer scammers might try to research their marks beforehand. It may seem like you have so much in common they have to be your soulmate when in reality, they just have scoured your online profiles for surface interests and your base personality.
Always Be on the Lookout for New Tactics
Cybercriminals and scammers are going to do everything they can to separate people like yourself from their hard-earned money, and that also means that you will need to keep up with them. While you shouldn't scour the internet in fear every day for the next new scam, you should also recognize that your current knowledge and instincts are not infallible. Eventually, with the coming of new apps, technology, and social norms, there will be new ways others try to trick you.
If you're short on time, checking an article much like this one every few months should be enough to keep you and the people close to you safe, so long as you don't get complacent and stop being vigilant in your day to day life.
What to Do If You Fall Victim to a Scam
As hard as you might try to keep yourself safe, the odds are that most of us will fall victim to a scam or two in our lifetimes. However, there is no need to immediately panic, as it is possible to recover and protect yourself from future problems (and panicking will do nothing to help you). If you're worried you may have fallen victim to a scam or know it for a fact, you should do the following:
- Act quickly. Waiting or sleeping on what to do will only make it worse and make your assets or identity less recoverable in the long run. This is an emergency, and you should treat it as such.
- Start protecting your other assets and information. Put freezes on your credit cards, general credit, and accounts where possible, and change passwords and security questions immediately, even if you think there's little connection. The last thing you need is for the problem to escalate.
- Although it might sting your pride, you might wish to contact those close to you about the scam. The scammer might try to use your information to impersonate you in the future, scamming them. How urgent this is may depend on how you were scammed.
- Look for additional resources on the type of scam you are dealing with. While this article should help you avoid online scams in general, there will be a more detailed resource about the specific type of scam you will be dealing with. If you are lucky, you might even be able to recognize the exact names and methods involved, making your response perfect.
- After you have done everything you can immediately monitor the situation regularly, and be especially careful of changes to your credit, online accounts, or bank accounts.
- Report the scam to the authorities, as well as the proper channel on whichever site or service you were scammed on. They have a vested interest in minimizing the number of times these things happen, and you might help make sure the scammers do not keep getting away with it.
- As to where to report the scam, it will vary depending on the type of scam and the country/region you live in. However, a quick search will easily point you in the right direction. Just note that there are usually specialized offices for cybercrimes and online fraud that can provide more direct help than your local police department (although if you think notifying them would be relevant, do so)
- Install anti-virus software like Malwarebytes that can shield you from common dangers on your desktop and in your browser in real time. In addition, if you're concerned that you've recently acquired a virus, you can perform scans as needed.
There may be additional steps to take dependent on other circumstances, so please do not take this list as a complete checklist. Instead, think about whether the type of scam you were dealing with would have any additional consequences or facets to deal with.
Scams are destructive, harmful to the internet, and generally infuriating. Yet wishing they would simply disappear will not make it so, which means that you need to start working on the next best thing: taking every precaution you can, educating yourself further on the topic, and developing a sense of street smarts on the information superhighway. It will not always be easy, and you might make a mistake or two along the way, but this is ok as long as you keep learning. We hope that you stay safe and continue to think critically in the future.