It’s no secret that as the internet continues to evolve, so do its common scams. The FBI released a statement that within the last few years there has been a record $3.5 billion in losses due to internet scams. Hackers and scammers around the world are constantly “on”, looking for the next device and account to gain access to. They could even be targeting a computer or mobile device near you right now.
Here’s a look at the most common internet scams, how to spot them, and how to keep yourself and your sensitive information safe and secure. In the meantime, you can install our Chrome Extension to receive instant alerts about potential scams and threats heading your way. The best way to stay protected is to stay proactive in making sure you’re covered from all angles.
Phishing is one of the most common scams and cyberthreats, yet it continues to be effective in that it successfully tricks people into clicking on malicious links, opening dangerous files, or providing their personal information. “Phishers” take on a persona of someone who should seemingly be trustworthy- someone from the post office, a colleague, someone from Amazon – with the hopes that you’ll click on the links within the email, text message, or other messaging apps (Facebook Messenger, WhatsApp, etc.). Keep in mind though that 96% of phishing attacks are sent via email.
One of the most important ways to identify a phishing attempt is to review the entire message in its entirety, more than once. Doing this will help you spot things like spelling and grammar mistakes. If you aren’t positive but think that the email is suspicious, you should always check the sender’s email address. For instance, if someone from Microsoft is emailing you with regard to your account, it makes sense if the email address is email@example.com. But if the email address is firstname.lastname@example.org you can take an educated guess that this is not the email address Microsoft would be using. And that goes for any email that seems suspicious. In addition, a lot of companies will have it written in their policies, or let you know when you’ve registered to their service, that they’ll never ask for your password or personal information via email.
If you are being asked to click on a link within a suspicious email, you can hover your mouse over the link and see the full URL displayed in the bottom left-hand corner, and be able to understand if they’re sending you to a legitimate website or a scam website.
Fake Shopping Websites & Formjacking
There are thousands upon thousands of fake websites offering great deals and sales on well-known, popular brands. They typically have URLs similar to the brands or websites they’re trying to copy, like ‘Walmrt.com’ instead of Walmart.com and ‘Amaz0n.net’ instead of Amazon.com. If you order something from one of these websites you’ll probably receive a counterfeit item or nothing at all, and they just gained access to your payment details.
Formjacking is a cyberthreat created to steal credit card information. This happens when a legitimate, popular e-commerce website is hacked – without their knowledge – and cybercriminals redirect the checkout and payment pages to different URLs that look almost identical to the brand you want to order from. Then they steal your information. While these specific situations can be difficult to identify, get into the practice of double checking the URL of checkout pages and look for anything that seems off- like an additional letter, random number, etc.
Fake Antivirus Software
You’ve probably come across ads before telling you there’s a virus detected on your device. These fake antivirus software ads and pop-ups want you to believe that your computer is infected with viruses and that these viruses can be removed, and the problem resolved, if you simply download their software. If you click and download the software, they gain access to your entire computer, all of the information that’s saved on it, and your computer will most likely now have a virus, malware, or ransomware.
Something helpful to know when it comes to staying secure online is that if anything is requiring you to take immediate action, or you’re having trouble closing a pop-up, it’s most likely coming from a cybercriminal.
Make Money Quickly
We would all like to be able to make easy money quickly, and cybercriminals use that to get the attention of unsuspecting people. These scams tend to claim that you can make a week’s worth of salary in just a few hours, in just a few clicks, to get your attention and your hopes up. You’re then asked to provide your personal information and financial information, which is of course sensitive by nature.
While being able to make money quickly and fast from your computer is a nice thought, it’s unlikely that the offer is ever real. If they’re making claims that there’s no skill involved, that you can set your own schedule or that you need to put a down payment to get started, chances are you are being scammed.
Phone Scams aka: Grandparent Scams
It’s up to us to help our loved ones stay safe online. They might not be able to quickly identify when something is legit or actually a scam. Phone scams, which are quickly changing to ‘Grandparent Scams’, occur when a scammer poses as a panicked child or grandchild who needs financial support right away due to an emergency. AARP says that grandparents scams are on the rise, with nearly $41 million in reported losses during 2018.
You can avoid falling for these types of family emergency scams if you
- Resist the urge to act immediately
- Ask the caller to verify their identity by asking questions a stranger wouldn’t be able to answer
- Confirm the story with other members of your family or friends
If anyone is asking you for your bank or personal information, you can assume you are being scammed. You will never be asked by a legitimate organization or company to provide such sensitive material over the internet. When you are in a position where you’re making a payment online, it never hurts to double, and triple check URLs, forms, and providers.
If you think that you have been scammed, change all of your passwords and remove any software you downloaded. Contact your credit card company, your bank, and turn on two-factor authentication across all of your accounts.