One minute you’re just checking your email, shopping online or applying for a new job. Then almost instantly, your bank account has been drained or someone just applied for a loan in your name.
This might sound ridiculous at first, but if you’ve covered online scams as long as I have, then you know just how dangerous they can be.
When it comes to staying safe online, it’s not just dangerous malware or malicious apps you have to look out for. Instead, even what seems like a harmless email or message can quickly turn into a security nightmare if you don’t know what to look for.
Although scammers are constantly switching up their tactics and coming up with new ways to trick people into handing over their personal or financial information, there are plenty of red flags to let you know you’re dealing with an online scam. From misspelled websites and poor grammar to blank subject lines and shortened links, there are a few telltale signs that something is amiss.
What’s more, if a scam works and works well, other cybercriminals will follow suit and copy the tactics of another scammer in their own malicious campaigns. This is why, even as online scams constantly evolve, certain dead giveaways persist, revealing that someone or something isn’t what they’re claiming to be online.
I’ve been covering cybersecurity for over a decade and during that time, I’ve written about all sorts of different scams. While some are more complex than others, all it takes is letting your emotions get the best of you, or acting rashly, to put yourself in a tight spot where both your data and your hard-earned cash are at risk.
Here are 7 of the most common online scams right now along with some tips and tricks to help you spot them before it’s too late.
Phishing scams
While it’s definitely one of the most common scams, people still fall for phishing attacks all the time. As the name suggests, with this type of scam, cybercriminals are fishing for your personal or financial data. Just like a fisherman, they use very convincing bait to trick you into responding or clicking on malicious links in their messages that can take you to sites spreading malware.
In recent years, phishing scams have also evolved beyond email and now, in addition to phishing emails, SMS text messages (smishing) and even voice messages (vishing) are used to achieve the same thing. And then there’s spear phishing which is another term for targeted phishing attacks that use messages tailored to a specific situation or experience to go after particular individuals as opposed to large groups of people.
One of the most critical red flags in phishing scams — and truly, in most online scams on this list — is a manufactured sense of urgency. Cybercriminals frequently include language to make their demands seem time-sensitive. For example, they might pressure you to act within 24 hours to avoid losing access to a popular service or online account.
Verification scams
Proving that you’re actually human (and not a bot) is something we’ve all encountered online and have gotten used to over the years. However, cybercriminals have started using this familiarity with online verification in their scams and with alarming success.
If you’ve ever had to pick out which images contain a picture of a bicycle or a car before being allowed to enter a website, then you’ve completed a reCAPTCHA before. Unlike the squiggly letters we had to type out before with a traditional CAPTCHA, this new form of online verification is more complex and harder for a bot to grasp.
Now that most of us are used to performing a verification check when visiting certain sites online, hackers are exploiting this familiarity for their own gain. In this scam, after checking a box to verify that you are in fact human, a text prompt will appear with instructions for you to follow.
They ask you to open a command prompt by pressing the Windows Key + R and then to paste malicious code that was secretly copied to your clipboard before running it on your computer. If you follow these instructions to the letter, instead of being verified, you’ll end up infecting your own devices with malware. When in doubt, navigate away as quickly as you can.
Impersonation scams
You’re more likely to believe and go along with what someone says if they’re in a position of authority and this is how impersonation scams work. By pretending to be someone they’re not, scammers are more likely to convince their potential victims to give up information or to do things they normally wouldn’t.
From your boss to tech support to an IRS agent or someone from the Social Security Administration, scammers will claim to be important people or government officials to quickly con their victims. They may try to coerce you into handing over sensitive personal or financial information to rectify a particular situation. Remember that bit about a manufactured sense of urgency? That tactic is often employed in this type of scam.
One thing you definitely want to look out for is anyone asking you to pay them via gift cards or cryptocurrency. Both are extremely hard to trace which makes recovering your now stolen money highly unlikely.
When it comes to the IRS or Social Security, government agencies won’t typically call you on the phone or send you an email. Instead, they like to do things the old-fashioned way by sending you a letter in the mail.
If you think you might be dealing with an impersonation scam, it’s always a good idea to try and reach out to the actual person scammers are pretending to be through an alternative channel like over the phone to determine whether or not you’re dealing with a scam. However, if they’re asking for payment and need it quickly, you most likely are.
Job offer scams
If something seems too good to be true like an incredibly high starting salary for an entry level position, it probably is, and that’s the main hook with job offer scams. However, the scammers behind them don’t always start with a red flag like this right from the outset.
Recruiters are always looking for new people to fill open positions but they will rarely reach out to you directly, unless it's on a platform like LinkedIn or Indeed. One of the key tactics used in job scams is unsolicited job offers that arrive either by email or via text. If you get a job offer on a social media platform like WhatsApp or Telegram, more often than not, this is a clear sign you’re dealing with a job offer scam.
Other things to look out for include vague job descriptions that don’t tell you much or anything about the role you’re applying for or the company you’re considering working at. Just like with phishing messages, you also want to pay close attention to spelling and grammar mistakes as these can indicate that a job posting or offer is a scam.
One final thing to watch out for is requests for personal information or payment early on in the application process. No reputable company would ever do either of these things which indicates that the position you’re applying for likely isn’t a real one.
Holiday scams
The holidays are often a hectic time of year and cybercriminals will play on this in their scams. From deals on popular gifts that are too good to be true to all sorts of different delivery scams, letting your guard down online is an easy way to end up as the victim of a scam and ruin the holidays.
With so much of our holiday shopping now done online, delivery scams are quite common and easy to fall for. For instance, if you ordered a lot of gifts online, say over Black Friday, you might not think twice about a text message saying that one of your orders has been delayed. However, these messages often include malicious links that will take you to phishing sites or a number to call where the scammers on the other end will try to coax personal or financial information out of you.
Gift card scams are also more prevalent during the holiday season. They might arrive as a text message impersonating a family member, friend or co-worker in which you’re asked to purchase gift cards for them. This is a very easy way for scammers to trick you into handing over your hard-earned cash leaving you with nothing in return.
Social media is another place where holiday scams are out in full force. You might see a post or even a malicious ad offering steep discounts on popular gifts or even gift cards after you complete a survey or visit a specific site. However, this can put you at great risk as once again, scammers are trying to get you to provide sensitive personal or financial information in exchange for what they’re offering. If you do so, you could end up with nothing or worse, you might even become a victim of identity theft.
Donation scams
Besides shopping-related scams, you’ll often find donation or charity scams being promoted on social media where instead of going to those in need, your donation ends up in the hands of scammers.
Cybercriminals are great at impersonating popular brands and compared to doing so, setting up a fake charity is easy work. From fake sites to social media profiles, there’s quite a lot that scammers can do to make you think their charity or fundraiser is legitimate.
You might get contacted about a charity scam via email, text or through a message on social media. Another way that scammers add legitimacy to their fake charities is by referencing well-known organizations like the Red Cross. If you dig a bit deeper in these messages, chances are you’ll find discrepancies in them or perhaps even spelling and grammar errors.
A sense of urgency is also used here to get you to donate as fast as possible. Then when it comes time to actually donate, instead of official payment methods, the scammers might have you send donations using untraceable methods like via cash or a scammer’s favorite, gift cards.
You may even also get an emotional telephone call designed to pressure you into donating immediately. Donation scams also often spring up after a major natural disaster or other terrible event where the actual victims will need money to rebuild. Unfortunately, your donations will never reach their intended destination and you won’t be able to write them off in your taxes either.
Romance scams
Tricking someone into thinking you’re in love with them takes a bit more effort than some other scams, but the payoff can be huge. Plus, now with online dating being so popular, more and more people looking for love are falling victim to romance scams.
In the same way as charity scams, the cybercriminals behind romance scams go to great lengths to craft convincing fake profiles, often using stolen photos. However, instead of just getting catfished, you’re getting tricked out of your hard-earned cash too.
Financially, romance scams often start with small requests but quickly evolve. For instance, a scammer might ask for some money to deal with an emergency and then request even more to come meet a potential victim in person. Likewise, romance scammers may even try to convince you to agree to an investment opportunity in a business or to buy the latest cryptocurrency before it becomes really popular.
One thing that makes romance scams even more dangerous is that the cybercriminals behind them will often try to isolate their victims. As a result, instead of spending time with friends and family members, a victim might end up texting or even video chatting (with the help of AI) the scammer for hours each day.
How to stay safe from online scams
When it comes to protecting yourself from online scams, the first and most important thing you should do is to be skeptical in regard to unsolicited requests. Whether it’s a job offer or someone you know asking for help in an emergency, you can never be too careful.
You should also be cautious as to how much personal information you share online and this goes for your responses to emails and messages too. Keep in mind, you don’t have to respond to every email or message you receive, nor do you have to answer calls from unknown numbers.
Many online scams can end with you coming down with a nasty malware infection, so it’s essential you keep your devices protected as well. As such, you want to make sure that you’re using the best antivirus software on your Windows PC, the best Mac antivirus software on your Apple computer and one of the best Android antivirus apps on your Android smartphone. For even greater protection and help recovering any funds lost to scams, you may also want to consider signing up for one of the best identity theft protection services.
Most importantly, you want to educate yourself on common scams so you can know what to look out for. Reading this article all the way through and taking my advice to heart is a great first step. However, as online scams change and evolve, you want to keep learning about new ones and the latest tactics used by cybercriminals and scammers.
Finally, don’t keep this knowledge to yourself. Instead, make sure that you share what you’ve learned with others, especially younger and older family members who are the most at risk of falling victim to an online scam.
More from Tom's Guide
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.
