As long as the internet has existed, there have been unscrupulous people trying to use it to scam the unsuspecting out of their hard earned money. Even savvy computer users can find themselves the victim of a well-written or well-programmed scam. Here are some of the most common internet scams and what the average user can do to avoid them.
1. Phishing Scams
Users can do nearly everything on the internet, from planning a trip to buying groceries, which means there’s an account for almost everything. Many of these accounts have credit card, Social Security and other private information attached to them, which makes them prime targets for scammers. A phishing email may look like any other a website might send, but instead of linking back to the correct place, it will send users to a cloned site designed to steal their information.
The easiest way to avoid this scam is to look at the sending address and the body of the email. The sending address can often identify legitimate emails — one from PayPal would come from @paypal.com, not from @paypal.org. The body of the email is often telling as well. Scammers might have a person’s email address but no other information, so the content will say “Dear User” instead of correct name. Most sites have an email address where users can forward suspected phishing emails for further investigation.
2. Tax Scams
It’s tax season again, which means it’s also tax scam season. Users will receive emails or even phone calls from someone claiming to work for the IRS. These messages threaten fines and legal action unless the user pays a certain amount of money to make the problem go away.
It’s important to remember that if there is a problem with someone’s taxes, the IRS will contact them directly via traditional mail. The department might have a bad reputation, but it doesn’t call or email people to threaten them into paying, and it never demands personal information or payment over the phone or via email. Anyone who receives one of these scam messages should report it directly to the IRS so they can investigate it. Check this deep review on IRS criminal investigations form CrushTheCPA.
3. Extortion/Blackmail Scams
These messages claim to have something that could cause embarrassment or legal trouble for the user. A recent trend highlights this — sextortion emails claim someone has recorded the user watching pornography and they need to pay a large amount of money to prevent the video from being sent to friends and family.
The best way to avoid these scams is to ignore them. They’re designed to scare the recipients into paying, and some even have the user’s password attached. If this is the case, change the password and continue ignoring the emails. If the scammers send proof — pictures of the user, for example — then report the email to the local authorities and the FBI.
4. Account Security Scams
Emails letting users know there is a problem with their account are common — usually, it’s because of a login from a new device or a payment problem. Scammers exploit this by sending emails with bogus links that claim there is a problem with the user’s account, and they need to log in to fix it. These links go to a site that looks remarkably legitimate, but the scammers steal any entered information.
The best way to avoid this scam is to go directly to the website in question. Don’t click any links in an email, even if it looks legitimate. That way, users can verify if there is a problem with their account without compromising security. If the email is fake, forward it to the site’s phishing address.
5. Ransomware Scams
Ransomware is scary. A virus encrypts the infected computer’s files, and scammers offer a decryption key for a few hundred dollars in bitcoin. This is the kind of infection behind the WannaCry attack in 2018 that crippled the U.K.’s National Health Service for a few days. The idea of losing files is scary, which pressures many people into paying.
Avoiding this scam requires two steps. The first is to ensure that any computer connected to the internet has an up-to-date antivirus program installed. Keep it updated to prevent ransomware viruses from making their way onto the machine in the first place. The second step is to back up all files, and keep the backup disconnected from the central computer. Even cloud backups are vulnerable to ransomware if they are synced to the cloud automatically. If the files are safely backed up, all a user needs to do is perform a factory reset on the infected computer and restore the data from the backup.
Online scams are scary, but thankfully most of them are easy to avoid. Users need to be careful about what emails they open and what attachments they download. By being proactive, it’s possible to avoid these scary scams.
Disclaimer: This post is sponsored by PSECU, a Pennsylvania-based credit union.