What You Need to Know About Online Scams

​As long as people have been around, scams have been around. While the internet and new technology have been a good thing for the world, it's never been easier to scam others. 21^st-century con artists have a wide variety of tools they can use to pull off their crimes without ever leaving their house.

You've probably heard of hackers using force to get someone's information online. However, scammers don't need force; all they need is clever trickery. Fortunately, scams are easy to avoid if you know what to look for. Read on for some tips about how to recognize and avoid internet con artists.

Common Types of Online Scams

Scams come in all shapes and sizes, so you'll need to be on the lookout. Here are some common types of scams you might encounter online. This is
by no means a complete list, but it should get you started.

Phishing

Phishing is a very common type of online scam. The scammer tricks another person into giving away their personal details online. Once scammers have the information they need, they can do damage. "Classic" phishing is done by email, but it can also be done through other methods, such as phone, text messages and social media.

To win the victim's trust, scammers pose as a legitimate entity. This can include a bank, Credit Card Company, university, PayPal, or even the IRS. Usually, scammers will send some kind of urgent message. They will get your blood pumping by telling you to act ASAP under some kind of threat, such as your account being locked or deleted. They will urge you to click a link to avoid the "threat." This link usually leads to a fake website where you will be told to enter personal information or account details.

These fake messages can be hard to tell apart at a first glance. Scammers will do everything to make the email and website look real. They will design their emails to look exactly like an official email. Their fake sites are carefully crafted to look like the real entity's website. In many cases, the email and fake site will look almost exactly like the one they're imitating. Here are some of the methods they use to disguise their emails and websites:

• Changing the link text in the email to hide where they're actually taking you.
• Using email addresses that look like the "real" ones with minor changes. (E.g., [something]@mazon.com instead of @amazon.com)
• "Spoofing" the email address. This is a way of altering the "from" box so that the email looks like it came from a different address than it actually did. If the scammers are running the con by phone, it's possible to spoof caller ID as well.
• Using domain names that are misspelled or have minor changes from the "real" website. (E.g., "paypaI" with an uppercase "I" - as in "I am" - instead of a lowercase "L." This is called
  typosquatting.)
• Using URL shorteners like
  Bitly to hide link locations.
  
• Using misleading subdomains to hide the fakeness of the site they're sending you to. A subdomain is simply a sub-section of a domain name. For example, in
  https://en.wikipedia.org, "en" is the subdomain. Speaking of Wikipedia,
  it gives a good example of a fake site with a misleading subdomain.
  

Phishing is one of the oldest tricks on the internet. Unfortunately, people still fall for it today. When using email, stay on the lookout for these tricks.

Job searching online has went through a huge rise over time. Now, it's hard to imagine a job search without Monster, Indeed or other job boards. This, too, has made it easier to run a scam.

In a job scam, the scammer poses as an employer. They will post fake job ads on job board sites or spread the scam via email and social media. Some scammers even set up entire fake job boards or employer sites. These scams often appear as a "work from home opportunity" or offer a huge return for small efforts.

When you look for jobs on job boards or social media, be careful. Always research the company before you submit your info to any job. This is a quick way to tell if it is legitimate. Also, don't let your guard down if you find the company has a website. Sometimes, the "company" looks real, but is actually a cover for a scam, such as a
pyramid scheme. Try looking up feedback from employees and customers as well.

Here are a few more red flags to watch out for:

• The "employer" wants to hire you on the spot.
• You are offered a job or interview that you didn't apply for.
• The job posting, email, etc. is full of errors.
• You're required to pay money to start working there.

In this scam, the scammer tries to get you to wire them money via Western Union or something similar. They also make up some sort of cover story to win your trust. These messages are enticing because they promise the victim a huge money reward in return for a small payment.

For example, a scammer may pose an important official and ask for "help" transferring millions of dollars from one account to another. The scammer promises to give the victim a share for their help. They will tell the victim they are going to deposit money in their account so it can be transferred to the other. Before this, they ask for the victim's bank info and have them send money for "taxes" and other "fees." Afterwards, the victim never sees their money again. Also, they open themselves up to identity theft.¹

Avoiding Scams

Because there are so many types of scams, dealing with them is another subject altogether. Avoiding each type requires a different set of behaviors. Because of this, discussing all of them would be beyond the scope of this article.

However, there are a few tips that apply to all scams, no matter what. Here are some general tips for protecting yourself:

• Don't trust an email just because it
  looks real. If an email seems fishy, it helps to do some Googling first to make sure it isn't fake.
• Don't click links in an email. Instead, log into the real website directly or contact the organization. The only exception is if you're verifying your account on a site you just signed up for.
• Be wary of short URLs. Many legitimate companies use these on social media, especially ones with character limits. However, social media is a popular tool for scammers. If you have to click on a short URL, it helps to run it through a
  URL expander first. This way, you know exactly where the link goes.
• If you're suspicious about a site, check the
  entire domain name instead of just the beginning. It's helpful to take a look at Wikipedia's list of
  top-level domains. That's because domain names always end with a top-level domain such as ".com, .org, .net, .gov, or .edu."
  Remember that it must
  end with one of these. There's nothing stopping scammers from using "com" as a subdomain.
• There's an old adage: "if it seems too good to be true, it probably is." Always be wary of what comes into your email or social media inbox. If something seems unbelievable, be on your guard, and use Google to research it.
• The
  IRS will never email you. If you get an email claiming to be from the IRS, ignore and delete it.
• It's unheard of for actual businesses to ask for customers' Social Security numbers. If an email or website asks for yours, that's a huge red flag.
• Don't trust emails or other messages asking you to wire money or send personal information.
• Don't trust
  any online message saying you've won a contest or a giveaway you didn't enter.
• Last but not least, trust your gut. If something "just doesn't feel right," that may be a sign it's not.

Identity Theft

If you fall for a scam, you might be at risk of identity theft. For more information on what identity theft is and how to deal with it, check out our
identity theft article.

 Sources

¹https://www.bbb.org/