How to spot an online scam: 3 dead giveaways

How to spot an online scam: 3 dead giveaways

It’s surprisingly easy to fall for an online scam even if you’re hyperaware of all the ways bad actors can trick you. Online scammers are playing a numbers game. If they send out their scams to enough people, they’ll find a few people who posses a magic combination: Folks who are distracted by life and also concerned with their online accounts.  

That’s how I almost fell for an online scam. My credit card bill was coming due, but I was busy that month, and paying the bill was just one of many things percolating in the back of my mind. Then I suddenly got an email stating my bank was freezing my account if I didn’t login. “Oh no!” I thought. “I’m late paying my bill.”

Without another thought, I clicked on the link in the email, even though I knew the right thing to do was type out the URL myself. I was just about to put in my login details when another thought came bubbling to the surface: Something seemed not quite right.

I checked the website address, and sure enough I was about to enter my details into a phony website designed to harvest login credentials from my bank. It was a near miss. I had almost been the victim of phishing. This happened despite the fact that I’ve reported on just these kinds of exploits. Heck, I’d even written several articles with security tips about how you should never click on a link to your bank from inside an email.

Caught at the right moment of vulnerability, anyone can fall for an online scam. When you’re prepared, however, spotting an online scam is fairly straightforward. Then when the stars align to make you susceptible to an online scam, you might save yourself by knowing what to look for.

Here are some basic rules you can use to keep yourself and your online accounts out of the hands of the bad guys.

Rule #1: If you’re not expecting it, you shouldn’t expect it

scamemail IDG

An example of a scam banking email.

A standard trick for online scams is to get you to click on a link. This link can show up in an email, a hijacked messaging account of one of your friends, a WhatsApp message, or even an SMS. The idea is to direct you to a malicious website. Then the scammers will try to download malware onto your device, or trick you into revealing your login credentials on a phony website that looks like the real thing.

The best way to combat these scams is to never clink on a link you weren’t expecting. If you get an email stating your bank account is about to be frozen, or your PayPal email account suddenly needs to be validated, don’t click. Even if you check that the email address and the link are leading to the real thing, just as a matter of security don’t click. Instead, enter the website address yourself by typing it out in the address bar. Don’t search for it—instead type it out yourself.

Leave a Reply

Your email address will not be published. Required fields are marked *