Internet scams are continually evolving. The FBI documented a record $3.5 billion in losses due to internet crimes in 2019. Right now, con artists around the world are likely targeting a computer or mobile device near you. Here’s a look at the most common internet scams—and what you can do to safeguard your personal information and wallet.
- The COVID-19 pandemic has provided scammers with new opportunities to defraud consumers.
- Some of the most well-known scams, such as the Nigerian letter scam, continue to defraud thousands of people a year—despite widespread warnings.
- If you think you’ve been scammed, change your passwords, delete any questionable software, and contact your local police department.
COVID-19 Online Scams
According to Google, “Scammers are taking advantage of the increase in COVID-19 communications by disguising their scams as legitimate messages about the virus. Alongside emails, scammers may also use text messages, automated calls and malicious websites to reach you.”
Common types of COVID-19 scams include:
- Fake health organizations. Scammers pose as health authorities like the World Health Organization (WHO) and U.S. Centers for Disease Control (CDC) to offer cures, tests, or other COVID-19 information.
- Websites that sell fake products. These sites offer face masks, hand sanitizer, disinfectant wipes, and other high-demand products that never arrive. Buy products from known marketers only.
- Bogus government sources. These scammers claim to issue updates and payments on behalf of the Internal Revenue Service (IRS) or local tax authority.
- Fraudulent financial offers. Scammers may pose as banks, debt collectors, or investors with offers designed to steal your financial information.
- Fake nonprofit donation requests. Many people like to donate to charitable causes to help with disaster relief. This provides an excellent opportunity for scammers to set up fake nonprofits, hospitals, and other organizations to collect funds. Donate directly through a reputable nonprofit’s website instead of clicking on a link you receive by email or text.
Disaster Relief Scams
When disaster strikes—whether it’s a pandemic or weather-related—so do fraudsters. Hiding behind the guise of an actual aid organization, scammers will use a tragedy or natural disaster to con you out of your money. By thinking you’re donating to an emergency relief fund, you unwittingly provide credit card or other e-payment information.
Only give to established, legitimate organizations. Visit GuideStar or Charity Navigator to verify the validity of any charitable organization you are considering supporting before you donate.
You receive an email from a seemingly familiar enterprise that you deem legitimate, such as your bank, university or a retailer you frequent. The message directs you to a site—usually to verify personal information such as email addresses and passwords—that then steals your information and exposes your computer to attack by scammers.
Phishing scams are some of the most common attacks on consumers. According to the FBI, more than 114,700 people fell victim to phishing scams in 2019. Collectively, they lost $57.8 million, or about $500 each.
According to the Federal Trade Commission, phishing emails and text messages frequently tell stories to trick people into clicking on a link or opening an attachment. For example, phishing attempts may:
- Say they’ve noticed suspicious activity or log-in attempts on your account
- Claim there’s a problem with your account or payment information
- Say you need to confirm or update personal information
- Include a fake invoice
- Ask you to click on a link to make a payment
- Claim you’re eligible to sign up for a government refund
- Offer a coupon for free goods or services
You should never click the links provided in emails you can’t independently confirm. Doing so will make your computer and personal information vulnerable to viruses and malware. Again, though the sender may seem legitimate—which is exactly what the scammer wants you to believe—no reputable institution will ask for your password or other key personal information online. Phishing emails will often contain typos or grammatical errors, and the sender’s email address often looks suspicious.
Phishing emails are often rife with typos and grammatical errors. This is an intentional strategy scammers use to “weed out” people who would be unlikely to fall for the scam.
Fake Shopping Websites and Formjacking
Thousands of fake websites offer “great deals” on well-known brands. These websites typically have URLs similar to the brands they try to mimic, such as “Amaz0n.net.” If you buy something from one of these websites, chances are you’ll receive a counterfeit item in the mail—or nothing at all.
Formjacking is another retail scam. This happens when a legitimate retail website is hacked, and shoppers get redirected to a fraudulent payment page, where the scammer steals your personal and credit card information. To avoid this scam, double-check that the URL on the payment page is the same as the website where you were shopping. Cybercriminals may change the URL very slightly—maybe by adding or omitting a single letter. Be sure to take a close look at the URL before you enter your payment details.
Tech Support Scams
With this scam, you receive a phone call, email, or pop-up warning indicating your computer is infected (ask yourself: How would they know?). The scammer then:
- Prompts you to download an application that allows them to control your computer remotely;
- Downloads an actual virus or otherwise makes you believe that something is wrong; and
- Tells you they can fix the problem for a fee.
Another way to reach you is through search results: Tech support scammers work hard to get their websites to show up in online search results, or they run their own ads.
Often, these scammers ask you to pay using a bank wire, gift card, or money transfer app.
If you gave a scammer remote access to your computer, immediately update your security software, run a thorough scan, and delete anything it identifies as a problem. And, if you shared your user name and password, change those right away, too.
Tech support scams are common. The Federal Trade Commission (FTC) says it received more than 100,000 reports about these scams during 2019. If you think you’ve been contacted by—or have fallen victim to—a tech support scammer, report it to the FTC.
Fake Antivirus Software (aka ‘Scareware’)
Fake antivirus software ads and pop-ups try to make you believe your computer is infected with a virus (or dozens of them)—and that you can fix the problem by downloading their software. These scammers get you two ways:
- They gain access to your credit card information.
- They gain access to your computer. When you click the download link, you get a virus, malware, or ransomware instead of antivirus software. According to Norton, “The scammers can use this malware to access your files, send out fake emails in your name, or track your online activity.”
Always be wary of ads and pop-ups that prompt you to take immediate action, or ones that are hard to close. Be sure to install, update, and use real antivirus software to reduce the risk of scareware.
New for 2020 are scammers that sell phony COVID-19 travel insurance policies that claim to cover losses for any reason, at no extra charge. Buyers find out the hard way that these policies don’t provide the protection they expected. In general, claims due to “known, foreseeable, or expected events, epidemics, government prohibitions, warnings, or travel advisories or fear of travel” are not covered by travel insurance policies.
COVID-19 is a foreseen event, so many travel insurance…