The internet can be a scary place especially when becoming PCI compliant. Misinformation, false promises, and fake news lurk behind every clickbait headline and questionable link. Entire industries are built to profit from deceptive tricks to con the naive.
They say a sucker is born every minute, and online scam artists are counting on it. Their tricks are built to prey on trust. In addition to regularly changing the passwords for all of your accounts, the best way to protect yourself from being swindled is to remain skeptical and vigilant of anything that seems out of the ordinary.
The most common online scams
1) “There’s a problem with your account!”
You get an email from what appears to be PayPal or your bank with a message along the lines of: “There’s a problem with your account. Click this link to fix the issue or your account will be suspended.”
Once you click the link, you’re taken to a page that looks exactly like the login page to your account. So you enter your information, hit enter, and then… it doesn’t go through. Maybe just a browser glitch? Probably not.
What’s likely happened is that you’ve just given your valuable account information to scammers who now have free reign to do whatever they please with it.
This classic phishing scam successfully tricks millions of people every year. It’s not just banks or PayPal emails to be wary of; scammers might adopt the guise of Amazon, Apple, eBay, or one of your co-workers if you work in an industry where you email might have valuable information.
The main giveaway that the email is not legit is this: your bank or any similar service will never, ever, ever ask for your log-in information. If that happens, that should always raise a red flag.
The other indicators are in the details. Usually, the sender’s email address will be suspicious. They may claim to be from Bank of America Security Center but then their actual email address is something strange like @bank-of-america.org rather than @bankofamerica.com. You may also notice, if you hover the mouse over the link in the email, that the click-through doesn’t actually go to the website but instead some other web address.
The best way to investigate their claim is to open a new browser, type in the web address, and then enter. Odds are you won’t see any messages indicating there’s any issue with your account.
2) “Your computer is infected!”
One day you’re happily browsing goat GIFs on Imgur when a pop-up appears and informs you that your system has been compromised. Sometimes it even looks like it’s from your computer’s operating system. You may even be unable to exit the window without clicking one of the choices.
It promises to diagnose your problem with a click, but once you do, the problem is only compounded. Now there are even more pop-ups. And the only solution appears to be to sign up for some dodgy service and pay a monthly fee for an antivirus product you’ve never heard of before.
In this case, the best defense is advance preparation. Investing in antivirus software and pop-up blockers tend to eliminate this issue. To be safe, you should be sure to regularly back-up your important documents and programs in case of a worst-case scenario. And if you find malware pop-up forcing you to download something, don’t do it under any circumstances. It’s better to perform a hard reset of your device than to download something that might compromise your device.
3) “OMG! Is this a naked picture of you?”
No wonder this con has grown in popularity in recent years. If a scammer’s goal is to get you to click their link and the best way to do that is to frighten you, then what’s more worrisome than leaked nudes?
It’s especially easy to fall for this, especially since this scam often uses dummy or hacked versions of your friend’s accounts to lure you into thinking the message is legitimate.
And if you click the link and enter your log-in information to find the photo on Facebook or Twitter or Instagram, then the cycle will begin again, and a dummy or hacked version of your account will then message someone else from your friends’ list.
If this scenario happens to you, the best way to be sure is to contact the friend via another method, like text, and ask them if they sent the email. Chances are they’ve been hacked and didn’t even realize it.
4) “Can you send by Western Union?”
Anyone requesting money in exchange for a later reward shouldn’t be trusted, but the scam persists because it’s still tricking people.
For example, maybe you’re trying to sell an old couch on Craigslist or eBay. You get a message almost immediately, offering exactly what you were hoping to get. But there’s a snag: the buyer lives overseas. They might say, “Send me your address and I’ll mail you a check to cover the costs and shipping.” It’s a bit strange to pay by check, but they have an excuse and insist on it, usually accompanied by some sob story on why PayPal or another method is unusable for them right now. Then they’ll send you a check to deposit for a sum larger than agreed upon. They tell you the extra money is for their shipping company to cover the delivery. They’ll ask that you deposit the check and then “can you send (X amount) by Western Union?”
The con here is that the check is always a forgery. They’re attempting to earn your confidence that this is a legitimate transaction, but their only goal is for you to wire them money through a dummy company. Of course, you wouldn’t know the check is a forgery until after the bank tells you the check has bounced.
If this racket sounds familiar, that’s because it’s been around for years. It’s essentially an update of infamous “Nigerian Prince” email scam, in which you receive a message informing you that somehow a large windfall was coming your way thanks to a prince in Nigeria.
But there’s the thing: At this point, transactions online should be a simple process. If they can’t deliver with PayPal or Venmo, then no matter what their excuse is, it’s probably not worth going any further.
5) The perfect job/girlfriend/product
Scammers love to exploit hope. The idea that we could stumble upon some life-changing opportunity any day is exactly what fuels their schemes.
Take a glance at the classifieds on Craigslist and you’ll find a number of job postings promising big salaries for easy work-from-home gigs. If you apply to one of those jobs, the fake employer won’t take long to request your social security number for tax purposes or your bank account details to pay you. Then, before you realize the whole thing was a scam, money has been withdrawn from your account and perhaps your identity has been stolen too.
Similarly, on Tinder, OkCupid, or any other popular dating site, you may find yourself matching with someone stunningly beautiful. Then after a few messages are exchanged, they insist on moving the chat to some other app, one that requires creating an account. They tell you it’s quick and easy to sign-up, and they only do it because they can’t trust people on dating sites— but, in fact, this is all merely a ploy to nab your personal information.
This same tactic is used to great success with junk products. Anything that sounds like it could easily be on a late-night infomercial is always worth Googling before buying. Usually, if you search “(product name) + scam” you’ll find warnings of people who realized, all too late, that they’d been had.
The old adage is as true now as it ever was: If it sounds too good to be true, it probably is.
Source: MSN News