Most consumers know to be skeptical of the email from the “Nigerian prince” looking for help securing the millions of dollars in inheritance money he’s due. And, for a wide range of fraudulent emails and internet offerings that are simply (and often wildly) “too good to be true,” the same can be said as today’s typical consumer is far too savvy to be so easily duped.
But today’s cybercriminals have also grown more savvy and their email and internet scams have become more convincing. Here are five common and often very persuasive email and internet scams to keep your eyes open for:
- Advance-fee scams —While the Nigerian prince scheme has by now become notorious and, therefore, less likely to succeed in defrauding intended victims of their money, variations of this type of scam can seem much more legitimate. The advance-fee scam category encompasses any fraudulent offer that, in exchange for an up-front fee, promises to reward the victim with money, products, prizes, services, etc. or offers the opportunity to participate in an exclusive deal. The common thread to these scams is the victims never see their money or hear from the scammers again. Versions can include the beneficiary fund scam in which the scammer claims to need help getting money from a foreign bank; the lottery scam in which victims are told they’ve won a prize in a foreign lottery; investment scams in which help is supposedly needed with overseas investing or a lucrative company start-up; and romance scams in which an online “love interest” (often met on a dating site or in an online chat room) seeks funds to help a sick relative or to pay for the transportation needed for a rendezvous.
How to avoid it: First and foremost, people should always listen to their gut when it tells them that “this seems too good to be true.” Members of Entrepeneur have plenty of experience in preventing fraud and that experience tells them that any person seeking “help” is almost certainly a fraudster. Sometimes, however, emails of this nature can appear legitimate and in those cases, it’s best to never agree to send payments to a third party unless that party is related to a client or person the receiver of the email has done extensive business with in the past. It’s also important to insist on speaking directly to the email sender by phone; in most cases, the fraudster will not oblige and consumers will save themselves the worry. To report phishing emails, forward them to spam@uce.govand to the organization impersonated in the email, if there is such. One can also file a report with the Federal Trade Commission at FTC.gov/complaint.
- PayPal or Online Banking Scams —These schemes often lure targets with an official-looking email from a supposed financial-services provider, frequently containing an alarming message along the lines of “your account has suffered a security breach” or “act now before your account is deleted.” The scammers behind these fraudulent emails hope the recipient will panic, click the link in the email and attempt to log into their account, thereby providing the scammer with the login info needed to access their banking account, PayPal account, etc.
How to avoid it: Wary consumers should be on the lookout for telltale signs that an email is not from who it claims to be. Some examples of red flags are misspellings in the email copy, suspicious sender addresses, generic salutations such as “Dear valued customer,” links to sites other than that of the claimed business and threatening language. One sure way for consumers to avoid this scam is to contact the company or bank the email claims to be from directly, and then confirm the information provided in the email. This can be done either by calling the customer service number provided on the company’s website or by logging into the user’s account rather than using any links provided in an email. For more information on avoiding these scams, consumers can visit PayPal.com, or the security section of their own financial services provider’s website.
- Hijacked Profile Scams —Many users of Facebook, Twitter and other social networks might have seen signs of this one, which most often include suspicious posts or unexpected personal messages from friends. The accounts affected by this scam have either been taken over by hackers or are fake accounts created to mirror the actual account, and the ultimate goal of the perpetrators is to get the supposed account owner’s “friends” to send money or provide financial details.
How to avoid it: Social media users should be extremely wary of any messaging or posts from friends that seem “off,” especially if they involve requests for money. Before participating in any further interaction with the “friend” via the social network, users should confirm whether their actual friend posted or sent the message by contacting them via other means, such as via text, email or phone. If the friend wasn’t actually behind the communication, this will also serve to tip him or her off to any fraudulent activity involving the account. For additional guidance, users can visit facebook.com, twitter.com or the security section of the social media platform in question.
- Job Scams —This scheme preys on job-seekers who have posted a resume online, and a common variation sees the scammer, posing as a representative of a legitimate company or employment service, send the victim an email or other form of digital communication. At some point, often after reviewing a job description that’s specifically tailored to be a perfect fit for the applicant and for which the position pays a high salary, the job seeker is asked to click an “apply” link that takes the job-seeker to a phony site. Here, the applicant is asked to provide information related to his or her work history and skills, as well as what the scammer is actually after — details that allow the scammer to steal the applicant’s identity for the purposes of opening a fraudulent bank or credit card account in the victim’s name.
How to avoid it: Job-seekers should be especially suspicious of job offers from employers to which they have not applied. Also, before proceeding with the application process, they should do background checks on the business via an internet search, the Better Business Bureau, etc., plus confirm that the contact information they’ve been provided with is actually a match with the verifiable contact info for the business. Further, applicants can take steps to confirm that a job offer is genuine by locating the job posting on the company’s website or via another legitimate source. To learn more, job-seekers can review the Federal Trade Commission’s guidance regarding job scams.
- Quiz Scams —To the social media scroller, the quiz might seem innocent enough. After all, who wouldn’t want to know which Gilligan’s Island character they are.But along the way, a fraudulent quiz could trick the user into providing a phone number and unknowingly agreeing to a monthly “service charge,” into providing personal information that they’d really rather not share or into allowing their personal details to be harvested by a dubious data-mining company.In even worse cases, the quiz might enable hackers to hijack the user’s social media account for fraudulent purposes.
How to avoid it: The easiest way social media users can avoid this type of fraud is by avoiding social media quizzes altogether, especially if they’re unable to determine who is behind the quiz. Another way users can protect their personal information on social networks is to adjust their privacy settings, plus remove personal details such as birth date, phone number and address from their profile information. Consumers can find more information on avoiding this type of scam at bbb.org.
Of course, staying secure online can require going well beyond being skeptical of suspicious email and internet offers. To learn more about other ways to step up your online security, check out the Nine Ways to Prevent Cyber Security Breaches blog on the FTC News & Blog pages. And to take the next step toward ensuring your online security, learn more about Protect Plus from FTC Internet.
