Too Good to Be True
Shining a Light on Online Scams
When was the last time you got a seemingly urgent email or text message that turned out to be misleading? For example, an email from your favorite website claiming that someone tried to log into your account, so you need to update your password right now—but it wasn’t until it was too late that you realized it was a scam?
If you or someone you know has fallen for a scam, you’re not alone. In the past several years, internet-enabled scams have become more widespread and more believable than ever. Financial losses due to scams almost doubled between 2020 and 2022 (source).
In this Data Detox, you’ll learn about some of the most common internet-enabled scams, as well as practical tips to avoid them that you can share with your friends and family.
Let’s shed a light on this, together!
What Do Scams Look Like?
Scams refer to a variety of deceptive activities with the goal of misleading a targeted victim in order to gain money, goods, or information from them. Scammers have been known to run their operations in-person or online, through letter-writing, phone calls, text messages, social media, and emails. They may even use more than one way to reach you—for instance, by sending you an email that tells you to call a phone number.
Certain scams are targeted at certain people, such as teens looking to get ahead in an online game, lonely people seeking companionship, or parents who recently dropped their kid off at university. But no one is off-limits to scammers.
Flip the cards below to learn more about popular types of internet-enabled scams... Do any of these sound familiar?
The scammer tries to convince you to pay a small sum of money up-front, promising you’ll earn much more money down the line.
The scammer pretends to be someone official—a law enforcement officer, a bank clerk, a tech support specialist, or the employee of a recognisable company or charity organization—in order to gain your confidence.
Job Hire Scams
Job Hire Scams
The scammer claims to be hiring for a job, and after multiple successful interviews, asks you to send along scans of your identification documents and banking details, to conduct employee checks and set up payments. The scammer may also attempt to solicit a start-up fee for equipment, which they claim will be reimbursed with your first paycheck.
The scammer may send you a text message or email with an enticing link, such as to a seemingly great discount to a service you use regularly, or to a parcel tracking service. Clicking the link leads to malicious software being installed on your computer or phone.
No matter what form a scam takes, it is crucial to keep in mind that all scams ultimately ask you to provide something. Whether it is money, goods or services, or information, always be cautious when any of these things are requested from you. Scammers may pose as officials, strangers, friends, or relatives.
Tips for Avoiding Online Scams
Following the tips below might help you avoid falling for a scam…
The longer you stay on the call or respond to messages, the more likely the scammer can find ways to reel you in. If something feels off about the conversation, seems too good to be true, or you’re feeling insecure about the details, you can just hang up or close the email or text without responding. Then, you can look into the topic at your own pace (e.g. if they claim to be your bank, you can visit your bank or call the official hotline).
Don’t worry about being impolite–you're not obligated to give people who call, text, or email you any information. And if it turns out to be a scammer, they are the ones who are being impolite by trying to scam you!
Take a deep breath before deciding to act.
Scammers typically ask for something from you–whether that be scanning a QR code, visiting a web link, or answering questions. Be cautious anytime you're asked to perform an action. Even seemingly harmless information could be used in ways you least expect. So next time you’re asked for a request either via email, text, or phone call, pause and think about it first! Does something feel weird about this request? Why are they in such a hurry?
Ask verification questions.
Most scams rely on generating a sense of urgency, so that you give out information before you get the chance to think about it. So if you are asked to share information, follow a link, or scan a QR code, take a moment to ask verification questions to ensure the request is legitimate. Their response and reaction may help you decide if this is suspicious.
Let’s say your bank calls you. Typically they would have access to your account information and history, so it is within reason for you to ask, "Excuse me, just to confirm, what was my last purchase today?" Or if your phone company contacts you, you can ask the representative, "Just to confirm, what was my last outgoing number?" If the person on the other end doesn’t give you a quick answer or has an excuse not to give you the answer–then it is a huge red flag.
Step back and create distance.
Sometimes in the middle of a conversation it can feel difficult to really think about what is happening. For this reason, finding ways to take a step back and create distance from the person on the other end can give you the time to process the interaction. Try saying something like, "Sorry, I’m in the middle of something right now, can you give me your contact details and I'll call you right back?" Then ask yourself critical questions and perform a web search to try and answer them. For example: If it is a call claiming to be from an online shop, the official phone number should be printed on their official website, so you can call that official number and ask. Don’t rely on caller ID, as scammers can easily spoof phone numbers (meaning they can change their caller ID to disguise their identity) when calling you.
Lock down your financial details.
Talk to your bank about the different security features and fraud protection measures they may offer. Oftentimes at no added cost, there may be a number of security checks you can put in place on your account, such as:
- Set withdrawal alerts. You may be able to receive periodic email or phone text message notifications or summaries of withdrawals made from your account.
- Use a temporary credit card number. Ask your bank if they provide temporary credit card numbers that only work for a single transaction, this is sometimes called a “digital card”.
- In some countries, you may be able to institute a credit freeze, which prevents someone from obtaining your credit report. Scammers can use credit reports to obtain information about you. A credit freeze should also prevent scammers from being able to open credit cards using your identity.
- Make sure you have a long and unique password for your online banking, have two-factor authentication enabled if available, and don’t access your bank website while on public Wi-Fi.
As you’ve learned in this Data Detox, anyone could fall for a scam. Keep the following two tips in mind…
As you can read more about in this Data Detox guide on data breaches, depending on what happened you may want to notify your bank, freeze your credit score, and contact your local cybercrime office (such as the Internet Crime Complaint Center and European Cybercrime Center).
Know that it isn't your fault.
There are many types of scams, each with varying degrees of creativity and complexity, so it is possible for anyone to fall for a scam. Remember that it isn't your fault. In some cases, the scammer may simply be skilled at what they do. In other cases, it may be that a company has weak security measures. The same compassion applies to friends and family who may have fallen victim.
Pass it on! Share this Data Detox with your friends, family, and co-workers to help them stay informed. Opening the dialogue around scams may help you or those you care about avoid falling into traps to begin with.
To dive deeper into this topic, read “Exposing Internet Scam Operations” and watch “A Look Inside Internet Scam Operations” (on PeerTube). For an entertaining storytelling experience, listen to the ‘reply-all’ podcast episode “What kind of idiot gets phished?”
Written by Nikita Mazurov and Safa Ghnaim in Spring 2023. Thanks to Christy Lange and Louise Hisayasu for their edits, comments, and reviews.