How to spot an online scam: 3 dead giveaways

It's easy to be fooled by scammers online. But it's just as easy to spot those scams if you're paying attention.

Credit: Dreamstime

It’s surprisingly easy to fall for an online scam even if you’re hyperaware of all the ways bad actors can trick you. Online scammers are playing a numbers game. If they send out their scams to enough people, they’ll find a few people who posses a magic combination: Folks who are distracted by life and also concerned with their online accounts.  

That’s how I almost fell for an online scam. My credit card bill was coming due, but I was busy that month, and paying the bill was just one of many things percolating in the back of my mind. Then I suddenly got an email stating my bank was freezing my account if I didn’t login. “Oh no!” I thought. “I’m late paying my bill.”

Without another thought, I clicked on the link in the email, even though I knew the right thing to do was type out the URL myself. I was just about to put in my login details when another thought came bubbling to the surface: Something seemed not quite right.

I checked the website address, and sure enough I was about to enter my details into a phony website designed to harvest login credentials from my bank. It was a near miss. I had almost been the victim of phishing. This happened despite the fact that I’ve reported on just these kinds of exploits. Heck, I’d even written several articles with security tips about how you should never click on a link to your bank from inside an email.

Caught at the right moment of vulnerability, anyone can fall for an online scam. When you’re prepared, however, spotting an online scam is fairly straightforward. Then when the stars align to make you susceptible to an online scam, you might save yourself by knowing what to look for.

Here are some basic rules you can use to keep yourself and your online accounts out of the hands of the bad guys.

Rule #1: If you’re not expecting it, you shouldn’t expect it

scamemail IDG

An example of a scam banking email.

A standard trick for online scams is to get you to click on a link. This link can show up in an email, a hijacked messaging account of one of your friends, a WhatsApp message, or even an SMS. The idea is to direct you to a malicious website. Then the scammers will try to download malware onto your device, or trick you into revealing your login credentials on a phony website that looks like the real thing.

The best way to combat these scams is to never clink on a link you weren’t expecting. If you get an email stating your bank account is about to be frozen, or your PayPal email account suddenly needs to be validated, don’t click. Even if you check that the email address and the link are leading to the real thing, just as a matter of security don’t click. Instead, enter the website address yourself by typing it out in the address bar. Don’t search for it—instead type it out yourself.

Then, once you’ve logged in to the legitimate website, you’ll be able to see if whatever the email claimed was real.

Tip: A good way to avoid falling for a phishing website is to use a password manager and its browser extension. If you land on a website that isn’t legitimate then the extension won’t supply your login details. Indeed, even if a website has a tricky URL like “paypal.com.098uq3409847890.net” it shouldn’t fool mainstream password managers.

Rule #2: Don’t buy into urgency

A classic scam is for someone to hijack a person’s Facebook account and then contact all her friends via the hijacked account. Often the scammer will claim some kind of emergency, saying your friend is in jeopardy such as, “I’m in London. I’ve been robbed, and I have no money.”

When you know this is a scam, you can see where it’s headed. In the moment of urgency, however, it can be harder to spot. Of course, you want to help your friend: “Oh my goodness! A foreign country where they might end up on the street? I need to help.”

Because an “emergency” is in play, scammers are banking on the likelihood you won’t look too closely at the details, and instead just take action. But on your end, you must resist the urge to act immediately. If your friend is in dire straits, you can still ask to talk to her on the phone, or verify with someone else over the phone that she is truly where she claims to be. The key is to talk to another human being whose voice you can recognize because pretending to be someone else via a text chat is so easy. Do not, however, take the word of some “hotel manager” or a supposed good Samaritan who’s speaking on behalf of your friend.

You can apply the same basic principle when it comes to taking immediate action to “unfreeze” your account. First, a bank or credit card company is more likely to call you or send a letter about dramatic action versus dropping you a note in Gmail. Nevertheless, if you want to be sure, type in the URL of your bank or credit card manually to visit the site. If there is truly a threat to your account, the institution will alert you once you login.

Rule #3: If it’s too good to be true…

bbbscamtracker IDG

The Better Business Bureau’s Scam Tracker.

If it’s too good to be true, then it probably is. This may be a cliché, but it’s also a good rule of thumb. Money doesn’t just come tumbling out of your inbox, after all. If a lawyer or business contacts you via email about making a tidy profit on a business transaction or reclaiming some kind of inheritance money, don’t fall for it. This sort of thing just doesn’t happen. No matter how legitimate these offers may seem.

This also goes for online sales. Yes, you can find some fantastic sale prices on Amazon, Best Buy, and other places online. But if you get an email or see a link on social media leading you to an incredible sale price on a site you’ve never heard of, then take a step back. Do some basic research using consumer sites like Trustpilot, Sitejabber, and the Better Business Bureau to see what others have to say about the business. What you’re looking for is overwhelming evidence that the site is legitimate. If you don’t find any information about the site or only a few sparse reviews, that is a huge red flag. 

Advanced Tip: Hover over links

The next time you get a legitimate email from your bank, try this trick for practice. Use your mouse pointer to hover over the button or link your bank wants you to click without actually clicking it. Next, look in the lower left corner of your browser window. You should see the web address the link will take you to.

That’s an easy way to spot a scam because a bad link will never lead to your bank’s website, and scammers will often use a link-shortening service to try and hide that fact.

There are a few other things you can watch out for, such as poorly worded emails and chat messages, though this is becoming a less reliable guide in recent years. Another red flag is when someone asks for money in a non-traditional form like a gift card or a cash reload card. Even requests for a wiring money can be suspect. The FTC has a good video on what to watch out for when being asked for money via the phone or online.

The Internet is a great place to find information and manage your life, but it can also be a place where it is far too easy to get duped if you’re not paying attention.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags How toonline scams

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ian Paul

PC World (US online)
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?