EXPLAINER: Online fraud and scams - What they are and how to spot them?
When the world wide web first launched, a common piece of advice was to avoid giving your information out and talking to strangers.
Now, apps like Uber lead strangers to our doorsteps so that we can go for a spin in their car. We’ve grown so comfortable using the internet that it’s easy to forget there are people out there who are up to no good.
Cybercriminals like to create scam websites and online scams so that they can trick users into willingly handing over information or money. Not much is changing at the turn of the decade, with many of the most popular online scams for 2020 looking like familiar foes.
By learning about the most common tactics and pairing that information with security solutions, you can be better prepared to face these cyberthreats in the new year.
What it is: Phishing is one of the most common cyberthreats around, yet it continues to be equally as effective.
Phishers take on the persona of someone trustworthy – a friend, neighbour or colleague – in an attempt to get you to hand over information or click a malicious link via email, social media or other messaging apps like WhatsApp.
Phishing attempts take place worldwide every single month and while they often take place through email, cybercriminals are expanding their approach to cover wherever you might talk with someone one-on-one on the internet.
How to spot it: The most important step in spotting a phishing attempt is to take your time reviewing the email or message. This will help you spot inconsistencies, like misspelled names, poor grammar in the text and links that don’t lead to the place they should.
For the last one, hover over a link with your mouse cursor if you’re unsure of it. In the bottom left-hand corner, you’ll see the full URL – and know if they’re sending you to a real or scam website.
2. Fake antivirus software
What it is: If you’re browsing the web and all of a sudden you get a pop up saying that your computer is now infected, chances are it’s an online scam.
In reality, these fake antivirus software ads and pop ups want you to download their free software, which will only give you a virus, malware or ransomware, among other cyberthreats.
How to spot it: Only trust virus information from your antivirus – and if you don’t have one, make sure to get one now. Be wary of any pop ups with flashy lights or that urge you to take action immediately by downloading an application.
A real antivirus solution, like will take care of your issues in the background and while it may ask you to take an action, it’ll likely only notify you once the cyberthreat has been resolved.
3. Make money easy and fast scam
What it is: We’d all like to make easy money quickly, and cybercriminals use that to prey on unsuspecting users.
These scam websites, which often say you can make a week’s worth of salary in just a few hours, lure you in with false promises. They then get you to hand over personal and financial information, often sensitive by nature.
How to spot it: A little bit of common sense goes a long way. While we all dream of being paid large sums of money in exchange for doing nearly nothing, the chances of that being real are slim.
If you’re considering a make money easy and fast scam, be on the lookout for advertisements that say it takes little to no skill to get involved, that you can set your own hours or that you need to pay to get started. If the method to earn easy and fast cash really existed, it’s unlikely it’d be widely shared.
4. Fake shopping websites and formjacking
What it is: Here’s a two-parter: there are thousands of websites out there which try to make you believe they’re the real deal and a part of your favourite brands. These websites, which are mostly unknown, try to scam you, even giving you “great deals” that are up to 75 percent off.
Similarly, groups of cybercriminals are now commonly using formjacking – a new cyberthreat that steals credit card information.
This can happen when a legitimate e-commerce website is hacked (without the owners knowing), allowing cybercriminals to redirect you to different URLs in the payment process that look similar but actually steal your information.
How to spot it: E-commerce scam websites have a few commonalities. They often have similar but not identical URLs to the brand they’re trying to imitate.
They also likely have spelling errors and unbelievable prices that you won’t find anywhere else – because they’re not real. Instead, they either ship you fake items or take your money and don’t give you anything in return.
Keeping on the lookout for formjacking is more difficult. As you enter the page to put in your credit card details, double check the URL to make sure you’re still on the exact same website that you came from.
These cybercriminals will often change the URL very slightly – like adding or taking away a single letter – to avoid detection.
5. Tech support scam
What it is: Taking the form of either a phone call or an advertisement, tech support impersonators contact a user to tell them that their computer or device is infected – often without even seeing the device beforehand.
After prompting the user to download an application that lets them control the computer remotely, these cybercriminals download actual viruses or give the illusion that something is wrong with the device. Then, they ask for money to fix the problem.
How to spot it: Know that Microsoft, Google, Apple – pick whichever company you want – will never ever call you to tell you that something is wrong with your computer.
At the very most, they may send an email saying that something is wrong with your device and that you should call them. Always double check that these numbers are the real support numbers via a Google search.
Similarly, be wary of any tech support that charges large sums of money to fix your PC or Mac. These sums often total half or more of what the actual device is worth.
Scam websites can also pay for advertising on Google to show up when someone searches for tech support, which means your best bet for getting help for your device is often contacting the manufacturer itself.