A scam is when someone tries to deceive you into giving them money or personal information. Scams have been around forever, but they've surged online where scammers can easily imitate people and businesses. Learn to identify common online scams and how to protect yourself from scammers. Then, get an online security tool to help defend your devices with powerful anti-scam technology.
A scam is a deceptive scheme where someone tries to trick you into giving them money, valuables, or personal information. Scams are a form of fraud. They are illegal and are considered a form of theft when they result in the loss of money or assets.
Scammers often use social engineering tactics to manipulate their victims. They may lie to you, make a false promise, or imitate someone you trust. Today, online scams are by far the most common type of scam, and they’re increasing.
Scam and spam might sound similar, but they are different. Spam refers to messages that usually target the masses and aren’t tailored to individuals — they can be emails, texts, calls, or social media messages. They’re annoying, but usually harmless and legal.
But, some spam messages may also include scams. For example, if a scammer steals email addresses in a data breach, they might try to perpetrate a scam by sending a spam email to a large number of people, complete with a malicious link.
The list of online scams is constantly growing, and many existing scams are becoming more sophisticated and harder to detect as technology evolves. Learning to identify the different types of scams is a key step in protecting yourself against them.
Here’s a list of the most common scams that occur today:
Phishing scams happen when a scammer sends you an email pretending to be someone you trust. They might imitate a coworker, your bank, a friend, or an authority figure, such as a police officer. They typically ask for your personal information or money. Other types of phishing are smishing (via text message) and vishing (via phone call).
Scammers often use spoofing in phishing scams, where scammers mask email headers, phone numbers, and other identifying information to make their schemes more believable. They can recreate a logo to look real or spoof a caller ID to read the name and number of a trusted organization.
Amazon and USPS scams are common examples of phishing scams. Amazon scams may claim there’s a problem with your account and you need to verify your personal details. USPS text scams may claim that in order to receive a package you need to update your address via a (malicious) link.
In a sweepstakes or prize scam, a fraudster contacts you saying you’ve won something. They could invent a fake draw or spoof a message from a well-known company like the National Sweepstakes Company.
Scammers usually say that you need to pay a fee, shipping costs, or admin fee to release your non-existent winnings, which a legitimate lottery or prize organization would never do. Be careful — they could also be after your personal information to run future scams and trick you into handing data over. Never offer up money or sensitive data to an unsolicited request; and if you haven’t entered a competition, the “winnings” are almost certainly not real.
SIM swap scams involve a scammer transferring your phone number to a new SIM card they fraudulently ordered. They can do this by pretending to be you and asking your mobile provider for a SIM replacement.
With your number, the scammer can intercept calls and messages sent to you. This means they can receive two-factor authentication (2FA) codes and messages sent to your phone, which could let them access your accounts.
A bait and switch scam is when a scammer advertises a great deal, then replaces the product or service with something inferior. Or, they may claim that the item is no longer available at the time of purchase and offer pricier options. This scam is common in online shopping.
For example, a scammer might advertise a MacBook Air at 50% off the retail price. When you try to take advantage of the deal, you can’t purchase that laptop, but you can conveniently purchase a MacBook Pro at near-full price.
Legitimate multi-level marketing (MLM) programs are legal in the US. But MLM scams are really pyramid schemes masquerading as MLM programs. A legitimate MLM involves participants selling products or services to friends, relatives, and acquaintances, and recruiting others to join the sales force. A fake MLM program rarely sells anything and the scheme relies on recruiting more and more members who buy into the “business.”
Some warning signs that a business venture is really an MLM scam include:
The potential profits advertised are too good to be true.
The products or services are illegitimate, fake, or nonexistent.
Upfront fees are required to join the business.
A webcam scam is when a fraudster contacts you and says they recorded an embarrassing or incriminating video of you over your webcam. They might then extort you for a large sum of money (often cryptocurrency) in exchange for not publishing the video online or sharing it with your contacts. In a webcam scam, there is no video, only the fear of one existing.
That’s not to say hackers can’t hijack your computer’s webcam to spy on you and blackmail you — this is known as webcam hacking. To do this, they often infiltrate your device with malware, sometimes using phishing scams. Once they have control, they can turn your webcam on remotely and record you without your knowledge.
Tech support scams typically begin by scaring you into thinking your computer has a virus or needs urgent repair. You might see a fake virus notification pop up with a phone number to call, or a scammer may call you pretending to be from a reputable company like Microsoft. Their goal is to scare you into giving them money or personal information.
When you speak to the fake support person, they’ll either ask for remote access to your device (and infect it with malware), encourage you to buy an antivirus to get rid of a supposed malware infection (you either receive no software or “antivirus” laced with malware), or ask you to confirm personal details that they can use in a future scam or to steal your identity.
Tech support scams often try to trick you into calling a fake helpline.
Fake antivirus software is malware masquerading as antivirus protection. Scammers use fake virus warnings and scareware to trick you into thinking your device is infected.
These messages often tell you something very bad will happen if you don’t download the antivirus software urgently. Once you download the malware, the scammer may be able to access your personal information, webcam, and more.
Only download antivirus software from a reputable cybersecurity company — either directly from their website or an official app store. AVG AntiVirus Free is an award-winning antivirus tool that can help protect your devices. Each month, we help stop over 1.5 billion cyberattacks around the globe. Download it now and start protecting your device against dangerous scam web pages and other online threats.
Social media scams are scams that happen on social media platforms like Facebook, Instagram, and X (formerly Twitter). Scammers use different tactics to deceive people on these platforms, such as creating fake profiles, sending phishing messages, and creating clickbait posts.
Many online scams, such as dating scams, also begin on social media platforms. There are also social media-specific scams like enticing quizzes that lure users into sharing personal information and perhaps forwarding the quiz to their contacts or reposting it. Scammers can also create fake profiles to receive donations for a made-up medical issue or fake charity.
Dating scams, or romance scams, happen when scammers take advantage of people looking for love or companionship online. They do this in a number of ways, but most involve creating fake dating profiles on dating websites or apps. The goal is to build trust quickly, then ask for money — for an emergency that pulls at the victim’s heartstrings or to buy a plane ticket to visit them, for instance.
Sugar daddy scams often start over social media and involve a scammer with a fake profile contacting a target, offering to be their sugar daddy and pay them for doing very little. This scam also involves the scammer asking for money. Usually, they say they need to verify the sugar baby’s account details or their sincerity, which they can do by paying a small amount to the sugar daddy.
When scammers create fake identities and develop relationships with real people, it’s called catfishing. They usually do this by using attractive photos from another person’s account and inventing a fake persona that’s irresistible.
Crowdsourcing scams are fake crowdfunding campaigns. Popular crowdfunding sites like Kickstarter and GoFundMe are platforms where people can ask a large audience for money. They might do this to raise money for a project, support a charity, or ask for assistance covering medical care.
Scammers prey on the generosity of others by setting up a campaign under false pretenses, collecting the money, and disappearing.
For example, a scammer might pose as a software developer and set up a crowdfunding campaign to fund their new app. They might promise supporters lifetime access to the app and a bunch of other perks. But in the end, the app is never developed and the scammer is never heard from again.
Rental scams happen when scammers post fake rental properties online and try to solicit money from hopeful renters. Scammers advertise properties they don’t own or that don’t even exist. Then, they’ll pressure victims into paying a deposit or the first month’s rent in advance.
Once the money is transferred, the scammer disappears. Sometimes, victims don’t discover until moving day that their dream apartment was never available.
Rental scams commonly take place on social media. However, they can also happen on more regulated apartment rental sites and even vacation rental apps like Airbnb.
Online shopping scams can be in the form of a fake website, a fake ad, or a shop in a genuine online marketplace. The aim is to get your money or personal information. If you’re a buyer, watch out for unbelievable prices — the item may not exist or the seller might run a bait-and-switch scam and send you something inferior.
Also, never trust a seller who wants to take the transaction off a marketplace, as you’ll likely lose any buyer protection available. This is how some Cash App scams or Venmo scams happen.
Advance fee scams promise victims a large reward like a loan, inheritance, prize, or business opportunity after the victim pays a much smaller fee.
For example, you might receive an email informing you that you’ve inherited $50,000 from a relative overseas with no immediate next of kin. The catch is you have to pay for legal fees or documentation to receive your share.
ATM skimming scams happen at cash machines where fraudsters install card reading devices on real ATMs. When you insert your card, the illegal card reader collects your card information. Know how to recognize fake card readers to help avoid ATM scams.
Some scammers also set up hidden cameras to steal your PIN code. With your card info and PIN, they could duplicate your card and withdraw money from your account.
Quishing scams are when scammers use fraudulent QR codes to take victims to malicious websites or request payments. Scammers can do this by replacing real QR codes with scam QR codes or including a fake QR code online or at a physical location.
For example, you might have the opportunity to pay for parking or event access using a digital QR code or a QR code sticker. Scammers will replace these codes with their own. So, when you think you’re buying a ticket, you’re actually sending money to a scammer.
Scammers might also print QR codes and place them on ads, movie posters, or magazines. Victims think that these QR codes are legitimate and follow them to malicious websites.
Student loan forgiveness scams promise a huge reduction or forgiveness of student loans in exchange for a small upfront fee.
Scammers might impersonate legitimate loan servicers or government agencies to get you to trust them. They’ll describe your loan forgiveness in detail, then ask for a small processing fee. Upon payment, you’ll lose your money and your debt will remain unchanged.
While there are different scams out there, most have a few things in common. For example, all scammers will ask you to give them something — usually information or money. If you learn to identify a scam, you can help avoid becoming a victim.
Ask yourself these questions to help identify scam red flags:
Do I know the person contacting me? If you don’t, they might be a scammer.
Is their communication unexpected? Scammers try to catch you off guard with unexpected messages and lure you in with enticing offers.
Is this person’s email address or phone number suspicious? If you get a suspicious text supposedly from someone you know, cross-check it with the contacts in your phone. Or, if it’s from a business, check the email address or phone number on the official website to see if it’s legitimate (but remember it could be spoofed).
Is this offer too good to be true? Offers that are too good to be true hijack your common sense and entice you to take a risk.
Am I being pressured to act urgently? Scammers use fear to pressure you into acting without thinking. For example, they might tell you that you need to pay a $50 account maintenance fee or your account will be permanently locked after a certain amount of time.
Are they requesting my personal information? Real organizations rarely ask for your personal information, and they never ask for login credentials (such as passwords).
Am I being asked to move to another platform? Scammers often hunt for victims on secure platforms, such as Facebook Messenger. Soon after, they ask to move to other platforms to chat or finish a transaction, so they can commit their crimes more easily.
Is the payment method non-traditional? Traditional payment methods, such as credit cards and PayPal, are traceable and come with payment protections. Scammers don’t like these. They usually ask for payment in cryptocurrency, gift cards, cash, or wire transfers.
If you realize you’ve been scammed, take action immediately to control the damage. Here are the first steps to take after getting scammed:
End contact with the scammer: Stop talking to the scammer and block them. This will prevent them from threatening you and making the situation worse. However, before blocking them, save a complete log of your communication with them.
Report the scammer: Report the scam to the relevant authorities like the FTC (at reportfraud.ftc.gov). Then report it to the platform where the scam took place.
Contact your financial institutions: Call your bank and credit card companies to inform them of any lost funds — they may help you recover them. If you haven’t lost any money, but the scammer knows your card or banking details, still contact your bank or credit card provider to block your card, put fraud alerts on accounts, and enable other prevention measures they have in place.
Freeze your credit: Call the three major credit agencies (TransUnion, Experian, and Equifax) to request a credit freeze. This helps prevent anyone (including you) from opening new lines of credit in your name.
Change your passwords: Update login credentials and use strong passwords for all your accounts. Then, store them in a password manager to help you keep them secure and all in one place.
Scan your devices for malware: If you’ve been scammed, there’s also a chance your device has been hacked or infected with malware. Perform a virus scan to identify any infections and vulnerabilities. If your device is infected, run an antivirus program like AVG AntiVirus Free to help find and remove viruses on your phone or computer.
Scammers target vulnerable people, but they also target vulnerable devices. Computers and mobile devices with low security can make you an easy target for hackers. Hackers want to infect your devices with malware to make their scams easier to perpetrate.
For example, malware, such as adware, makes it easier to scam you into buying fake antivirus software, and spyware helps scammers observe you while they plan their attack.
The following cyber hygiene tips help keep your devices safe from hackers, scams, and malware:
Visit secure websites (HTTPS): Only visit secure websites that begin with “https://” before the name of the website. This indicates that the transmitted data between you and the site is encrypted. Websites beginning with “https://” are not secure. But be aware that scams still exist on HTTPS sites so use the following safety precautions, too.
Don’t download suspicious attachments or click unknown links: If you receive a spam email or an unexpected message with a link, don’t click it. And never download attachments sent from unknown sources. This is a classic way to get a malware infection, like Trojans and ransomware.
Update your software and operating system regularly: Software updates include vulnerability patches that help prevent scammers and hackers from exploiting your devices. Update your software often to keep its security strong.
Don’t access sensitive information on public Wi-Fi: Public Wi-Fi networks are less secure than private networks. Hackers who log into the same public Wi-Fi network may be able to see your activity through a man-in-the-middle attack. If you access sensitive information, such as a bank account, hackers may be able to steal your passwords and account information.
Use a VPN: A VPN hides your IP address and your online activity, which makes it much harder for scammers to find you online or view your activity. Using a VPN is essential when accessing public Wi-Fi.
Use robust security tools: Some web security tools such as antivirus software offer anti-scam protection 24/7. They work in the background, scanning your devices for malware and monitoring the web for suspicious activity to help keep you and your devices safe.
Learning to identify scammers’ tricks will keep you safer online. And, using antivirus software like AVG Antivirus Free will help protect your devices from malware that can expose your personal information. Download AVG AntiVirus Free today for real-time protection against scam websites, infected emails, and other online threats.
Privacy | Report vulnerability | Contact security | License agreements | Modern Slavery Statement | Cookies | Accessibility Statement | Do not sell my info | | All third party trademarks are the property of their respective owners.
