Are you safe?
Check out our best tips to make sure you stay safe online.
October is National Cybersecurity Awareness Month, and there’s no better way to celebrate than by not falling victim to a cyber scam. Here are seven common scams you might encounter and tips on how to stay safe.
The scam: Pay now or else
This scam is a classic. Using any platform they can get their hands on, scammers will pose as a trusted local company (yep, even us) and threaten to disconnect your service if you don’t pay them now.
While you may get courtesy calls from utilities letting you know your account will be disconnected, scam callers are typically very threatening and demand payment on the spot. They insist you provide your banking or credit card information over the phone to a person rather than through a secure phone payment system. Sophisticated scammers can even use special software to make their phone number appear as one of your contacts, a business name, or a local area number. This is called spoofing. Always hang up and call the utility or account in question directly.
The same rules apply to email. Even if you recognize the sender’s name, double-check the sender’s email address by hovering over it or expanding it. Scammers will often use an email address that is just one letter off from a legitimate business email. These fake emails typically have generic greetings like Sir/Madam, an immediate link to another place to enter your personal information, spelling and grammar mistakes, and even unsolicited attachments. Hover over any hyperlink – don’t click – to see where the URL is directing you. Never forward these suspicious emails. Report them as spam and delete them. If you are unsure, call or email the utility or account in question directly.
The Scam: Catfishing
By definition, catfishing involves a person using information and images to create a false identity for themselves on the internet. While you’ve probably heard of catfishing primarily as a problem with dating apps, it can be far more sinister.
Some people craft false identities online due to personal insecurities or the desire to be seen differently. And while these situations are often emotionally painful for the person on the other end, they are not cyber threats. So, how do catfish scams work? After stealing someone’s identity or creating a fake one, a catfish tricks others into communicating, associating, and doing business with them. Victims will believe they are talking to someone they know or have a relationship with and give up sensitive and financial information. A catfish might stop there, but they can also use this information to develop larger cyber-attacks against a business or organization you are associated with.
Spend a few extra minutes checking to make sure that the person at the other end of the keyboard is who you think it is. Social media accounts with few followers and friends and an aversion to meeting in person or talking over a video or voice call are signs you are being catfished. These scammers will even ask for money at a stage in the relationship that doesn’t seem appropriate. Don’t overshare your personal information with strangers. Be suspicious of correspondence from people you aren’t familiar with, like friend requests, emails, and direct messages.
The Scam: Oops, I overpaid you
This scam predominantly targets local sellers and freelance workers. You’re selling an item online, and the buyer sends you a check for much more than your asking price. Likewise, you’re contracted to do a job, and the client sends you a check for much more than the agreed amount. In either case, the scammer is depending on you to reach out and let them know that they overpaid. They apologize and ask if you can refund them the difference, most often by money wire. You’re a good person, so you do. The problem comes later when their check doesn’t clear because it wasn’t real, and you’re out the cash. Almost all of this communication will take place – you guessed it – online.
Never refund any payments until a check has cleared the bank. It’s also OK to not accept check payments if you’re selling something – cash or payment through a secure banking app like Venmo, PayPal, and Apple Pay are widely available and commonly used. If you’re a freelancer, require a discovery call before any project so you can get to know your client and meet them on video beforehand. Scammers won’t want you to see their faces.
The Scam: Online Predators
We all know that not everyone is who they claim to be on the internet, but the most horrifying of these criminals are online predators. These predators target children through social media networks, gaming platforms, and messenger apps. After establishing a relationship with a child online, predators will push the child to engage in increasingly risky behavior, from sending selfies to an in-person meet-up.
Talk to your children about online predators. Make it clear that men and women, from teens to adults, can pretend to be kids online and befriend your child. Talk about risky online behavior, including sending inappropriate photos, joining in on a viral challenge, keeping an online relationship or behavior secret, and chatting privately with strangers.
Like all predators, online criminals will groom their victims by progressing their conversations from kid appropriate to sexually explicit requests. Make it clear to your child to come to you with any questions or worries; if they do, don’t get mad. Help them do the right thing.
Help your child understand what behavior is acceptable online and what isn’t by talking with them. Here are a few resources to help you get the conversation started:
Internet Safety 101 - https://internetsafety101.org/predatorsrulesofengagement
Child Rescue Coalition - https://childrescuecoalition.org/educations/what-to-do-when-a-child-predator-contacts-your-child/
The Scam: Congratulations! You won a contest you didn’t even enter
This scam often comes as a pop-up, email, or even phone call. Pop-ups that contain too-good-to-be-true prizes are just that – too good to be true. Instead, they are a ploy to capture your information for illegal use or install a virus on your device (computer, smartphone, laptop, tablet).
The same is true for emails and phone calls. Remember, if you didn’t enter a contest, you probably didn’t win it! And if the first step to winning a contest is to provide personal and financial information, you know it’s not legit. Never pay money or give out sensitive information to claim a prize.
There are many legitimate giveaways and raffle programs offered by many legitimate businesses, Elevate included. Scammers may even try to use the names of businesses and organizations you know to trick you. No genuine company will ask you to pay money to claim your prize, and if you’re still unsure, contact the company directly to speak with their staff. Be sure to look up the company’s contact information on your own, and don’t rely on what’s included in the email or pop-up or by the caller.
The Scam: Here, Phishy, Phishy
Email phishing scams come in all shapes and sizes: fake invoices, account expirations and upgrades, fake google docs, bank account issues, IRS refunds, and a few generous foreign princes looking to offload some cash. Regardless of which scheme they’re using, scammers are looking to get you to click on a link or attachment to gain access to personal details and banking information or install a virus on your device.
A few obvious red flags tell you an email is a scam: generic greetings and closings, grammar and spelling errors, unsolicited attachments, emergency or threatening language, and unfamiliar hyperlinks. But not all scam emails are this easy to spot, so always double-check the sender’s email to ensure it is coming from a verified source. The same rings true for any links included within a suspicious email – you can view the URL by hovering over the link with your cursor without clicking.
The Scam: The IRS is out to get you
There are too many scams involving impersonating the IRS to count. Seriously, don’t believe us; just check this link out: https://www.irs.gov/newsroom/tax-scams-consumer-alerts.
One of the most common schemes out there involves criminals calling and posing as IRS agents or using pre-recorded calls “from the IRS” stating there is an issue with your tax return. The IRS won’t call you. Period. Hang up and report the scam to the IRS via email to email@example.com.
These IRS scams will also land in your inbox as phishing emails. Forward any scam email involving the IRS to firstname.lastname@example.org.