Not so long ago, you were considered a savvy internet user if you ignored unsolicited emails from princes in faraway lands. Now the distinction between what’s a scam and what’s a legitimate online business is not so cut and dry. From phishing schemes disguised to lure you into a fraudulent website with innocent-looking bait to malware hidden in Wi-Fi hotspots, here are seven internet scams that even the smartest people fall for.
1. THE FAKE SOCIAL NETWORK EMAIL
How it works: This phishing scheme involves receiving a fraudulent email that looks like it came from your actual social network. It may say you have new, urgent notifications or that someone is erroneously trying to access your account and you need to sign in to verify information. Click on the link in the email and you are directed to a fake website. If you sign in on that page, scammers can then hack into your real account and steal your identity, sending out spam messages to your family and friends and using personal information to blackmail you.
How to avoid it: If there are notifications you need to see on your social network, visit that page directly by typing the Web address into the URL bar or opening the network’s app on your phone. Do not click on links that are emailed to you. And set up two-step verification on all of your accounts so that if someone tries to sign into your account from a non-trusted computer, you get a notification texted to you.
2. THE UNEXPECTED ATTACHMENT
How it works: Scammers access one of your associates’ email accounts or social networks and send out fake emails or direct messages to all of his or her contacts. They often include an attachment or a link to a fraudulent file-sharing website and ask you to download a file from there. If you download the files, they spread destructive malware on your computer, locking down all of the legitimate files on your device and holding it for ransom.
How to avoid it: If you receive an unexpected attachment or link to a file-sharing website from a contact, do not open it. Instead, reach out to that contact directly—preferably via another channel than how you received it, in case they have been hacked—and ask what the file is and if he or she intended to send it.
3. THE UNEXPECTED FRIEND REQUEST
How it works: A scammer duplicates a social network profile belonging to a friend and then adds you. Once you confirm, the con artist has access to personal information that can be used to hack into your bank accounts, such as your birthday, parents’ names, and pets’ names. They can also then send out malicious links that you would be tempted to click and requests for money.
How to avoid it: Do not accept friend requests from strangers. If someone you are already friends with adds you as a friend, reach out to them offline and confirm whether or not they have a second account. Do not share private information that could be used to crack your bank’s security questions online. If you go out of town, wait until you return to post about it; you never know if one of your friends’ accounts is compromised.
4. THE FREE WI-FI HOTSPOT
How it works: A criminal sets up an open-access Wi-Fi hotspot in a coffee shop or airport that’s connected to his or her laptop. Once you join, this person has access to your computer and mines it for financial and personal data.
How to avoid it: In the settings on your computer and phone, make sure your device does not automatically join open Wi-Fi networks. Turn on the option “Ask to join new networks.” Keep your Wi-Fi turned off unless you are actively using it. If you would like to join the Wi-Fi network at a private business, ask an employee what the correct network name is before joining. If you are visiting a public place such as an airport, search the Web ahead of time to confirm the official Wi-Fi network’s name. Do not conduct financial transactions on any of these networks. If you travel frequently, invest in your own password-protected hotspot to carry with you.
5. THE POP-UP SCAREWARE
How it works: As you’re browsing the Web, a pop-up window alerts you that your computer is infected with viruses and worms. It encourages you to scan your device with a specific antivirus software program and then offers to clean the bogus bugs off for a small fee. If you download the program, it installs malicious software on your device, and these con artists then have your credit card information.
How to avoid it: Do not click on any links in pop-up ads. Install a robust, trusted antivirus program on your computer and run it regularly. Also install pop-up blockers on your browsers to prevent these scams from ever reaching you. Keep the important files on your computer backed up to an external drive, just in case.
6. THE TOO-GOOD-TO-BE-TRUE DATING PROFILE
How it works: A con artist sets up a phony dating profile with either completely made up information or photos and data stolen from a real person. He or she lures you in with messages, photos and phone calls. But they keep backing out of meeting in person and need help paying their bills this month. If you wire them money, you never hear from them again or they keep asking for more.
How to avoid it: Trust your gut. If someone keeps refusing to meet, he or she may not be real or might be interested in your wallet rather than you. Never send money to someone you met online.
7. THE HELP-SOMEONE-IN-NEED SCAM
How it works: A media-savvy scam artist sets up a crowd-funding page or charity website related to a topic that is getting lots of news coverage. It could be related to a natural disaster or a viral story about a person in need. They convince people to share the link on social media and send you emails about contributing to the cause. If you click on the link and donate money using a bank card, the scam artist can steal your bank information and drain your account or sell it to others who will.
How to avoid it: Don’t click on links you receive via email or those with suspicious Web addresses linked on social media. To donate to someone in need, search for the charity and go directly to its official site. Confirm that you are at the right place and it is secure—the URL should appear with a “https://” at the beginning—before handing over your bank card information.
Even if you’re careful, hackers and identity thieves can still swipe your personal information, so it’s always important that you stay in the know. Discover will help you to protect your identity by monitoring thousands of risky websites and alert you if they find your social security number. And it’s free for cardmembers who sign up. It won’t solve all identity issues, but it’s a good first step to putting you in the know. Learn more at www.discover.com/freealerts.