How Do You Know If Someone is Scamming You?
Whether you’re looking for love on an online dating site, shopping on Facebook marketplace, or applying for a job on LinkedIn, there’s always a risk that you’re getting scammed.
But just how bad is it?
Imposter scams — where fraudsters pretend to be someone they’re not — were the second most common type of fraud in 2021. Imposters made off with more than $2.2 million this year, according to the Federal Trade Commission (FTC) [*].
That’s almost double the amount of reported scams from the year before.
It’s not always easy to know if who you’re dealing with online is really who they say they are. In this guide, we’ll cover the most common scams to watch out for, how to recognize and outsmart a scammer, and what to do after you’ve been targeted.
5 Common Ways Scammers Target You Online
- Romance scams
- Phishing scams
- Online shopping scams
- Crypto scams
- Social engineering attacks
Online scams range from classics — like the Nigerian Prince offering millions if you help him get money out of the country — to the advanced. Here are some of the most common online scams to beware of.
1. Romance scams and fake online dating profiles
Romance scams are when criminals create fake profiles on online dating sites or dating apps with the hope of starting a relationship with you. Online dating scams prey on your vulnerabilities to create a quick emotional connection they can profit off. For example, in military romance scams, fraudsters pretend to be stationed far away and unable to meet in person. But that won't stop them from quickly building an online relationships and telling you they love you.
Once a scammer has you “hooked” in an online relationship, they’ll start asking you to send them money, gift cards, or expensive gifts. If you catch on, they’ll delete their accounts and vanish.
💡 Related: How To Spot a Scammer on a Dating Site or App →
2. Phishing emails, texts, calls, and websites
The scammer might even impersonate your boss and ask you to send them your log-in information for work.
Any information you send — like account passwords or credit card numbers — will go directly to the scammer and can be used to steal your identity. If you click a link, you’ll most likely download malware or ransomware onto your devices.
3. Online shopping scams
Shopping online isn’t inherently dangerous. But even sellers on major platforms like Amazon can engage in online scams. In one example, a seller pretends to sell luxury goods at a steep discount — usually over social media sites like Instagram or Snapchat (and often using hacked accounts to avoid suspicion.)
But even though you receive a confirmation email and payment is withdrawn from your account, nothing shows up. Or if it does, it’s not what you thought you were paying for.
4. Cryptocurrency scams
Plenty of people have become overnight millionaires through investing in cryptocurrencies like Bitcoin. But cryptocurrency is also rife with scams; nearly 15 scams are deployed ever hour [*].
Cryptocurrency scams can happen when someone tricks you into giving them access to your online wallet and steals your coins. Even worse, recently there has been a surge in fraudulent crypto recovery services, where scammers claim to help you recover lost crypto but really steal even more from you.
In other scams, you might get contacted by someone claiming to have insider information about a new Initial Coin Offering (ICO). But after the initial rise in value, the coin's value plummets, with the scammers getting out at the top. Be especially careful if you regularly use Telegram, as crypto scams have been running rampant on the platform in the past years.
5. Social engineering attacks
Nearly every type of online scam relies on a form of social engineering.
Social engineering attacks occur when scammers take advantage of your emotions to manipulate you into giving up money or sensitive information that can be used for identity theft and fraud.
One of the oldest examples is the Nigerian Prince scam. In this fraud, scammers send an unsolicited message with an emotional plea for help.
If you can help the Prince (or a government official) remove vast sums of money from the country, they’ll reward you with a percentage. All you need to do is wire them money to cover the legal costs or to pay for bribes.
Any message like this is a scam and should always end up in the trash.
How To Spot a Scammer: 10 Warning Signs
- Use authority to build trust — Online scammers use organizations and names you trust to lower your guard. Beware of anyone who messages you out of the blue and claims to be from the IRS, government, or a major company.
- Prey on your emotions — Online dating scams are especially notorious for preying on your emotions. A scammer will quickly tell you they’re “falling in love” and get you to say it back. The same goes for charity scams (like veterans charity scams) where fraudsters claim to be victims in need.
- Create a sense of urgency — Online scammers know they need you to act quickly before you realize what they’re up to. They’ll often create a sense of urgency to stop you from first checking their claims.
- Be threatening and aggressive — Along with love and urgency, threats are another way online scammers convince you to do what they say. Often, a scammer will pretend to be from the police or FBI and claim that a warrant will be put out for your arrest if you don’t comply.
- Contact you unexpectedly — One of the easiest ways to spot a scammer is if they contact you first. If you receive any message, phone call, or email from someone you don’t know, verify they are who they say by contacting their agency or business directly.
- Ask for sensitive information — Scammers will pretend to be from your bank and ask for your PIN or online passwords to “secure” your account. But legitimate financial institutions will never do this.
- Overpay for goods or services — A common aspect of online shopping scams is if someone offers more than you’re asking for a product. In these cases, they’ll send a fake PayPal receipt and ask for you to wire back the overpayment along with their product.
- Overpromise on what they can deliver — Scammers use our desire to find a good deal against us. If something or someone seems “too good to be true”, there’s a good chance they’re trying to scam you.
- Try to be personal but something is off — Online scammers will pretend to be a friend or family member to quickly gain your trust. But they aren’t. Don’t trust a message just because it comes from an account you recognize.
- Force you to use unusual payment options — Most online payment options protect against scammers. If someone pushes you to pay them through an untraceable or non-reversible option, it could be a scam. This includes wire transfers, gift cards, and cryptocurrency.
These are the most common characteristics of online scammers. But not every scam is the same. Here’s how to identify a fake online dating scam, phishing message, and online seller (or buyer).
How To Identify a Fake Online Dating Account (Catfishing)
- Their account is a “perfect match” — Be wary of people with magazine-quality photos or who look like supermodels. Catfishers will use attractive photos to try and snare you in their scam.
- They don’t have an online footprint — If you Google their name and don’t find much, you could be dealing with a scammer.
- Their social media accounts look suspicious — Sometimes a romance scammer will create fake social media accounts to get you to believe their dating profile is real. Look for anything that feels off, such as a low friend count, no recent posts, or only the same photos as on the dating site. The average Facebook user has 338 friends.
- They come on strong and tell you they love you — Dating scammers will try to quickly get you emotionally invested. If they tell you they love you within a week or two and try to get you to message them off the platform, it could be a scam.
- They won’t go on video chat with you — A fake online dating account will only message you. If you make plans to video chat, they’ll always have an excuse to fall back on (i.e., they can’t make it or their webcam is broken).
- They live far away and are unable to visit — Scammers will often tell you they are in the military or working with an international organization. But not being able to meet in person is a huge warning sign. This is especially true if you can’t see them on a video call either.
- They ask for money or help with family problems — Catfishing often evolves to financial fraud. If someone starts asking for expensive gifts or cash to help with unexpected expenses, they’re probably trying to scam you.
What to do if you think you’re being scammed on a dating site
The easiest way to avoid being scammed with a fake online date is to never send money, gifts, or sensitive information until you meet in person.
If you think you’re dealing with a scammer, stop communicating with them immediately. Go to Google and do a reverse image search of their profile picture. If it’s associated with other names or comes up on a stock image site, it’s a scam.
Once you know they’re fake, report their account to the dating site or app you’re using. If you sent them money or gave them access to your accounts, contact your bank immediately and talk to their fraud department. You might also want to sign up for identity theft and credit monitoring to alert you of any potential fraud.
You can also report the scam to the FTC at ReportFraud.ftc.gov.
How To Identify a Phishing Scam
- Incorrect spelling or grammar mistakes — Look for strange phrases or misspelled words in emails, texts, and on websites. Scammers often make basic mistakes that an official organization wouldn’t.
- Sent from an unofficial email account (like Gmail) — The IRS and other organizations have official email addresses. If the “From” email address is from Gmail, Outlook, or others, it’s a scam.
- The “From” name and email address don’t match up — Hover over or click on the “From” name to see their email address. Scammers will often try to mask who they are by using an official name. But they can’t fake their email address or phone number as easily.
- They ask for sensitive information over email or text — An official business or organization will never ask for PINs or Passwords over email, text, or on the phone.
- Threatens legal action if you don’t comply — Again, legitimate companies won’t threaten you. If legal action is going to happen, they’ll contact you in an official manner (like through the mail).
- Contact you out of the blue — Unsolicited messages and calls have a good chance of being a scam. If you’re unsure, ask for a reference and then respond through the company’s official channels to make sure they’re legit.
- Asks you to click a link or download an attachment — Beware of any link, file, or QR code in an email or text. Scammers will often disguise malware as fake invoices or other documents. Don’t click on them. Instead, ask for where you can find the required documents on their website.
- Isn’t using a “secure” website — Secure websites use “https://” not “http://” and will have a padlock near the URL. If a site is unsecured, that means a scammer could steal your financial information, Social Security number, or any other sensitive data you input. (Be especially cautious with your SSN as it's not always possible to change your Social Security number – even after identity theft.)
- Poor website or email design — Bad design or poor functionality isn’t always a sign of a scam, but it should put you on alert.
- You can’t find any contact information — Scam web pages won’t have any other way of contacting the company, such as phone numbers or support email addresses.
What to do if you think you’re being phished
Phishing attacks can be brutal, especially if the scammer manages to get malware or another virus onto your device.
If you think you’ve opened a spam email or engaged with another phishing attack, check your online accounts for warning signs of identity theft.
Then, secure your accounts by changing your passwords, enabling two-factor authentication (2FA), and using a password manager. You might also want to install antivirus software that can scan for malware and protect you from phishing sites.
You can report phishing scams to the FTC. If you get an email, forward it to firstname.lastname@example.org. If you got a phishing text, forward it to SPAM (7726). You can also report the attack at ReportFraud.ftc.gov.
How To Identify an Online Shopping Scam
- The deal is too good to be true — Items that are posted for significant deals are usually scams. Or at the very least, not actually what’s listed.
- There are typos and errors in the product description — Mistakes happen. But multiple errors on a listing can be a sign that it’s a scam.
- The site is unsecured — Look for “https://” not “http://” and a padlock near the URL. Secured sites are safe to enter your financial information. If the site is unsecured, a scammer could access your bank account or other information.
- They only accept wire transfers and other non-reversible payments — If a seller asks you to wire money or send a gift card, they could be trying to scam you.
- Sellers won’t meet in person — When shopping on Craigslist or Facebook Marketplace, always try to meet in person and view the product. There are tons of scams that rely on shipping products.
- They send you low-quality photos — Some scammers will doctor photos to trick you into paying more than you should. One example of this is a car title scam where fraudsters change the documentation for a used vehicle.
- Buyers send you prepaid shipping labels — If you’re selling online and a buyer offers to send a prepaid shipping label, it’s a scam. They can change the shipping address after you send it out and then claim they never received it.
- A buyer overpays for your product — If someone offers you extra money, they’re most likely trying to scam you. They’ll normally ask you to refund the extra with a gift card or wire transfer and then disappear. Later, you'll find out that the original payment was fraudulent.
- Asking for a deposit or prepayment — Sellers who ask you to send them money to “hold” an item could be doing the same to tens or hundreds of other people. Don’t send money until you see the item and are picking it up.
What to do if you think you’re being scammed while shopping online
- If you see any warning signs, break off contact with the seller (or buyer). If they’re on a platform like Facebook or Amazon, report them and try to get their account removed.
- If you’ve already paid a scammer, you still have a few options.
- If you paid with your credit card or debit card, contact the issuer and tell them it was fraud. If you sent a wire, you can contact the wire transfer company and they might be able to reverse the transfer.
- If you paid them through PayPal, Cash App, Venmo, or a similar app, contact their fraud department.
How To Report Online Scams
The best way to reduce your chances of getting scammed in the future is to report online scams when they happen to you.
The Federal Trade Commission (FTC) offers an online complaint assistant you can use to report fraud and different types of identity theft. You can also elevate your complaint to the FBI’s Internet Crime Complaint Center at www.ic3.gov.
If you lost money or gave up sensitive information, you can file a police report and report the identity theft to the FTC at IdentityTheft.gov.
📌 Were you a victim of fraud? Follow our fraud victim's checklist for step-by-step instructions on how to recover from fraud.
The Bottom Line: You Can Outsmart Online Scammers
We put our faith in others when we engage with them online. And there’s nothing worse than not knowing if someone is scamming you or not.
But with a bit of due diligence, you can protect yourself, your money, and your online accounts from online scammers. Identify the red flags of a scam and then do everything you can to stay safe. If you want peace of mind, consider Aura’s identity theft and credit monitoring service.
Aura actively monitors your accounts, bank, credit, and devices for signs of online scams and frauds. We’ll let you know of any suspicious activity on your accounts, block malware and phishing sites, and tell you if your identity has been compromised in any way.
And if the worst happens, you’re covered by a $1,000,000 insurance policy for eligible losses due to identity theft.