Snopes Tips: How to spot and avoid online scams

Curious to know how the writers of Snopes verify information and craft their stories for public consumption? We’ve put together a few posts that help explain how we do what we do. Happy reading and let us know what else you would like to know.

The internet has long been used by bad actors to perpetrate frauds and scams, so it’s no surprise that many of the deceptive techniques perfected (and still used) by email scammers are now proliferating in other ways. From fake Cash App payments and fake gift offers to non-existent prizes and special birthday coupons, social media platforms are currently full of fraudulent content.

A very common type of fictional message, known as “survey scampromises (but rarely offers) rewards for completing an online survey. Such scams can be relatively harmless, but they can also be tricks to steal your identity or money, or download malware onto your computer. Another type of message to be wary of is “phishing scamswhich attempt to trick users into divulging personal information such as passwords, contact information, and even bank account details. The United States Cybersecurity & Infrastructure Security Agency (CISA) has a page describing these other types of scams users are likely to meet online.

Generally speaking, it’s important that anyone who spends a lot of time on the internet can recognize when someone wants to scam you.

A useful adage

The best general advice we’ve heard for detecting scams comes in the form of an adage: “If an offer seems too good to be true, it most likely is. There is also a corollary: “Prevention is better than cure”. If you’re tempted to click when someone seems to be offering something for nothing, don’t!

Below, we’ve compiled tips from trusted sources to help you spot and avoid online scams.

Avoid social media scams

the Minnesota Attorney General’s Office offers these helpful tips for avoiding social media scams in general:

  • Don’t take the “bait”. Never click on pop-up messages, messages whose content seems shocking, scandalous or too good to be true, or links or attachments in unsolicited emails and text messages.
  • Create a strong password. This means that it is at least seven characters long and contains a mixture of upper and lower case letters, symbols and numbers. You should never give your password to someone you don’t know.
  • Do not provide your information (personal or financial) online unless you know the website you are using is legitimate, secure, and encrypted. It is also important to ensure that you are dealing with the correct entity and that you are using their real website and not a similar site created by a scammer. Also look for “https://” (the “s” stands for secure) before a web address.
  • Delete unsolicited emails and text messages that request personal or account information. The companies you do business with already have this information and do not need to verify or confirm it. In the event of a security breach, most companies contact their customers in writing to alert them to the breach.
  • Contact companies only through trusted channels. If you are concerned about an email or other message you have received, immediately call the company at its public phone number. Never trust the phone number or email address given in the message.
  • Check that the person you are dealing with is who they claim to be and not an impostor. Contact a friend or family member who can confirm the person’s story, or try to contact the real person at a phone number that you know is correct.
  • Don’t rush to send money immediately or secretly. Don’t send money by bank transfer, next day delivery, or reloadable cards unless you’re absolutely sure you’re sending money to a real friend or family member.

Avoid phishing scams

the United States Federal Trade Commission (FTC) defines phishing scams as follows:

Phishing is the use of fake emails or text messages to trick you into sharing valuable personal information, such as account numbers, social security numbers, or your login IDs and passwords. Scammers use your information to steal your money, your identity, or both. They also use phishing emails to gain access to your computer or network. If you click on a link, they may install ransomware or other programs that may prevent you from accessing your data.

Scammers often use familiar business names or pretend to be someone you know. Here is a concrete example with Netflix. Ohio police have shared a screenshot of a phishing email designed to steal personal information. The email claims that the user’s account is suspended because Netflix “is having issues with your current billing information” and directs the user to click a link to update their payment method.

Here’s the FTC’s advice on how to spot someone phishing for your private information:

Scammers often update their tactics, but there are certain signs that will help you recognize a phishing email or text message.

Phishing emails and text messages may appear to come from a company you know or trust. They may appear to be from a bank, credit card company, social networking site, online payment website or application, or online store.

Phishing emails and text messages often tell a story to trick you into clicking a link or opening an attachment.

They can:

  • say they noticed suspicious activity or login attempts
  • claim there is a problem with your account or payment information
  • say you need to confirm some personal information
  • include a false invoice
  • you want to click on a link to make a payment
  • indicate that you are eligible to register for a government reimbursement
  • offer a coupon for free stuff

What to do if you are the victim of a scam

Again, from the Minnesota Attorney General:

If you are the victim of a social media scam, follow these steps:

  • Stop all contact with the scammer and block their phone numbers, instant messages and email addresses.
  • Keep copies of all communications.
  • Report the issue to the social media website.
  • Report the matter to your local police department.
  • Report the matter online to the Federal Bureau of Investigation’s Internet Crime Complaint Center at www.ic3.gov/complaint/default.aspx/
  • Report the matter to the Federal Trade Commission as follows:
    Federal Trade Commission
    Consumer Response Center
    600 Pennsylvania Avenue NW
    Washington, D.C. 20580
    (877) 382-4357
    TTY: (866) 653-4261
    www.ftccomplaintassistant.gov

Be safe there!


Sources:

“Avoid these $750 cash app scams on Facebook and Instagram.” Snopes.Com, https://www.snopes.com/fact-check/750-cash-app-facebook-instagram/. Accessed February 25, 2022.

Common Scams | CISA. https://www.cisa.gov/be-cyber-smart/common-scams. Accessed February 25, 2022.

“‘Ellen’ Facebook Giveaway Scam Promises Amazon Gift Cards, PS5s and iPhones.” Snopes.Com, https://www.snopes.com/fact-check/ellen-facebook-amazon-ps5/. Accessed February 25, 2022.

“Archives of Frauds and Scams.” Snopes.Com, https://www.snopes.com/fact-check/category/fraud/. Accessed February 25, 2022.

“How to recognize and avoid phishing scams.” Consumer Information, May 3, 2019, https://www.consumer.ftc.gov/articles/how-recognize-and-avoid-phishing-scams.

“McDonald’s Email Scam Claims You’ve Been Selected.” Snopes.Com, https://www.snopes.com/fact-check/mcdonalds-email-selected-reward/. Accessed February 25, 2022.

“Netflix Phishing Scam: Don’t Take the Bait.” Consumer Information, December 26, 2018, https://www.consumer.ftc.gov/blog/2018/12/netflix-phishing-scam-dont-take-bait.

“No, Amazon does not give away free AirPods in a sweepstakes.” Snopes.Com, https://www.snopes.com/fact-check/scam-amazon-free-airpods-raffle/. Accessed February 25, 2022.

“Scammers Send Fake ‘In-Store’ Surveys and Impersonate Amazon: Here’s What to Watch Out For.” USA TODAY, https://www.usatoday.com/story/money/2021/11/28/cyber-monday-black-friday-scams-store-surveys/8787797002/. Accessed February 25, 2022.

Social Media Scams | Attorney General Keith Ellison’s office. https://www.ag.state.mn.us/consumer/Publications/SocialMediaScams.asp. Accessed February 25, 2022.