You’ve probably seen spam emails that tell you you’ve won money or a prize, or warning you about your subscription ending. Usually these are easy to identify as spam because the sender email includes a non-professional address or a bunch of random numbers, there are multiple typos or incorrect grammar, and you don’t actually have a subscription to the supposed service. 

Online fraud is a widespread problem, and hackers are getting more sophisticated in their tactics. Even if you’re hypervigilant, have all the security protocols in place, and rigorously validate any suspicious looking emails, there are constantly new criminal strategies being used to hack vulnerable parties or systems. You might be safe — but it’s always best to be prepared and knowledgeable. If you have colleagues, friends, or family members who are not as tech-savvy, you can share your knowledge to help them stay safe online.

What kinds of fraud should you be on the lookout to avoid? Here are three common scams to watch out for.

Spoofing

Don’t fall victim to a spoofing attack. Spoofing is when a criminal party pretends to be a legitimate organization, and masks its identity. Scammers can claim to be your insurance company, a government organization, or your bank. Spoofing aims to steal sensitive, personal information such as social security numbers, dates of birth, bank account numbers, or credit card information. Because of sophisticated technology, spoofing can look like legitimate correspondence, since the scammers can override caller ID and other security measures, thus the term “spoof.”

How to prevent it: If you get an email or text claiming to be your bank, never click any links. If you receive a phone call, tell the person you will call the bank back, then hang up and contact your bank directly. This is smart for any suspicious interactions — or even legitimate ones. If you’re not sure, tell the person you will call the business or bank or person back directly to confirm their identity. 

Phishing

Phishing attacks work by embedding links in an email or asking for identifiable information, passwords, account numbers, or other sensitive data that can be used to hack your personal accounts. How to recognize a phishing scam? Watch out for claims that there is “suspicious activity” on your account. Other tactics include fake invoices, direct links, or notifications asking you to confirm your personal identification or password. A legitimate company will never ask you to send your password over email or text message, nor ask for it via a phone call. 

How to prevent it: Try not to act immediately — scammers rely on heightened emotions to override suspicion. If you’re not expecting communication from a company, you can always log into your account manually and check the validity of the message. Another good tactic is to enable multi-factor authentication. This requires any sign-in or activity on your accounts to be double-checked, usually by using an authenticator app or entering a one-time code via text or email. 

Social Media Fraud

With social media booming, fraud such as impersonation or account theft can do serious damage to an individual’s or business’s reputation. False accounts claiming to be you can mislead people, and the impersonation accounts usually try to discredit the original user through abuse, fraud, trolling, or libel. Social media fraud can also let scammers trick people into buying fake goods or services by placing ads, phishing links, and potentially asking for email addresses.

How to prevent it: Don’t give out personal information on a social media platform. If you are expecting a legitimate interaction with a company or government body, then it should come through official channels such as email or post. Most scammers try to pressure you into acting immediately; resist the urge and investigate the source before you click any links or send money online.

Final Thoughts

Staying safe online requires you to be up-to-date with your personal security and regularly updating your passwords. Scammers rely on seeming friendly or urgent to get you to act in an intensely emotional state — be strong! You can stay safe with a bit of skepticism and knowing what signs to look for to identify fraud.