What is a Scam?

  • June 14, 2022
What is a Scam?

Sure — as a security-minded website owner you’re probably already using a VPN to protect your privacy, managing app permissions to protect your phone, making sure your browser is blocking third party trackers, and enforcing strong passwords for all of your databases and user accounts. But personal security extends well beyond the scope of protecting your cellphones, computers and websites.

In today’s post, we’ll be raising awareness about what scams are, why you should care, and how to protect yourself against scammers.

So, what is a scam?

The term scam is broadly used to describe a scheme or fraudulent business that aims to take money or goods from unsuspecting individuals.

Online scams have rapidly increased to target unsuspecting victims with the exponential growth of the internet. And while webmasters may be aware of online scams that can harm their websites, such as phishing, the truth is that scams and misinformation target a wide range of users.

Scams can come in a wide range of formats, shapes, and sizes including:

  • SMS scams
  • Tech support scams
  • Deceiving pop-ups
  • Phishing
  • Donation scams
  • Catfishing
  • Sextortion
  • Cold calls
  • Online surveys
  • Cryptocurrencies
  • Employment scams

All of these different types of scams share a common element: they center around stealing money, property, or sensitive information from a victim.

What’s more, targets can range from the elderly, to busy professionals and even tech-savvy millennials.

For example, our remediation team here at Sucuri regularly encounters malicious JavaScript redirects on compromised websites that lead to scam pages. At times, these redirects hijack legitimate web traffic to send visitors to the scammers own destination — which means any of the website’s own visitors could fall victim.

Whether they arrive in the form of an email, SMS message, phone call or in person, scams can pose a significant threat to a person’s finances, personal information, or even credit ratings.

You can learn more about all the different types of scams from our latest guide on how to stay safe against scams.
Read the full Scam guide

Why you should care about scams

Here’s a couple of prime reasons why you should care about getting scammed.

Loss of personal information

One of the most obvious reasons to avoid getting scammed is to protect your privacy and personal information.

For example — in recent years, scammers have used unsolicited cold calling to extract sensitive information from prospects. They may pretend to be the IRS requesting your Social Security Number or a bank trying to verify contact information to offer a “refund”.

Either way, it’s important to verify the legitimacy of any caller before providing your personal information. When in doubt, hang up.

Loss of money

We work hard for our money, right? A large majority of scams attempt to trick people out of their hard earned cash, making it another solid reason why you should care about getting scammed.

For example, catfishing — where scammers fabricate a fake relationship with a victim in order to get money or resources from them. Like most social engineering attacks, there could be one or more bad actors involved to create a convincing scenario that influences the victim into forking over money or some other valuable items.

Do your due diligence and, when possible, background check new acquaintances — especially if they’re making requests for favors or asking for money, regardless of the reason they present.

Blackmail

Sextortion scams leverage basic human laws of attraction to manipulate and blackmail victims. Scammers pretending to be attractive women looking for new friendship send out friend requests in the hopes of initiating a steamy online “fling”.

If the friend request is accepted and a line of communication is established, the bad actor will attempt to seduce a victim into exchanging explicit texts, photos, video or audio calls while recording everything for later use. Any incriminating evidence will be collected and the scammer will then demand a ransom, threatening to contact the victim’s spouse or family if a ransom isn’t paid.

How to avoid getting scammed

We’ve touched on a few important points about scams and their characteristics, but most importantly is how to avoid getting scammed in the first place.

Scammers are constantly seeking out new ways to exploit their victims, but there are a couple key steps you can take to protect yourself.

Review content thoroughly

Received an SMS or email asking you to send money, fill out an online form, provide credentials or other personal information? Thoroughly check the content to verify the source. If it looks even slightly unusual or there are blatant spelling errors, disregard the message and flag it as spam. Even just searching for information about what you received can help you identify if it’s legitimate or not.

Check URLs and avoid unexpected links

The popularity of link shortening services has definitely helped scammers out. Loads of scams employ link shortening services to trick unsuspecting victims into navigating to their landing pages. Check URLs and don’t click on anything that looks suspicious.

If you do end up following a URL to a strange landing page, make sure the link in your browser matches the content and the company displayed. If the page is asking for too much information or there’s conflicting information, that’s a huge red flag.

Don’t rely on green SSL padlocks or symbols

Scammers use all sorts of fake credibility indicators to trick people into providing credentials, payment details, or other sensitive information. They may masquerade as a reputable brand or even leverage technology like SSL to lure victims into a false sense of security.

Just because there’s a green SSL padlock on the page doesn’t mean the website is safe to use or trustworthy.

Verify information and be wary of unexpected interactions

Received an email that your bank needs you to log in to your account to issue a refund? Got a text from the IRS mentioning that if you don’t provide your Social Security Number they’ll force you to pay a penalty of $10,000? Received a voicemail with instructions on how to pay a fee to win a sweepstakes contest? All of these scenarios are major red flags.

If you receive an unsolicited email or SMS from a service provider that you normally deal with, contact the service provider directly and confirm whether the request is valid.

If it’s too good to be true, it probably is

Scammers exploit human greed and insecurity — and intentionally target desperate people looking to make a few extra bucks. The reality is that if you get an unsolicited email, phone call or offer from someone in person that sounds too good to be true, chances are it’s a scam.

Avoid reacting to urgent messaging

A false sense of urgency is used to rush victims into making quick decisions without applying critical thinking skills. Avoid clicking on an email threatening to close your account or the immediate loss of an important service, the tracking of a package you don’t know anything about, or the promise of quick money.

Talk with family and friends

You can help protect your family and friends by educating them on the most common types of scams.

For example, let them know how to spot phishing campaigns, understand the most prevalent scams found circulating via emails or SMS, and teach them how to apply updates to cell phones or security software to help mitigate risk — that way, if an attachment or link is accidentally clicked, their devices and software can help protect them.

Read the full Scam guide

Cesar Anjos is Sucuri's Malware Researcher who joined the company in 2014. Cesar's main responsibilities include keeping up with the latest malware and writing about it. His professional experience covers over five years in the area. When Cesar isn't researching, he's finding a way to exercise his mind with anything. Connect with him on our Twitter.

Related Tags
Related Categories
You May Also Like