Protect yourself against scams and online threats with Avast One
- Security
- Privacy
- Performance
Online scams are becoming more sophisticated than ever, especially with the rise of AI. Learn what online scams are, some of the most common types of scams, and how to identify potential scams. Then, help protect yourself from scammers, malware, and other online threats with a comprehensive security suite like Avast One.
An online scam is a deception carried out over the internet with the aim of tricking individuals into giving away personal, financial, or other sensitive information, or directly stealing their money.
This Article Contains :
Online scams can take many forms, from phishing messages and fake online marketplaces to elaborate fraudulent dating profiles and too-good-to-be-true investment deals. What online scams usually have in common is their use of social engineering tactics to deceive, manipulate, and exploit victims.
According to a 2023 FTC report, since 2021 one in four people who reported being defrauded out of money said the scam began on social media. However, scammers can use almost any digital platform — including email, text messaging, and websites — to carry out their nefarious plots.
According to a 2023 FTC report, since 2021 one in four people who reported being defrauded out of money said the scam began on social media.
Beyond offering a definition of online scams, we’ll take you through some of the most common types of scams and what they mean for your online security. Knowing the latest scams can go a long way in helping you protect yourself, your money, and your personal information online.
As our digital world evolves, so do online scams. Here’s a list of 14 common online scams to watch out for right now.
In 2022, phishing was one of the most common types of cybercrime reported, according to the FBI. In a phishing attack, cybercriminals impersonate a trusted entity like your bank, employer, or even tech support in order to “fish” for private information like your password or credit card number. They then use this information to steal money, commit identity theft, engage in corporate espionage, or carry out other illicit activities.
Phishing attacks are commonly perpetrated via email. But watch out for different types of text message scams like USPS scams that are phishing ploys, too. Spam phone calls may also employ phishing techniques. Some generic phishing attacks are broad-sweeping, sent out to thousands of victims, while others are precisely targeted at specific individuals (known as spear phishing).
Note that spam and phishing are not the same thing. Plain old spam is usually just annoying, while phishing actively aims to harm you or collect your data or financial info.
An example of a phishing email from a scammer pretending to be Netflix.
Catfishing and dating scams (often called romance scams) involve a fake romantic relationship, typically initiated through dating sites or apps, or on social media. Scammers reel victims in with a fake online profile, complete with photos and a convincing backstory. Once the scammer has gained the target’s trust they concoct a crisis — be it a medical emergency, travel issue, or unpaid bill — and ask for money.
Some romance scams can drag on for months or years and involve multiple financial transactions before the victim realizes they’ve been duped.
Sugar daddy scams are another type of romance scam, except the scammer pretends to be a rich benefactor looking for a “sugar baby” to whom they offer financial support in exchange for romantic involvement or companionship. But like other romance scams, the perpetrator aims to trick the victim into sending money instead. A sugar daddy scammer may ask you to send a small fee to enable a larger transfer of funds. But once you pay, they disappear with your money.
Crowdfunding platforms like Kickstarter, GoFundMe, and Indiegogo allow people to solicit donations from anyone on the internet who finds their cause worthy. People use crowdfunding to raise money for a variety of purposes, from bringing creative projects, business ventures, and innovative ideas to life, to the more somber needs of covering medical or legal expenses.
Scammers can abuse crowdsourcing platforms by whipping up fake campaigns designed to excite or tug at the heartstrings of potential donors. Once scammers collect a significant sum in donations, they abruptly cut off all communication and disappear, leaving backers with unfulfilled promises and no way to reclaim their contributions.
One recent example of a crowdfunding scam is Juicy Fields, a cannabis crowdfunding platform that promised investors or so-called “e-growers” monthly returns of 6-14% for investing in cannabis plants cultivated by top industry operators. The company suddenly collapsed in July 2022, with subsequent investigations by European law enforcement agencies and Europol uncovering an alleged Ponzi scheme that defrauded more than 180,000 victims out of more than €600 million.
In a rental scam, fake rental properties are advertised at attractive prices, usually below market rate. Once a potential victim shows interest, the scammer creates a sense of urgency by, say, claiming that the property is in high demand and that an immediate deposit is required to secure it.
Rental scammers often ask for a deposit before the victim has a chance to see the property, usually preferring payment through peer-to-peer transfer apps like Venmo or Cash App, which makes it more difficult to trace or reverse the transaction later. Once the scammer has the money, they’ll cut off contact and vanish.
A particularly pernicious type of real estate scam, timeshare scams happen when fraudsters trick people who own or are interested in buying timeshares. As a recent story about a Mexican drug cartel timeshare scam showed, these scams involve deceptive promises to sell property at inflated prices, transfer ownership easily, carry out services that are never provided, and other ploys. And the financial impact can be devastating, including entire bank and savings accounts emptied.
Advance-fee scams are notorious on the internet, epitomized by one of the world’s first email fraud schemes: the Nigerian Prince. These scams are a modern twist on the old Spanish Prisoner con, where scammers claimed to be in contact with a wealthy aristocrat, currently imprisoned and in need of money to secure their release. Victims were promised hefty rewards once the "prisoner" was freed — a payoff that never materialized.
Today’s advance-fee scams follow a similar blueprint: scammers request a small upfront fee to facilitate a much larger money transfer later. Sometimes, these scams masquerade as lottery or sweepstakes winnings or “no credit check” loan offers. Regardless of the specific format, the outcome remains the same: you won't see any return on your money.
An example of an advance-fee scam.
Working from home certainly has its benefits: no commute, no office distractions, and best of all, no dress code. Scammers know this all too well. In a work-from-home scam, you’ll be pitched a job offer that sounds amazing at first glance. You’ll be promised quick earnings and flexible hours, with roles that don’t require specialized training or education.
Once you’re on the hook, the scammer will trigger the next stage: before you can begin, you need to purchase a startup kit, proprietary software, training course, or even a subscription service. Others will trick you into laundering money, cashing bad checks, or forwarding shipments purchased with stolen credit cards.
If you’ve ever seen a pop-up telling you that your computer is in dire need of antivirus rescue, you’ve come across this scam. Also known as scareware, these fake antivirus ads want you to panic and pay up in order to secure what you believe is the solution to your malware woes.
Some creators of fake antivirus apps manage to list their scam software in legitimate download portals. When you install the scam software, it will appear to be performing virus scans, but won’t actually have any antivirus capabilities. Instead, it’s adware in disguise, created solely for the purpose of bombarding you with pop-up ads.
A scareware pop-up that tries to fool you into thinking there’s malware on your computer.
Real antivirus software like Avast One will protect you against the adware and other malware that often comes with these fake apps. If it’s too late and you’ve already installed a faux app that’s now bombarding you with ads, a dedicated adware removal tool can help you get rid of it.
Multi-level marketing (MLM) or "network marketing" scams are a type of pyramid scheme that entice would-be entrepreneurs with promises of being their own bosses or starting their own businesses — primarily by buying inventory from an involved salesperson, selling it, and, more important, recruiting more salespeople. If the majority of participants’ earnings come from sales, an MLM can be considered legitimate.
The scam side becomes apparent when the focus shifts from selling products to recruiting more members. In MLM scams, new recruits are encouraged to buy large amounts of inventory, often spending more than they ever recover in sales. The company then benefits from the sales, while the individual salespeople are left with huge amounts of inventory and no profits.
As MLMs have evolved, social media like Facebook and Instagram, have become a key tool for recruitment, with many people drawn into MLMs by trusted friends or family members. There have also been several high-profile cryptocurrency MLM scams, including OneCoin, a scheme that took in more than $4 billion from at least 3.5 million victims.
In an online shopping scam, fraudsters pretend to be legitimate online retailers, using either a fake website or a fake ad on a real site. They’ll often advertise luxury products at enticingly low prices, which is an initial tipoff that you’re dealing with a scam. Another clue that you’re dealing with a scam is if they ask for payment through non-traditional channels like gift cards, wire transfers, and cryptocurrency.
Once you make your purchase in an online scam shop, you’ll either receive a counterfeit or low-quality item, or nothing at all.
Whenever and wherever money is exchanged for goods and services, the environment is vulnerable to scams, especially when these transactions take place online. Even trusted platforms like PayPal and Amazon are not immune to scams. In fact, in 2022, Amazon spent $1.2 billion in efforts to crack down on fake products appearing on their platform.
An example of a fake Amazon email that could lead to a phishing site.
The festive season often sees a spike in fraud, as scammers exploit the holiday frenzy and surge in online transactions. Among these, non-payment scams pose a threat to smaller retailers, who find themselves dispatching goods or services only to be left uncompensated.
Non-delivery scams present the inverse situation — goods or services are ordered by a customer but never arrive. Another type of holiday scam is the hoax charity, which takes advantage of the giving season by tricking people into donating to fake causes.
Debt collection scams prey on the shame and stress that go along with owing money. Scammers pose as debt collectors and use threats and urgency to get you to pay money you don’t actually owe. In some cases the debt is completely fake, but it also may have been canceled, forgiven, or discharged in a bankruptcy. These scams often involve sophisticated tactics such as using your stolen personal information to make the deception seem more legitimate.
Vacation scams trick individuals into paying for vacation packages, flights, or experiences that are misrepresented, significantly under-delivered, or completely nonexistent.
A notorious example of a travel scam is the Fyre Festival, which was promoted as a luxury music festival on a private island in The Bahamas, featuring top-tier musical acts, gourmet food, and lavish accommodations. However, attendees were met with inadequate infrastructure, lack of proper food and accommodation, and the absence of the advertised entertainment, revealing the event as a massively failed and fraudulent operation.
In a grandparent scam, imposters pose as a grandchild or other young family member in distress, contact an elderly person, and ask for urgent financial help. Often they will claim to be in some type of crisis that they’d like to keep hidden from the rest of the family — like getting arrested or in a car accident.
The emotional manipulation and the supposed confidentiality of the situation pressure grandparents into acting quickly, sometimes leading to significant financial losses before the scam is uncovered. Grandparent scams are getting increasingly sophisticated, with some perpetrators now using AI to clone the voice of the individual they’re impersonating.
Get-rich-quick scams attempt to deceive individuals into believing they’ll earn massive returns on investments in a short timeframe and with minimal risk.
"Deepfake videos, especially those endorsing investment scams, displayed a heightened level of sophistication, challenging the (viewer's) ability to distinguish between real and fabricated content."
Frequently preying on vulnerable individuals in marginalized communities, the allure of quick and easy wealth can be particularly tempting to those in desperate circumstances.
Classic hallmarks of these schemes are high-pressure tactics used to recruit new members, coupled with vague or convoluted explanations of the actual investment strategy. A recent variation of get-rich-quick schemes features self-proclaimed business gurus promoting the use of AI tools like ChatGPT as surefire ways to build million-dollar enterprises. However, the reality seldom matches the hype.
The golden rule of scam detection is this: If it sounds too good to be true, it probably is. Scammers often tempt with big promises. Trust your instincts and don’t buy into the hype.
The next time you come across an unbelievable offer, ask yourself the following questions:
Is this a realistic deal/offer/proposal?
Go with your gut on this one. Does an apartment look way too nice to be rented at such a low rate? Is the vacation package just a little too affordable? Are you being promised an easy job that pays well with minimal effort? Has someone claimed that you’ll be rewarded handsomely if you can transfer a quick deposit?
Is this financial transaction safe?
Look out for insistence on alternative payment methods like gift cards and Bitcoin. Payments through many alternative payment platforms cannot be reversed or protected, which is ideal for a scammer’s needs. Legitimate offers should accept standard and regulated methods of payment.
What am I being asked to share?
Phishing scams go after personal details that can later be used against you. No legitimate company should be asking you to confirm your login credentials, financial accounts, credit card numbers, or detailed personal information.
Am I being rushed?
Scammers create artificial urgency to force you into a rushed decision. Some use “fear of missing out” to encourage you to bite on a tempting offer, while others threaten you with steep penalties for missing a deadline. Either way, pressure and urgency are big warning signs of scams.
Does this person’s story hold up?
If you suspect that you’re being conned by someone, dig into their backstory. Scope them out on social media and confirm any claims they’ve made through your own research. If a supposed family member is acting strangely and asking for money, ask them questions only that person would know to ensure they’re not an impersonator, or call them.
Are they taking the conversation off-platform?
On most legitimate commerce, booking, and dating sites, you are protected if you keep all your conversations on record through the site’s messaging service. People requesting that you communicate privately via email or text may have something to hide.
Scammers use a few common tactics to deceive their scam victims. Familiarizing yourself with these can help you avoid getting scammed online:
Urgency: A legitimate company or organization will rarely, if ever, make urgent demands. A pushy tone is a common scam tactic.
Common phrases: Scams are rarely imaginative and often use repetitive language. Be on the lookout for cliche phrases like “Congratulations, you’ve won!”
Too good to be true: Remember the rule — if it sounds unbelievable, it’s probably a hoax.
Unsolicited contact: If someone has reached out via email, social media, or phone without prior interaction, it’s good to be cautious.
Request for personal info: Scammers often ask for sensitive details under false pretenses.
Fake websites: Be on the lookout for odd URLs and other signs of an unsafe website when shopping online.
Famous endorsements: Some scams falsely claim support from celebrities or other well-known people, but don’t be fooled by a shiny exterior.
While you might not be able to get your money back or mitigate all the consequences of being scammed, here are some ways you can be proactive in the wake of a successful scam:
Cut the scammer off: You aren’t going to convince them to return your money, so don’t even bother. Continuing the relationship leaves the door open to additional scams in the future. Block their email address or social profiles and ignore any further attempts on their part to reach you.
Contact your financial institutions: Contact your bank or credit card provider and see if they can help you recover the lost funds. At the very least, they’ll be aware that you were scammed, and you can discuss security options for the future.
Freeze your credit: If you’ve been scammed, freeze your credit immediately to prevent scammers from opening new lines of credit in your name.
Change your passwords: If you’ve disclosed any sensitive personal info to the scammer, be proactive and change your online login credentials. This is especially important for financial logins, such as for banking apps or PayPal. You can prevent additional losses by locking scammers out.
Report the scam: Scamming is a criminal act. Report the internet scam to the relevant authorities in your area and inform them about the scam. Your reports can go a long way toward helping others avoid falling for the same scam.
Share your experience: You may feel embarrassed for having fallen for a scam, but talking about your experience can help you process your feelings, especially after a romance scam. You can also help educate your friends and family on how to protect themselves from future scams.
Reach out for professional support: It hurts to get scammed, and you don’t have to bear the burden alone. Contact a trained professional in your area if you’re experiencing strong negative feelings in the wake of your experience.
Here are some important cybersecurity tips to employ to help protect yourself against scams:
Don’t click unfamiliar links: Double-check links in emails and email addresses themselves to help you avoid falling for phishing scams.
Regularly update your passwords: Use strong, unique passwords to help block unauthorized access to your online accounts.
Use multi-factor authentication: Enable security settings, such as two-factor authentication (2FA), for an extra layer of login security beyond just a password.
Avoid oversharing: Don’t share personal or account information with strangers or on social media. If scammers see this information online, they can use it against you.
Update privacy settings: Use social media privacy controls to limit what strangers can see and access on your profiles. For instance, don’t make your birthday viewable by anyone other than your close family and friends.
Educate yourself on the latest scams: Stay updated on the latest scam trends and new technologies so you know what to do if you’re ever met with a scam attempt.
Install online security software: The best antivirus apps can help block malicious, scammy websites. It can even help you keep malware-laced downloads and attachments from infecting your device.
When it comes to avoiding scams, a little bit of vigilance goes a long way. But no matter how much you’ve sharpened your scam-detection skills, there’s almost always someone waiting for you to let your guard down. That’s where a comprehensive cybersecurity tool comes into play.
Avast One helps protect you against malware that scammers use to infect your devices by continually monitoring your device for vulnerabilities and blocking malicious downloads that scammers aim against you. Help protect your device with a trusted online security solution used by millions of users worldwide.
Install free Avast One to fight online scams and block malware. Get real-time protection for your Android phone.
Install free Avast One to fight online scams and other online threats. Get real-time protection for your iPhone.
Download free Avast One to fight online scams and block malware. Get real-time protection for your Mac.
Download free Avast One to fight online scams and block malware. Get real-time protection for your Windows PC.
Protect yourself against scams and online threats with Avast One
Protect yourself against scams and online threats with Avast One