Can you spot an internet scam?

How do internet scams work?

If you're online regularly, it’s likely that you’ll stumble on one or more of these scams eventually. They could appear in your email inbox or on social media, or in the form of a flashing pop-up advertisement demanding your attention.

Whatever the initial hook, cybercriminals usually want the same thing. Their goal will either be to infect your device with malware, or to steal your private information directly. Hackers are always ready to make off with your passwords, credit card numbers, and anything else that could be useful to them.

Most internet scammers will try to rush you into clicking a link or exposing some personal information. If you don't know what to look out for, you can easily miss the warning signs and fall into the trap.

Can you spot the scam?

1: The survey

While checking your inbox, you notice an unexpected email:

2: The urgent SMS

Your phone buzzes — a new text message. You open it and read:

3: The login page

You're on your laptop in a coffee shop, connected to the cafe Wi-Fi. You decide to check your Facebook, and end up on what appears to be the login page:

4: The email deal

Everyone loves a free lunch! Opening your work email, you find a pleasant surprise:

5: The pop-up warning

As you browse the web, a warning sign flashes up in front of you:

6: The parcel alert

You might not have been expecting a parcel, but it looks like you missed a delivery:

Did you find the red flags?

1: The suspicious survey

The sender information is the first place to look. Here, the name of the company emailing you doesn’t feature in the sender’s address. Then there’s the word “Congratulation” instead of “Congratulations” — that doesn't seem right, does it?

It’s also important to ask yourself, “What connection do I have with this brand?” If you haven’t engaged or shopped with them recently, that’s a dead giveaway.

2: The SMS hook

The URL is suspiciously vague and doesn’t offer a preview. That alone isn’t necessarily a smoking gun, but combined with the fact that banks very rarely text their customers, it’s enough to set off alarm bells. Even if you’re with the bank mentioned in the SMS, don't risk it; call the bank directly and confirm whether or not they sent the message.

3: The login trap

In this instance, the hackers are hoping you’ll see enough familiar features on the page to just log in without thinking. However, if you stop to look around, you’ll see the red flags. The logo’s font and color isn't quite right, and there are spelling mistakes in the text. The biggest giveaway is the URL — close, but not close enough.

If you're using unsecured public Wi-Fi, a hacker may have redirected your browser to their own page, which they've mocked up to look like the real deal.

4: The email steal

If you work for a large corporation, you're a prime target for this kind of phishing attack. Everything here looks legit, including the sender information. There are a few hints (an oddly placed question mark and one spelling error), but remember, it pays to double check. Contact someone else in the company and confirm the email's authenticity.

5: The malicious pop-up

This pop-up is trying to create a sense of urgency and panic — your device is infected, act now! But of course, if you pause for a moment, you’ll notice some warning signs.

The low quality of the alert sign and the font, for example, and the lack of any specific details about who the warning is from. There’s no antivirus logo, and it doesn't look like it was generated by any mainstream browser or operating system.

6: The parcel scam

Delivery scams are on the rise. In this case, the sender information looks very suspect, not to mention the strangely formatted blue links. One of the subtler giveaways is the attempt to create artificial urgency. You're told that you have just one day to pick up the parcel, but that’s not how delivery services usually work. When you feel like you’re being rushed into clicking on something, be on your guard.

How to avoid internet scams

You may have caught every red flag in the examples above, but that doesn't mean you'll always get lucky. Some criminals can create flawless clones of familiar pages, write totally convincing emails, or sneak malware onto reputable websites. You never know where the next threat might be coming from.

To give yourself the best chance of avoiding internet scams in the future, follow these simple steps:

1. Take a caution-first approach. It never hurts to be a little suspicious when you're online. Don't assume that an email is genuine, or that the sender ID on a text is accurate. Phishing scammers have a wide range of tools at their disposal, and the best defense against them is a surplus of caution.
2. Protect your passwords. Your login credentials are the keys to your online life. If a hacker can crack your passwords, they can access your social media profiles, send messages from your accounts, and potentially steal valuable payment information. Neutralize this threat by using a password manager, like NordPass, to generate and store uncrackable passwords.
3. Use a VPN. A VPN, or virtual private network, is an encryption tool that will protect your device from hackers and other snoopers. With a premium service like NordVPN, you can use public Wi-Fi without worrying about forced redirections and malicious spying. With one account, you can cover up to six devices, so you never have to go online unprotected.