Criminals are creative and have several techniques to take advantage of victims online. Some of the most prevalent tactics include sending lookalike emails, building fake relationships, and pretending to offer technical support — all with the intention of gaining access to financial or other important information. The best way to prevent online scams is by being aware of the tactics used to trick people online, watching out for the signs, and managing your online security. Learn how to recognize these three common online scams and what to do if you encounter one as you surf the web.
1. Phishing
In the last year, phishing attempts have grown by 65%, and it is the most common online scam. Phishing attacks use official-looking email messages and websites to get you to share personal information and can happen in personal or business settings. Phishing attempts to obtain sensitive information, like logins and financial information. Phishers will try to get victims to click on a link or open an attachment (usually loaded with malware). Scammers are even beginning to use text messages, which is known as smishing.
Phishers use a variety of methods, but usually they come from sources you think you trust, like your bank, your CEO, or a service you have an account with. It isn’t difficult for phishers to create official looking emails, scraping the logos and style of company emails to make them look as real as possible. They also can edit the To and From addresses to make them look like they are coming from someone legitimate. These tactics are used to lull you into a false sense of security, but fortunately, there are a few hallmark signs of a phishing attempt.
- Does the email or text message request sensitive information urgently, especially financial information?
- Does the email have odd grammar or spelling mistakes?
- Does the email address avoid personalization, using “Dear Customer” or “To Our Valued Customer,” instead?
Here’s an example from Phishing.org of a real attempt, where the fraudster pretended to send an email from PayPal.
What should you do if you think someone has sent you a phishing attempt?
- Use an alternate method to contact the person or organization that sent you the email or text message and ask if your account has been compromised. Do not use the phone number in the email that was sent to you – the fraudster may have altered it. You can check a bill or statement for accurate contact information.
- DO NOT click on any links in an email or text message or download any attachments.
- Report the attempt by forwarding the email to spam@uce.gov or file a complaint. If you think you have received a Smishing attempt, forward it to SPAM (7726).
- Use and update security software on your computer.
- Use multifactor authentication for your accounts.
2. Romance scams
Building relationships is all about trust and connections, and fraudsters are quick to take advantage of this, especially since finding love or companionship is just a click away online. In 2019, the Federal Trade Commission reported $201 million lost to romance scams. These online scams are also incredibly common, happening 50 times a day on average. Not only do romance scams cause financial harm, but they are also emotionally devastating for their victims.
A romance scammer begins by creating a fake profile on a dating site or app. They may also contact victims through social media sites. After establishing a relationship and building trust, the scammer will ask their victim for money. They often make up stories about why they can’t meet in person (they travel for work or are in the army) and why they need their victim to send them money (medical or travel expenses). They will ask their victims to wire money or send a gift card, which allows them to stay anonymous. Victims are predominately older widowed or divorced women according to the FBI.
This type of scam may also look like someone pretending to be a family member or coworker in need of immediate financial rescue. These fraudsters play with your heart, exploiting emotional vulnerabilities. Here are some common red flags to be aware of:
- Does the person try to establish a relationship with you very quickly or profess love early in the relationship?
- Do they constantly make up excuses about why they can’t meet you? Do they suddenly have an emergency on the day you’re supposed to meet?
- Do they claim to work in an oil field, in building or construction, travel for work, or serve in the army? Is their job the reason they cannot meet you?
- Do they quickly try to move the conversation offline or away from a dating app or social media site?
- Do they play on your sympathies?
- Do they say all the right things all the time?
- Are they asking you for money?
What should you do to verify a romantic interest online?
- Check to see if their online profile photo has been used anywhere else with a reverse image search.
- Ask a lot of questions and be wary of trusting a person too soon.
- If the person seems too good to be true, they probably are.
- Be careful about sending inappropriate pictures to avoid extortion.
- NEVER send money to an online romantic interest.
If you think Mr. or Ms. Right might actually be a fraudster, cut off contact immediately. If you think you are a victim of a romance scam, file a complaint with the FBI’s Internet Crime Complaint Center.
3. Tech support scams
In 2019, the IC3 noted Tech Support Fraud as a growing problem and an increasingly common online scam, receiving 13,633 related complaints. In this scenario, scammers claim to provide technical support, posing as a customer service or help desk representative. They offer help for getting back into an email account or handling a computer infected with a virus. They may also offer help with updating security software, virtual currency exchange, or pose as a government official.
Fraudsters use a variety of techniques to pull these online scams off. They may use online ads targeted at people searching for help with their computer, or use pop ups or a locked screen to suggest that a computer has been infected with a virus, directing the victim to call a fraudulent number. They also use phishing attempts, warning victims through email that their computer has been compromised. They will ask their victims for a credit card number or a gift card to pay for repairs or maintenance. Often, the problems they claim the computer has do not exist. Check out this example of a Tech Support Scam pop up from the FTC.
What to watch out for:
- Unsolicited phone calls from big tech or computer security companies, like Microsoft.
- Pop ups or messages on your computer that tell you it has been infected, directing you to call a phone number
- The company asks you to pay with a gift card or wire transfer.
What should you do if you need tech support?
- Do not give untrusted or unverified tech support remote access to your computer.
- Do not give out your login information.
- Go to someone you know and trust.
- Contact software companies directly.
- Update your computer’s security software regularly.
If you see a tech support scam attempt, report it to the FTC.
The bottom line
Scamming attempts can happen to anyone online, and recognizing the signs is the key to preventing fraud. If something feels too good to be true, watch out. If you feel suspicious of someone, or they are asking for information they don’t need or shouldn’t have, trust your gut. Be extra careful when someone asks for money online and get reliable verification. By asking plenty of questions and practicing healthy skepticism, you can protect yourself from getting scammed and keep your financial assets out of the hands of criminals and in the bank where they belong.
Kirsten Queen
Kirsten Queen is the Senior Content Marketing Manager for CenturyLink and Quantum Fiber. Since she started writing professionally, Kirsten has dabbled in nonprofit grant writing and communications, social media marketing, and now writes content about life with technology. In her free time, Kirsten likes to cook, garden, and hike in the mountains of Colorado. Her name rhymes with first, not cheer.
User agreement scam?
Good
We just got a call claiming to be a centurylink tech. They said they were having trouble updating our internet. Then they said that I would have to download teamviewer.com software so that they could update our internet. It would have given them access to our computer. Where do we report this?
I have had the same thing happen, except the stated it was Ultra viewer
The same thing happened to me today (7/6/21). I tried to check with CenturyLink but could only get recorded messages that weren’t helpful. I was finally convinced the call was from a CenturyLink tech since I was having internet access issues and had called them two days ago so I foolishly bought them a $500 gift card. Then I got thinking (finally) that CenturyLink wouldn’t do business like that. What should I do now?
I am getting messages saying that my email account needs updating even though I also received an email from Centurylink that my account was updated. There also was a Google form sent asking for my email and password to update my email which I know is bogus as one is never to send out passwords.
I just got a phone call they said they were from CenturyLink and said our internet wasn’t working would I get on the computer. The computer is my husband’s who is out of town. I got on the computer with this man on the phone telling me what numbers to put in. Everything looked like CenturyLink as it was running through everything . The man said because we lost connection with our router for 6 months they own us a refund. He said you’ll see a page come up and fill it out. It asked for the name of the person who is signed on to CenturyLink I tried to put my husband and told him it won’t let me. He told me just put my name in. It asked what bank I said I don’t have a bank account. He said you don’t why is that I said my husband handled everything. Still said put the name of his bank and I did. And in one space he said they are calculating what they owe us and just put the $ after the 3 0’s he asked me something else and I said maybe you should call when my husband is home about this. He said he would. I tried to call the phone number and it couldn’t be connected. I called CenturyLink today they have no record of a call from them yesterday. I said do you have something called teamviewer which was came on my husband’s computer and they said no. Now I’m scared of what they got from the computer and don’t know how to clean it up for spam. I emailed my husband and he said ignore this place also asked for my cellphone number which I gave them when I told them my husband didn’t have a cell phone. Any help out there.?
Hey Amy – CenturyLink will never call a customer or email a customer asking for financial information, account login information, password, or social security number. CenturyLink will never ask you to download software or ask you to pay your bill via wire transfer or by online gift cards. To report, please visit: https://www.ftc.gov/faq/consumer-protection/submit-consumer-complaint-ftc
Hey Deborah – CenturyLink will never call a customer or email a customer asking for financial information, account login information, password, or social security number. CenturyLink will never ask you to download software or ask you to pay your bill via wire transfer or by online gift cards. To report, please visit: https://www.ftc.gov/faq/consumer-protection/submit-consumer-complaint-ftc
Hey Amy – CenturyLink will never call a customer or email a customer asking for financial information, account login information, password, or social security number. CenturyLink will never ask you to download software or ask you to pay your bill via wire transfer or by online gift cards. To report, please visit: https://www.ftc.gov/faq/consumer-protection/submit-consumer-complaint-ftc
Hey Kevan – CenturyLink will never call a customer or email a customer asking for financial information, account login information, password, or social security number. CenturyLink will never ask you to download software or ask you to pay your bill via wire transfer or by online gift cards. To report, please visit: https://www.ftc.gov/faq/consumer-protection/submit-consumer-complaint-ftc
Hey Mimi – CenturyLink will never call a customer or email a customer asking for financial information, account login information, password, or social security number. CenturyLink will never ask you to download software or ask you to pay your bill via wire transfer or by online gift cards. To report, please visit: https://www.ftc.gov/faq/consumer-protection/submit-consumer-complaint-ftc
I received an e mail from customer support desk that my account was red flagged and my inbox services will be blocked I was to call 1 888 341 0814 from support help desk and I received calls from 505 341 003 regarding this matter
Hey Jack, CenturyLink will never call a customer or email a customer asking for financial information, account login information, password, or social security number. CenturyLink will never ask you to download software or ask you to pay your bill via wire transfer or by online gift cards. If you suspect you may be the victim of a scam, hang up and call back official CenturyLink representatives to verify the call.
Hi I’m from England and every month I get a email telling me my account ending in a certain 4 numbers telling me my current bill of $50 is ready to view on line and that no action is need I’m enrolled in autopay and the next payment will be taken next month on a certain date, which I find funny as I have not been to the USA since I went to vail snowboarding with my pals back in 2014, so was wondering if someone has sent a fictitious account up in my name/used my email address some how I don’t think I’m getting charged from what I can see just seems strange I get it every month I just delete it as it has a American address on it, I know there is a BIG possibility/or it’s just a very good scam as the email seems legit. So any help in checking u don’t have my email on file would be much appreciated.
Thank very much
Best Regards
Ben
Got a call from Allison from CenturyLink who stated she was a tech to help with modem upgrade. She also gave me her work ID as 5342554T. Also stated we were eligible for a refund of 500.00 but needed me to login my bank account so they could transfer the refund. Was not able to do it so she stated they would contact me the next day to do the transaction. Sure this is a scam.
Hi Lorie. CenturyLink will never call a customer or email a customer asking for financial information, account login information, password, or social security number.
I got an email from “centurylink” saying they are changing my account number and the address to send my payments to. This seems very bogus. HOWEVER, I CAN’T GET ANYONE AT CENTURYLINK TO TALK TO EXCEPT SOME HEAVY ACCENTED PERSON IN THE CARRIBEAN who wants my SS number. What is up??? Centurylink has no American contact numbers. What is anyone to do to check the fraud????? Why would all your billing questions go to the Carribean??? Now I can’t check to see how bogus this is. You need to fix this crap! Perhaps this is bogus, who knows?
Hi Cynthia, please confirm with our support team. You can chat with a representative here: https://www.centurylink.com/home/help/contact.html
I keep getting emails about having to update my email account and have been given several dates over several emails threatening to close my account if I do not update. A screen opens up with an out of focus Centurylink logo asking for my email and password. I have gotten a number of these and they are quite annoying. There are a ton of additional email addresses listed in to ‘to’ field that appear to be alphabetically listed. How do I get these to stop?
Hi Kevan, follow the steps here: https://www.centurylink.com/home/help/internet/security/what-is-spam.html
got a email fromcenturylink administrator server has been upgraded and i should reset? is this a scam
Hi James, please refer to this article for information about scammers posing as CenturyLink. Thanks!
When I am using my e-mail, the web site will switch from labeled secure to not secure. That is not good as I may not notice that this has happened and accidently use a unsecure web site.