The Complete Guide to Online Fraud Prevention
We know you are too tech-savvy to trick you with online scams. But even the smartest of us can fall prey to internet scams, and we all have friends and family who need a little extra help with digital security.
The basic rule of thumb for protecting against online fraud is simple: if it sounds too good to be true, it probably is. A little common sense makes it clear that you are not going to suddenly win the Spanish National Lottery if you didn’t even know you had a ticket.
Here’s our comprehensive guide to help you (and your loved ones) stay safe online.
Never, ever, follow the link to your bank or financial institution in an email.
Many security experts argue that you should never click on links in emails. Scammers can fake messages to make them look like they came from sources you trust, but the links lead to fake websites designed to collect your personal information or to coerce you into downloading malware.
This advice is especially relevant when it comes to communications from your financial institutions. Legal banks and services like Paypal don’t just email people asking them to check their information or reset passwords. If you receive such a notification and do not remember asking for it, please ignore it. And if you want to confirm that the “new notice” of the financial service is valid, do not use the hyperlink in the email to log in; enter the domain name of the service directly into your browser and log into your account in the usual way to find the message (if it exists).
Before entering the service site, make sure you take a second to look for the padlock icon in your browser’s address bar. While this is n’t a reliable way to tell a fake from a real one, it does at least give you a little extra information that the site you connect to a site or service is encrypted, making the site (potentially) more legitimate.
Don’t share your passwords
This is obvious, but less tech-savvy people can deny their passwords if the request turns out to be legitimate. A hard and fast rule of thumb is that you should never give out your passwords, period. This is not something that people or companies should ever ask for directly. If you receive an email or text message asking you to forward your password for any reason , do not do it. How simple it is.
Use strong passwords (and security questions)
Many people still use stupid passwords like “password” and “123456”. Don’t be one of them. If your password is easy to guess (because it contains basic identifying information such as your date of birth or your spouse’s name), it doesn’t even matter if you accidentally give it out. A hacker will crack it in no time.
You will want to read our guide on how to choose and remember a strong password and create different credentials for each online account you open. If you use the same password for everything and that password leaks during a data breach, your entire online existence is at risk. We recommend using a password manager to track tens or hundreds of unique logins.
However, your lesson on password security doesn’t end there. The weak link in your security might be those security questions and answers that most sites ask you to enter in order to help you reset your password. Even if your password is strong, your security question is often not, so you should make sure to protect your accounts with strong security questions . Whenever possible, use two-factor authentication to prevent anyone from accessing your account, even if they have your credentials.
Don’t buy anything from the random email you receive
A good spam filter should catch the obvious, like emails trying to sell you everything from cheap watches to fake men’s accessories. But it’s relatively easy for scammers to pretend they’re from Amazon, just as it’s easy for scammers to pretend they’re from your bank. The simplest rule of thumb is to never buy anything by email. You could make an exception for email newsletters from sites you trust, but at least make sure you don’t click anything on an unsolicited message.
You can always go directly to Amazon or any other e-commerce store you are interested in – enter that address directly into your browser bar – and search for the product they are promoting.
Watch out for job postings that look too good to be true
If you’re looking for a job or just looking for a way to make some money, be very skeptical about line items posted on sites like Craigslist. Not that Craigslist isn’t the right place to look for concerts, but you have to be careful with scammers hiding out to take advantage of unsuspecting victims.
Those jobs that say you can “make over $ 50 an hour working from home!” or “Mystery Shopper Needed!” and they promise a lot of money with almost no work – yes, they are completely fake.
The huge red flag is any job involving Western Union, Moneygram, wire transfers, money transfers, or any kind of financial transaction. The scammers will ask you to deposit a check or money order and transfer the money back to them – and only later will you discover that it was a fake. Generally speaking, if someone asks you for money in exchange to give you even more money, a wonderful prize or something like that, ask yourself: why are they so generous? Doesn’t that seem incredibly strange?
Don’t share your personal information or social security number
Online shopping (and most other services) do not ask you to enter your Social Security number when you sign in or create an account (unless, for example, you are applying for a loan, which is a completely different topic). You should also be highly suspicious of websites that ask you to re-enter your personal information, especially if they appear to be websites where this information should already be on file, such as your bank. Be very careful not to divulge your information to anyone on the network (even innocent information such as your birthday).
Take advantage of your browser’s security features
Web browsers (Chrome, Firefox, etc.) have built-in functionality to validate security certificates from trusted websites – click the lock icon to see all information about the certificate, including whether it is valid, who issued it and where.
Browsers also usually warn you if you are trying to access a malicious site or download a dangerous file.
Ignore website pop-ups that say you have a virus
Get yourself an ad blocker built into your browser or through a third party app. If you see pop-ups or ads as you travel, don’t click on them. Any scary or urgent message – your computer is infected with a virus and you need to download this software RIGHT NOW – is a scam.
You can also use antivirus software to detect and prevent viruses and VPN to anonymize your browsing data. Not sure what to choose? We’ve got a few of your favorite antivirus apps and some tips for choosing a reliable VPN .
Even if you already do all of this (and more) to protect yourself from online scams, take a few minutes to share these tips with your loved ones. When it comes to online privacy and security, you can’t be too careful.
This article was originally published in 2009 and was updated in January 2020 with the most recent information.