The Biggest Online Scams And How To Avoid Them

As our dependence on the internet increases in tandem with our use of insecure mobile devices, cybercrime is hitting a record high. It feels at times as though every unsolicited email harbors a threat, and every online transaction is fraught with danger. Yet the threats posed by daily online activities can be reduced through a combination of common sense and attentiveness, whether dealing with search engine optimization companies or visiting unfamiliar websites.
Below are the most common online scams, followed by practical tips on how to avoid becoming part of 2018’s cybercrime statistics:


Of all the threats in cyberspace, phishing attacks are perhaps the most widely understood. A phishing attack usually takes place via email (text message attacks are known as smishing). Phishing emails generally purport to be from a financial institution or trusted brand, with copied-and-pasted logos and graphics alongside generic company data. They often suggest, for example, that an account has been breached or an unauthorized transaction has been made, urging people to click a link to either report the incident or change their security details. The link leads to a fraudulent web page which may harvest inputted data or infect the user’s device with malicious software.
How to avoid: Look at the sender’s email address (as opposed to their name), and see whether the domain name correlates to the company. If a message claiming to be from HSBC was sent from the email domain, it’s almost certainly bogus. Emails sent at strange times are another giveaway, as are messages with no contact name (Dear Valued Customer) or account data. Delete any email that asks you for a password; if in doubt, ring the company who claimed to have sent it and ask whether this is a genuine message. You can often check this yourself by Googling the email’s subject line, to see if other people have received and reported similar messages.


A growing trend involves blackmail, such as emails claiming to have filmed you watching pornography. Unless a payment is made (usually in an untraceable currency like bitcoin), photos or video evidence will be distributed online. Ransomware is another form of extortion, where malware on a device locks it and prevents further access until a fee is paid. If you refuse to comply, any data stored on it may be permanently lost.
How to avoid: First, any email claiming to have acquired compromising material is almost certainly fraudulent. Ransomware is more serious, but risk can be minimized by not clicking on links in unsolicited emails or opening attachments unless their authenticity is known. Regular data backups ensure any loss of information would be irritating rather than catastrophic. Ensure irreplaceable personal files or important documents are backed up in a secure offline location, like a USB stick or Dropbox.

Popup warnings

Compromised web pages may display a message informing the user their device has been infected, requiring immediate attention. This is a clever scam whose sense of urgency encourages people to approve an action that will actually do all the damage. Messages often resemble Windows or Apple notifications and might be difficult to erase from the screen.
How to avoid: Don’t visit websites of dubious provenance, and install antivirus software capable of providing warnings about suspicious URLs. Sometimes, clicking the X on popup messages will install software, so hit Esc on a keyboard or Back on a mobile device. If the message persists, close the browser, and if that doesn’t work, turn the device off. Unsaved data will be lost, but no further damage should arise. Scan infected devices with packages like Malwarebytes or Spybot, to eradicate malicious software.

The first page of Google

This is a scam everyone will be familiar with – indeed, its ubiquity has now surpassed the traditional Nigeria 419 money-request spam. Search engine optimization companies dedicate their working lives to improving client website performance, but no firm can guarantee a first-page position in Google and Bing unless it’s for a company’s own name. Black hat search engine optimization companies will supply badly-written text and create inbound links from low-quality link farms, both of which cause sites to be downgraded in future ranking results.
How to avoid: The algorithms used to rank websites consider hundreds of factors and constantly change. Don’t believe unsubstantiated claims from unfamiliar companies about what they can achieve, particularly if the email domain is foreign. Legitimate SEO experts may achieve impressive results, but any association with underhand search engine optimization companies will be costly and counterproductive. Ironically, search engine reviews are vital for identifying genuine SEO experts.


Some would argue bitcoin is itself a scam – an unregulated digital currency with no underwriting authority or pegged value. The huge fluctuations in bitcoin’s value have mirrored the instability of other cryptocurrencies, although a larger area of concern involves the fake bitcoin exchanges and compromised digital wallets used to store this virtual currency.
How to avoid: Because cryptocurrencies are mysterious and unregulated, identifying scams is difficult. Even so, common sense helps. Treat unsolicited emails asking for help with great caution. Likewise, be wary of invitations to join the ICO of a new coin, or anything promising a remarkable ROI. Ignore adverts promising bitcoin in exchange for mining, and seek out your own mining networks. Conduct any transactions through two-factor authentication, store currency in an offline wallet or split it across multiple locations, and look for reviews of established brands before handing over any money.
There are many other fraudulent scams and schemes online, from fake job offers to phony shopping websites. Yet common sense should always be your guide. Beware of unusually low prices, unsolicited offers or unrealistic investment opportunities. Use antivirus software on every web-enabled device, and only provide personal information to websites with https security. Research companies before giving them money or personal information, and don’t let your heart rule your head –scammers prey upon vanity and greed. If it looks too good to be true, it probably is.