How To Recognize A Scam Online

By Tonisha Parra

July 15th, 2023

BURLINGTON, ON

The digital age has been a wild west of online crime, with new scams popping up every day. Emails, phone calls, text messages, and even ads on social media can be disguised attempts to trick you out of your personal details (and your money). Our best weapon against this sea of scammers is a solid understanding of cyber security, and the ability to design and implement our own cyber security strategies.

But what is cyber security? It’s safe to say that cyber security is still a new word to most of us. So knowing whether or not you’re actually safe online can come with a bit of a learning curve.

Thankfully, it is easier to engage with the basics of cyber security. And that’s usually all that most everyday web users need.

To help out, we’ll be outlining some great ways to recognise potential scams online, and what to do if you ever come across something a little dubious online.

Read on to learn how to recognize a scam online:

If you don’t recognize the email sender – best not to open it.

Check the sender
Don’t click the links
Take your time
Look for bad grammar
Is the price too good to be true?
Don’t take your boss’ word for it
Report fraud wherever possible

1. Check the sender
When you get an odd text asking for your bank details, postage address, or any other tidbits of personal info, the easiest thing to do is just look to see if they’ve messaged you before. With emails, you should also always look at the sender’s email address in full. Most spammers and scammers can’t get at official email addresses, so their best is something that appears as legitimate but on second glance, is definitely not.

For example, @google.com may become @ongoogle.com, or @googlo.com, or simply complete gibberish. Or your sender could have a company name for their email address but could be emailing from a generic @gmail.com or @outlook.com account, rather than from a company email.

Taking a closer look at the sender’s name, or using an email checker is always a good first step towards ascertaining the reliability of a message. But it’s not foolproof! Remember that even a legitimate address can be hacked or spoofed.

2. Don’t click the links
If you’re an avid online shopper like me, chances are your inbox is filled with completely innocuous emails. These are things like shipping updates, or news alerts – messages that have no intention of gathering your personal info. But even seemingly harmless messages can be a front for a devilish hyperlink.

Absent-mindedly clicking on a hyperlink could easily take you to a site that looks like an exact copy of Facebook, or anything else, that then asks you to login and confirm some details. The safest tactic is to avoid clicking on any link unnecessarily, and to just complete actions independently and through your own browser.

And if you do find a site you’re uncertain of, look for “https” (or the padlock symbol) in the URL bar of the pages you visit. The S stands for secure, and the padlock symbol also denotes a website with a secure SSL certificate.

3. Take your time
The best thing you can do for a scammer is to take things at face value. Scammers are masters at taking people by surprise, so it’s always better to maintain vigilance when assessing any digital communications.

Of course, staying vigilant and thinking critically about any message your way requires a little time to process what you’re reading. So scammers will also often try to put you under time pressure, just to ensure you don’t have the opportunity to think.

Scammers will often insert a call to action to get you to gloss over the less-than-reputable details in their communications. Phrases like Respond immediately, or your package will return to the depot. But how often does your bank, your mail service, or anything else online ask you for immediate action? Many institutions still run on snail mail, so half a minute of thought never hurts. Simply put, be wary of anybody asking you to ‘take action now’, because chances are they’re only requesting this urgency to lure you into a trap.

4. Look for bad grammar
Oddly enough, some scammers will purposefully add spelling mistakes and the like to their messages. They do this to filter out the keen-eyed readers, who will make for hard targets, allowing for them to focus on the more forgiving and innocent victims. It’s a cruel practice, but an effective one, especially if you’re tired. Whenever you see a misspelling, forgotten punctuation or notice strange wording from a supposed professional, you can bet it’s a scam – after all, reputable businesses triple check messages before sending them out.

And in some instances, scammers simply make mistakes. If you do find any spelling mistakes or grammatical errors in messages that are supposedly from your bank, your school, or your local toll road service, then chances are it’s not from these bodies at all. It could easily just be an offshore scammer masquerading as these legitimate agencies.

5. Is the price too good to be true?
Finding a killer deal online is thrilling. And even when there’s no way they’re selling clothes, plane tickets, or a puppy for that price, you want to believe it, don’t you? That’s the very feeling digital thieves are trying to capitalize on.

But if the photos look unoriginal (try right-clicking, and “Search image with Google”), the site is new to you, or the details are strangely vague, then think again. It’s always best to do your due diligence when examining any offer online. Be sure to search for reviews and read through forums on other websites, just to see if people have been negatively affected by these offers, or the figure advertising these offers, in the past.

You should also ask for more details from the seller, and check whether the payment options are secure. PayPal, banks, and your credit cards will fight tooth and nail to keep from being ripped off.

6. Don’t take your boss’ word for it
One slimy trick is to find the names of business owners and their employees online, then pose as the employer to ask for a favor. Beware of messages that look just like this one:
Hey, Alex, we’ve got a client meeting in an hour, can you pick up $500 worth of Apple iTunes cards and send through the codes right quick, and I’ll pay you back after? Best, Joe Ceo.

You might not think that internet criminals would notice your small town medical practice, or target you at your accounting firm, but a specific target means they can trick you with real details. And real details will always increase their chances of success. Don’t let them win.

Be sure to ask for a phone call from ‘your boss’ or an email to confirm details. Chances are the scammer won’t be able to rise to this challenge and will move on to a more gullible target.

7. Report fraud whenever possible

Finally, even if you don’t fall victim to a cyber attack, it’s always best to report any cases you come across to your local cyber security authorities. One in twenty people will put in the time to report attempted fraud to the Canadian Anti-Fraud Centre or other digital crimes to the Canadian Center for Cyber Security. This number needs to increase. By reporting to these security agencies, you can aid and inform their work, which will ensure these bodies are better equipped to respond to security threats as they happen.

Your report can help prevent future cases, protecting your friends, neighbors, and all your fellow Canadian netizens. And if it’s only a minor incident or just a stray spam text, you can easily add a comment or a vote to online safety sites like spamcalls.net.

Remember – a cautious person is a scam artist’s worst enemy. So look closely, check with others, and hold your personal details close to your chest when accessing the web.

Every second spent learning and researching online, cripples your risk of being cheated out of your data and perhaps even your money. In short, a considerate approach to your cyber security is the most fierce protector you can have against online scams.