If you're like me, you're online constantly. But, as safe as the internet may seem at times, every single day it becomes more frightening. Scammers have ramped up their game in this past year alone. In fact, things are getting so bad the FBI and other government officials, such as the FTC, have issued several warnings this year about weak encryption, ransomware and phishing scams.
Of all the scams we've seen this year, there's a handful that truly stand out. We've already told you about the major scams that hit earlier in the year, but now we've got a whole new batch to warn you about.
These aren't your run-of-the-mill scams that fool a few hundred people. These scams have been so effective, they've fooled hundreds of thousands, even millions of people. And, the worst part is, they're still out there wreaking havoc. That's why we've rounded up the top five scams you need to look out for.
1. New eBay scam will make you think twice before buying another item
Today, the world revolves around Amazon. The online retailer makes the buying experience easy and hassle free. But for sellers, there’s anther story. You see, at Amazon, people aren’t just buying - they’re selling - and scammers are taking advantage of a loophole that could cripple a small business.
It works like this: a small mom and pop-type store will use Amazon Fulfillment centers to ship out their products. In these cases, Amazon packs the orders and ships all items out for the seller. But this service isn't free - a successful company could spend $100,000 for the service in just three months.
Here's where the problem starts: A scammer will find a product on Amazon, steal photos and product descriptions and sell the item on eBay for a higher price. The eBay seller will then use the Amazon Fulfillment centers to ship the item. Now, the original retailer sees none of the profits and is stuck with the shipping costs.
Then to make matters worse, if the shopper becomes privy to the item being cheaper on another site - let's say on Amazon - and cancels or returns their order, the original retailer is stuck with that headache and cost too.
That's exactly what happened to Fred and Natasha, creators of the best-selling Ripple Rug. Listen to their full story in the podcast below, or click here to listen.
What's more concerning is that the practice, known as "arbitrage" is commonplace and isn't illegal. The only solution in this case was to stop using the Fulfilled by Amazon service, partly to cut down on arbitrageurs. But they still have a store on Amazon and when they get an order from an arbitrage, it’s quickly canceled.
As an eBay shopper, make sure you can't find the item with a cheaper price on Amazon before you click "Buy."
2. Rental scams
Rental scams usually work one of two ways. Scammers will inquire about a property, ask legitimate questions and seem like they are on the up and up until it comes time to make a payment.
Often, these scammers won't want to use credit cards online or over the phone. Instead, they want to send you a check, which is usually for more than the amount due or another incorrect amount.
After the check is received, they will ask you to return the difference using a wire transfer service or with a full refund. If you comply, well, you've been duped. The checks are void or written on a closed account. Just great.
This recently happened to Kim's mother, Virginia. In two separate instances, she was contacted by foreign businessmen traveling from Dubai and Poland respectively. Initially, these prospective renters seemed legitimate, but when Virginia told them she could not accept checks as payment, they were never heard from again.
Luckily, Virginia recognized the red flags and didn't fall victim. She noticed that the grammatically poor emails between her and the "boss' secretary" used a fake email address, had no phone number and was very flexible with her travel dates.
To avoid check scams like this, only accept payments via VRBO online transactions with HomeAway Secure Payments. With this secure online system, renters can pay with a credit card or an eCheck.
Here are other red flags to look for:
- Correspondence has poor spelling, grammar, capitalization and punctuation.
- Correspondence gives you more information than necessary.
- Correspondence refers to your property incorrectly; for example, asks about a "lovely apartment" when you're renting a cabin.
- There is no phone number provided.
- The person is a boss, religious figure, doctor or officer in the armed forces.
- The person is arranging a surprise trip for someone else.
- The person wants to pay with certified check, cashier's check or unsecured wire transfer.
- The person offers to pay more than the stated rate.
- The person submits an inquiry for specific dates but will often tell homeowners that dates are flexible.
- Gives you an uneasy feeling that something isn't quite right.
3. Like farming on Facebook
Here's how like-farming works: A fake page is posted with the goal of getting as many likes as possible, as quickly as possible. These pages will use language along the lines of "Want to win a free iPhone? Like this page and share this photo and you're automatically entered to win."
Once the fake page has a certain amount of likes, let's say 500,000, the scammer can then sell the page to shady marketers or anyone else that has a need for an already-established Facebook page.
Think about it, all the marketer has to do is buy the page and repurpose it. They've already got an audience of 500,000 people it gained through the fake giveaway, so that's a potential 500,000 people that can now see their products or services, whether real or fake.
This type of scam is banned in Facebook's Terms of Service page, but that hasn't stopped independent marketplaces from popping up and selling fake Facebook pages.
In the meantime, you will need to be careful about what you like on Facebook. Don't automatically click "like" on everything out of habit. You'll also need to know what to look for. Here's how to spot a Like-farming scam on Facebook.
- If it's too good to be true, it probably is.
- Notice the content and whether it promises anything for liking or sharing. If it does, it's a good clue that it's a scam of some kind. The same goes if you feel pushed or pressured into clicking like or share.
- Take a look at where the post is coming from. If it's from someone you don't recognize, it could be a friend of a friend or it could be a complete stranger. It would be good to find out.
- How many times has the giveaway been posted? Savvy scammers will know to post the same giveaway over a period of days in order to accumulate the most likes.
- Most bogus giveaways will claim to be giving away large amounts of expensive prizes. If there are thousands of products being given away, that's a red flag.
- Does the giveaway follow the rules? Is there a terms and conditions page? Is there an end date for the contest? Are there legal terms available anywhere on the site or a contest details page?
- Always, always, always check for misspellings and grammar mistakes. Legitimate companies pay a copy editor to make sure spelling mistakes are fixed.
- When was the page created? If it's fairly new, that's another red flag.
- Is the page verified? You'll know the Facebook page is for real if it has the verified logo, which is a blue circle with a white checkmark in it.
4. Phishing scams disguised as Apple
The latest phishing email you need to keep an eye out for disguises itself as an iTunes email. Much like the Amazon phishing scam we showed you, this email claims that you have been overcharged for a download purchase - $25 for one song, which is usually $1.99 or less, or $45 for the Netflix app.
The email will show you a very official-looking billing statement and will encourage you to click a link that says, "Cancel andx Manage Subscriptions." But, because you're a Komando.com reader, you'll notice the typo in the link and know that's red flag number one.
Whatever you do, don't click that link. It could take you to a malicious site that can steal all of your valuable information, then it's game over.
If you think you really might have been overcharged, check your bank statements first before clicking any links.
Just being in the know about these emails is step one. There are other steps you can take to keep yourself safe from these phishing attempts. If you see an email like this in your inbox:
- Be sure to exercise caution before you click on anything. Hover over any links and see where they direct before you click. If the links provided go to a website, don't click it. Navigate to the company's site yourself without the link.
- Take some time and try to spot the typos.
- If you're not sure that you can spot the signs, click here to take our phishing IQ test to see how many stand out to you.
- Practice multi-level authentication, which means you have at least two forms of verification, such as a password and a security question before you log into any sensitive accounts.
- Protect yourself with strong anti-virus software, such as Total Security from our sponsor, Kaspserky Lab.
5. Instagram's Ugly list
A scam known as the "Ugly List" is making its rounds on Instagram. Users are being tricked into thinking one of their friends has tagged them in a mean-spirited post. Anyone can fall for this cruel clickbait, but teens could be particularly vulnerable to this phishing attack.
It works like this. The victims get a notification from Instagram saying they've been tagged by a friend in a post called "Ugly List 2016." How rude! Inside the notification is a link, which supposedly takes you to the Ugly List post. The link is actually a phishing scam.
If you click on the malicious link, it takes you to a page that looks like the Instagram login. You have to enter your username and password before you are able to see the Ugly List.
Warning! Do not click on the link in the notification, the login page is a fake.
Once the scammers have your Instagram credentials, they could get into your account and tag your followers in the Ugly List posts. The scam would keep spreading and the attackers could steal more information.
Here are some things you can do to avoid being a victim of a scam like this:
- Be cautious with links. If you get an email or notification from a site that you find suspicious, don't click on its links. It's better to type the website's address directly into a browser than clicking on a link. Before you ever click on a link, hover over it with your mouse to see where it is going to take you. If the destination isn't what the link claims, do not click on it.
- Do an online search. If you get a notification about something like the "Ugly List," you should do an online search on the topic. If it's a scam, there are probably people online complaining about it and you can find more information.
- Watch for typos. Phishing scams are infamous for having typos. If you receive an email or notification from a reputable company, it should not contain typos.
- Use multi-level authentication. When available, you should be using multi-level authentication. This is when you have at least two forms of verification, such as a password and a security question before you log into any sensitive accounts.
- Have strong security software. Having strong protection on your family's gadgets is very important. The best defense against digital threats is strong security software.