Scammers are continuously looking for ways to get your personal information and use it for their own ends. Here are a few online-specific scams to be aware of.
Tech Support Scams
This is when scammers pose as support or service representatives. Scammers will offer to resolve issues such as a compromised email, financial account, virus on a computer, or even a software license renewal. These scams usually start with a phone call or a pop-up warning of a computer problem that gives a number to call. The scammers often claim to be Microsoft or Apple and may even spoof the caller ID to make it look like one of these companies is calling.
Another type of tech scam is when scammers get people who need computer help to call them by posting phony customer support numbers for well-known companies online. They pose as Microsoft or Apple, a consumer security company, or even your financial institution. Scammers convince people to allow remote access to their computer and then make a big show of “troubleshooting.” They may open system folders or run scans that seem to show evidence of a problem. Then they ask for money for supposed repairs and things like fake service contracts.
A fraudulent Microsoft pop-up might look like this:
Scammers provide phone numbers and convey a sense of urgency. This is the fraudster’s tactic to get you to comply. They'll use access to your computer to steal passwords or your financial information.
Protect Yourself from Tech Support Scams
Note: NWCU will never call you and ask for the one-time security code you may receive from us. We will never ask for your Online Banking Password or your full Debit Card number. Caller ID cannot be trusted; scammers are able to spoof any financial institution phone numbers and/or represent themselves to look like they're from NWCU. Hang up and call NWCU at a published number right away.
You can protect yourself from tech scams with these tips:
- Install ad-blocking software that removes or reduces pop-ups.
- Ensure all your anti-virus, security, and malware protection programs are up to date.
- Don't install software because someone who called you told you to. Be very careful installing apps or programs like TeamViewer or AnyDesk.
- Be cautious of customer support numbers that you find through Google or other search engines.
- Don't fall for the pressure to act quickly.
- Don't give people you don't know remote access to your devices or accounts.
- If you receive a pop-up screen asking you to call a company, shut down the device immediately. Ignore any pop-ups that instruct you to not restart or shut down the computer.
- If you've contacted a company that you realize is fraudulent, be careful about additional communication from them or other companies--fraudsters often share the lists they use with your personal information.
- If you've given a scammer access to your device or account, change your passwords immediately. Actively monitor your accounts and consider putting a freeze on your credit.
For more information on Microsoft pop-up scams, please visit Microsoft.
Online Dating Scams
These are also called "sweetheart scams." Romance scammers create fake profiles on dating website and social media sites. Online dating scams are a way that scammers can get personal information and money out of you or someone you love. People that you meet through online dating or social media sites or apps may seem sincere, but if you haven't met them in person, they might not be who they say they are. They may ask you to send money because they're in trouble or tell you that they'll book a plane ticket to come see you. But you'll never see that money again.
Warning Signs for Sweetheart Scams
Warning signs that the person you're talking with online is a scammer:
- Their online profile seems to good to be true.
- The relationship moves fast. They escalate the relationship by using lots of flattery, telling you they love you, and asking to move conversations off the site so they can email or text you.
- They make plans to meet in person but always come up with reasons they can't meet in person.
- They claim to be traveling or living far away (outside your area or outside of the country).
- They claim to have a medical emergency or unexpected expense and ask for money. They also might ask for money to pay for a trip together or to come visit. They ask for you to wire money or to buy a gift card or cash reload card and provide them with the card number.
Cryptocurrency & QR Code Scams
COVID-19 has increased the use of cryptocurrency in ransomware and fraudulent schemes: "Criminals often pitch fraudulent investments in a “new” and developing cryptocurrency, such as an initial coin offering (ICO) or other investment vehicle to take a victim’s money. These scams typically involve scenarios that seem “too good to be true”—offering large monetary returns for a short-term, small investment. The reality is that scammers steal the investment money for personal use and utilize the complexities of cryptocurrency to hide the true destination of the stolen funds."
From the FBI: "A QR code is a square barcode with information that can be scanned and read with a smartphone camera. An individual can scan the QR code of an intended recipient to auto-populate the recipient field making it easier to send cryptocurrency to the correct destination. QR codes can be used at cryptocurrency ATMs to direct payment to an intended recipient. While many businesses have legitimately used QR code payment in the last year because of the COVID-19 pandemic, QR codes also play a role in malicious use of cryptocurrency payments."
Scam Red Flags
Scams change, but red flags don't. Here are the FBI's top ten fraud red flag signs:
- Requests payment via gift cards, wire transfers, or virtual currency;
- Creates a sense of urgency or deadline to pay quickly;
- Demands secrecy from you;
- Has poor grammar or misspellings in their messages;
- Offers payments in amounts higher than listed price;
- Disguises their email addresses to seem legitimate;
- Sends unsolicited emails, texts, etc., requesting you to confirm usernames and/or passwords;
- Requests to move to a new platform to communicate;
- Requests to access your personal bank account to pay you for a service;
- And, sends unsolicited emails with links or attachments.
If you believe are a victim of an online scam, you should report the incident to NWCU and to the FBI’s Internet Crime Complaint Center at www.ic3.gov or call your FBI local office.
More Ways to Keep Safe
The following tips may help protect you and your information:
- Make sure your email, banking, and health accounts all have different unique passwords and/or passphrases.
- Make sure your password is as long as the system will allow.
- Set up multi-factor authentication for your accounts.
- Be wary of “games or quizzes” on social media that ask for personal information. Many times those answers are actually your password “hints.”
- Don’t bank or log into other important accounts using public Wi-Fi.
Sometimes a scamming victim will give the scammer their password, and other times the scammer will be able to crack the code. The National Institute of Standards and Technology (NIST) advises that password length is more important than complexity. So instead of using short, complex passwords, use passphrases that combine several words and are longer than 15 characters, if possible.