Good security software can do a lot to improve online security and to protect you from the consequences of online mistakes, but many scams require you to cooperate with the scammer in some way, voluntarily (if unintentionally) providing access to your online data. The best protection against those types of attacks is not software but good security habits. Many of the common sense rules that keep you safe in the real world can also protect you online.
1. Be skeptical
This is the single most important behavioral change you can make. Scammers rely on our natural instinct to trust other human beings. In general, we believe what people say until they’ve been proven false. But by that time, a scam may have run its course. Social engineering attacks rely on exactly this kind of good-faith trust. And to a certain extent, it’s necessary for society to function properly. But a heavy dose of caution and skepticism can end many scams.
Double check suspicious information with the supposed source of that information. Make sure to use a phone number listed on the company’s official website, not the email signature, which may be false. Be especially wary of unusual communications requiring immediate resolution. This goes double for situations involving your bank, PayPal account and other financial holdings.
2. Is it too good to be true?
Always question whether a deal is too good to be true. An unbelievable deal often doesn’t actually exist. Many scammers rely on people’s natural greed to get access to money and credentials. Whether it’s financial scams that promise an outrageous return or Amazon listings for way below the market price, scammers often entice us with an unbelievably good deal. The same works on a smaller scale, with websites and downloads. Attackers can often sneak malicious software on to your computer by using websites that promise something like free movies or tech products. Be wary of the programs you download and install and the websites you visit.
3. Double check information
Most email-based scams rely on users casually opening email and following the instructions found therein. While many folks have been educated about the risks of these phishing attacks, they’ve also become more sophisticated. It requires a keen eye to spot a fraudulent email message by sight. Few folks are even looking that closely. But if you think critically about what the email is asking you to do, you can often avoid scams.
For example, are you being asked to log in to your Google or PayPal account immediately? If so, don’t follow any links in the email. Visit the website by typing the domain in to your browser and logging in that way. If you’re uncertain about the origin or legitimacy of an unexpected email, communicate with the sender to confirm its authenticity.
4. Question seemingly “urgent” decisions
Be wary of anyone trying to convince you to take a specific course of action without thinking it over. In a distressingly common Western Union scam, scammers call individuals and imitate the IRS. You owe major back taxes, they say. And to make matters worse, the police are on the way to arrest you right now. But if you pay your back taxes by wire transfer immediately, they won’t let you get arrested.
Of course, this is not at all how tax fraud prosecution works. The scam is so common that wire transfer companies like Western Union are on the lookout for it. But in the grip of fear and uncertainty, and faced with an apparent authority figure, many people have insisted that Western Union send the money, even after being assured that it’s a scam and that the IRS will not arrest them.
5. Confirm identity when possible
Many scammers are successful because they pose as authority figures or loved ones. Humans are simply less likely to question apparent authorities or those they already trust. Scammers have been known to pose as utility workers and government officials. From this apparent position of power, they’re able to convince their victims to do things they otherwise might not.
Some scams also manipulate the elderly by imitating their children or grandchildren. Using a fake Facebook account, the scammers contact the grandparents, claiming that their relative is trapped in a foreign country and needs money to gain their freedom. A phone call to the grandchild or their parents will often reveal this scam, but it’s still successful frequently enough to make it worth their while to try it.
As we’ve mentioned already, make sure to confirm identities and apparent authorities through separate channels than those provided by the potential scammers.
If you’re in doubt about information you’ve received, be suspicious. Confirm the origin and veracity of claims. By simply being skeptical and cautious, you can often avoid online scams.