Common Scams and How to Avoid Being a Victim of a Scam

Scams are a common problem, one that can cause financial hardship and emotional distress. Scammers know how to manipulate people in order to get them to part with their money, often playing on emotions or promising huge rewards for little effort. 

Scammers may pose as companies, friends, or family members in order to gain someone’s trust.

Unfortunately, scams can take on many different forms related to any kind of interaction: telephone calls, emails, online shopping transactions, texts, social media messages, or face-to-face interactions, etc. It is important to learn the warning signs of possible scams so that you can protect yourself from unwelcome financial losses. Developing a healthy skepticism and double checking information is key in protecting your wallet – because if something sounds too good to be true it probably is.

Because this is a little above my pay grade, I asked my husband to write about this subject. He is a retired computer programmer and his short bio can be found on LinkedIn here: Alex Balasa – Senior manager of my own time. He knows as much about sewing as I know about computer programming but scam avoidance is something I trust him with! Yes, I know, nobody’s perfect, he is also a Star Trek fan 🙂!

---

We live in an era of instant communication! It was not always like this though. I remember as a child watching Star Trek (The Original Series) and being amazed at the gesture of Captain Kirk when he took out the “communicator”, flipped it open and instantly talked to someone on the other side of a planet. Miracle! Science fiction!

Well, within my lifetime I could see this technology come to life, and then some. Our “communicators” can talk to people on the other side of the planet, but can also take images, make movies, read back to you and even offer information and advice sometimes (Siri, what is the weather in New York?). And all this without the benefit of the almighty computer Captain Kirk had at its command.

But this instant communication is also fraught with perils, and a very interesting report can be found here: 2021 US Scam Report. The report pretty much says that if you are online, you will definitely encounter a scam attempt. As a member of the online community and a website publisher I have also encountered many scam attempts (plus many other hacking attempts) so I decided that, even if this has nothing to do with sewing, I need to write about them.

Many scan attempts are quite clever; not all of them, there are many obvious also. Some are appealing to our feelings, some are taking advantage of our fears, some scammers present themselves as government and other trustworthy organizations while others simply use the old “get rich quick” schemes.

This article attempts to expose some of the most frequent scams I encountered. Yes, I encountered all of these myself.

The Private Facebook Group Scam

The private Facebook scam is unfortunately still rampant on the internet, and unsuspecting members of a group may often fall for it. How does it work? It usually involves one member posting a link advocating some kind of ‘awesome’ giveaway, and encouraging others to give their credit card details in order to get access. Of course, it should go without saying that this is a fraud! I’ve had this issue occur within my own Facebook group a couple of times each month, but luckily my members have so far been incredibly vigilant – they quickly report any suspicious activity they see to me. It’s so important that everyone is aware of these scams, and knows not to be taken in by them.

Never, absolutely never, give out your private information to anyone. To be honest, I am reluctant to give out my phone number even, but banking info? Let’s be serious.

The Deceptive Link Scam

This is a new one, or at least I did not see it until recently. Take a look at these addresses:

https://www.citibank.com

https://www.citibаnk.com

https://www.citibank.com

https://www.citibаnk.com

They seem the same address, right? If you believe that, you could not be more wrong. Look carefully: every other “citibank” address line, the “a” is not a Latin a character. It is a Cyrillic character! It is easier to see with a larger font but of course when you read an email you will only see the small size. And obviously the address is NOT the one that you assume it is. For the tech savvy, look below at how the html code looks like for a normal Latin character address and for one with a special character in it. You will notice the character code 1072, which is the Cyrillic “a”.

The scammer will send an email with a link to the BAD address where it will impersonate the bank (I took Citibank only as an example, that BAD site does not really exist) where it will ask you to input your credentials, bank card, password, etc. Then the scammer will have your credentials for the REAL site!

What to do and how to protect yourself:

Do not click on links in emails, especially not for the sites that are manipulating sensitive information. Be very careful especially with emails that ask you to take to a login page where you need to input sensitive information. Take the address from your address book or type the address yourself – it is a hassle but believe me, having your banking credentials (or perhaps your identity) stolen is a MUCH BIGGER hassle.

The Zelle Scam

This scam is used usually when someone has an object for sale and it is very common on Facebook Marketplace (but not only). The scam is most of the time tied to Zelle but there were cases when other instant payment platforms have been used (Venmo, CashApp).

The scammer will need your email  (your Zelle ID) for this, so he will ask for your email first. The purpose of the scam is to extract cash from you. The scam is described in this Yahoo!Finance article. This scam targets you specifically.

The “buyer” (scammer) pretends that he has sent payment and presents an official looking email which, he claims, is a confirmation of fund transfer. The email is fake, and no funds have been transferred. Then the scammer demands the merchandise, or a refund. In some instances, the scammer pretends (and presents fake screenshots and emails) that the seller has to “upgrade” his Zelle account to receive the money and that the amount sent includes the “upgrade fee” that the scammer wants to be returned.

What to do and how to protect yourself:

• Never believe the emails you receive. Same thing about text messages.
• Log on to your bank and confirm the receipt (or non receipt) of the money.
• Never send money to anyone as part of selling on any online marketplace platform.

The Google Voice scam

This scam is also used when someone advertises something, either an object for sale, or a service, or perhaps a lost pet. I have seen it used on both Facebook Marketplace and Craigslist. The purpose of the scam is for the scammer to steal and control your Google Voice number or open a Google Voice account linked to you in order to impersonate you.

How the scam works: the scammer pretends to be interested in your object or service, or to have found your pet, etc. But the scammer then pretends that he doesn’t trust that you are indeed the person you claim to be, therefore he is asking for your phone number to verify. Then the scammer sends a message with an authorization code from Google Voice. That code authorizes the transfer of your Voice number to the scammer (if you already have a Voice number) or authorizes the creation of a Google Voice account linked to your phone number.

The scammer will then ask for this code, and if you give it to him, he will use the code to steal your number or create a  new one. In both cases, the scammer ends up owning a number linked to your actual identity and he can use this as if he was you.

What to do and how to protect yourself:

• Never give anyone any code sent by Google or anyone else. Never.

The scam is described in this FTC article: The Google Voice Scam. This scam targets you specifically.

The Fake Purchase Scam

For this scam, the scammer needs your email or phone number. In fact, the scammer doesn’t really target you specifically.

How the scam works: the scammer sends an email or text with content like this:

Please note the wrong grammar (…interest and choosed our…), errors like this are common in scams.

I have never called the number myself but from other people’s experience if you call they will attempt to get your information and your credit card information to actually use your card. It is unlikely that your card has been charged at this point, in fact, it is unlikely that the scammer actually has any real information about you except the phone number or email and name. The scam is likely sent to a large distribution list and will only work on people who call the number.

The actual product may vary, I have seen iPhones, Norton Security subscription, DirecTV subscription and probably others too.

What to do and how to protect yourself:

• Do NOT call that number. I repeat, DO NOT CALL. If you do, you will talk to an expert in the matter who will play on your insecurities. Do not underestimate their ability to talk you into something you don’t want.
• Just to make it clear, do NOT call that number 🙂
• Check with your bank and make sure there are no unauthorized transactions. In fact, you should do this from time to time even in the absence of a scam. If there is any unauthorized transaction, DISPUTE IT immediately and use whatever dispute resolution your bank has. All banks and credit card issuers offer protection against the unauthorized use of a card.
• If the card or account has been compromised, CLOSE it immediately. In fact, the bank will do that as soon as you report the unauthorized transaction, but if the bank does not do that, you should ask for a new account or card with a different number.
• This is a US phone number. You could attempt to report the scam to the FTC (https://reportfraud.ftc.gov/) but I personally don’t hold too much hope of any positive result since it is unlikely the scammer is under US jurisdiction.

The Prime Scam

This scam starts with an email which is supposed to be from Amazon (it is not) asking you to resolve the status of your Amazon Prime membership. I have seen this message in Japanese also, claiming to come from Amazon Japan. The message claims that your Prime membership could not be renewed because the payment method failed and will ask you to log on to “Amazon” and resolve the issue.

However, if you click the link (which is NOT going to Amazon) and make the mistake to input your credentials, you will in fact give the scammer your Amazon account to use! The scammer will be able to order items and ship them to him, while you will pay for them. I am not sure if Amazon will reimburse you for that but I suggest that you better not find out!

What to do and how to protect yourself:

• Do NOT click on any link in such email. If you need to verify the status of your Amazon account, go to amazon.com directly, login and verify.
• Report such emails as phishing and / or junk, if your email provider allows you to do it

The Online Fake Delivery Scam

This scam is perpetrated on people who buy things online and is very, very effective. The scam works on all people who attempt to purchase the product online and I have seen it on stand alone web sites as well as on eBay. I have been a victim myself to such a scam.

How the scam works: the seller has a real product advertised, often for a very good price. In my case, it was a sewing machine. The buyer buys the item in good faith and pays for it somehow, in my case I paid for it using PayPal because I was wary of giving my credit card information to an unproven site. The seller then posts on its website a FAKE USPS tracking number. The fake tracking number is for an item that goes to the same zip code as yours, all USPS shows on its tracking application is the zip code where the package is going, but not the actual address. The tracking can be for a package sent to a random address in the zip code and inside may be a worthless knick-knack, if anything. 

Obviously, after a couple of days the fake number shows “delivered” but of course, you, the buyer, did not receive anything. Both eBay and PayPal (if the transaction was using one of these services) and the credit card companies (if you paid directly via credit card) will consider the seller’s duty fulfilled once the package shows “delivered”. Since you have no proof you have received nothing, at this point you can not go any further.

In my case, PayPal has denied my request for reimbursement and the appeal, saying that it is my duty to prove the package went to a different address. Which in the end I did (see below).

What to do and how to protect yourself:

• NEVER buy from an unproven site, from a new site. Never. Yes, the price might be good, but the risk is great. Always use a trusted merchant if possible.
• If available, use the COD (Cash on Delivery) payment method. I have not seen this method used lately but I think it is worth mentioning.
• Beware of the “too good to be true” deals, if something seems too cheap, then there is probably a catch somewhere. You are better off avoiding these “bargains”.
• If however you were taken, try the following (as I did). Go to the post office and try to get the delivery address for the package that supposedly went to your address. It is unlikely the USPS will tell you the address, it seems that it falls under the “privacy” stipulations. But the USPS might be willing to certify (as it was in my case) that the package DID NOT GO to your address. 

In my case, with this information (that the USPS certifies that the package did not go to my address) I wrote to the PayPal legal department asking for a reevaluation of their position fully intending to go to any arbitration they might choose since I had proof that I did not receive the package. Their legal department relented, I was issued a refund but I was told it is only a “courtesy”. Of course, I stopped immediately using PayPal for purchases and I use only my credit card.

I do not advocate not using PayPal for purchases, this is only my personal choice. Your mileage might vary and PayPal may actually help protect you from other scams since it hides your card number from the merchant. Judge for yourself.

The Fake Social Security Scam

You simply have to love this scam! The funniest I have seen until now. The scammer will send you an email with a content similar to this:

Attention Dear ,
This is to inform you that your SSN will be terminated within 24 hrs due to malicious action. Kindly speak to our SSA Support in case of any distress. At your earlier convenience Please refer to a Suspension letter linked below.
Your SSN Docket Number is SSA-cwxm3228105

Sincerely
SSA USA

The letter is an attachment which gives a phone number to call:

I have of course not called the number so I don’t really know what the scammer is after, but I would guess your personal information (I doubt they know your SSN) and perhaps some “fine” you have to pay to “reinstate” the number.

Please note again the nice construct “At your earlier convenience Please refer to a Suspension letter“. Good form and good English – NOT!

Well, I have never heard the SSA calling anyone “dear” until now, isn’t this precious? What about the SSA USA? I wonder if the Social Security Administration has ever felt the need to specify that yes, it is THAT SSA from the USA, as opposed to the one from, say, the UK; what do you think? What about the signature, “Attorney General of Texas”? After all, it is well known that the SSA (a federal institution) is under the authority of the AG of Texas, right?

I was thinking at some point to get a pay-per-use prepaid cell phone and call the number, I bet I could have obtained some other funny things. Not worth my time though.

My advice: when you see this kind of scam, have a good laugh, but don’t call the number and then forget about it.

The Pet Rehoming Scam

I have seen this perpetrated on Facebook; in a local group I have seen the following post:

How do we know it is a scam? See below what someone who was interested in the dog found out:

Every time you are being asked to send money upfront, like in this case, that is without a question a scam. Absolutely no doubt. Never send money, banking details or any private information following a public notice, no matter how much of a good deal it might look like.

The Fake Invoice Scam

This is mostly used for people who have an online store but I have seen it used on people who have absolutely no presence online. The scam relies on the natural curiosity of people and is very easy to detect and foil.

You will receive an email like this:

Hi (your name here),
Hope find you well.

Find attached the files for offer of project. LA JUNQUERA (GE) 3 REP + FORNELLS DE LA SELVA Please provide offer with price and delivery time. Thanks in advance. Best regards,
Vasil VASILEV
32 Nikola Petkov Street
Gabrovo 5400 Sevlievo, Bulgaria
Phone: +35967539200

Again please note the poor English; however this time this may be “excused” since the sender does not pretend to be a native English speaker. I have seen emails “sent” from Pakistan, Russia, Bulgaria, The Netherlands, France and probably other countries. “Sent” because they are probably mass emails from an anonymous mail server and the addresses and names are completely fake.

In this particular case if you would check the address you would notice that the correct postal code for that address is 5402 not 5400; however the address is irrelevant.

The key here is that the email has attachments which may be documents, spreadsheets, pdf files or simple html files. In all cases the purpose of the email is to make you open the document or spreadsheet or click on the links from the pdf or html. Sometimes the pdf document will contain an enticing message (for example, “you have a refund of …”) and a phone number to call.

In all cases the purpose is to insert a virus into your machine either directly (via the document or spreadsheet macros) or indirectly asking you to click on a link inside.

What to do and how to protect yourself:

• DO NOT OPEN such emails.
• If you do open such emails, do it ONLY with a mail client which does not download the images and attachments by default
• Delete these emails immediately, Empty your trash folder, you do not need viruses even in the Trash.

Fake Purchase Refund Scam

This will only target people who have an online store; or better said, it only makes sense for people who have online store.

You will receive a message from someone claiming that he made a purchase which never went through and was cancelled but his method of payment was charger nevertheless. The person will require a refund or (also likely) to obtain your personal information or some free merchandise. The mail looks like this:

I’m writing to express my deep problem and disappointment relating to a recent transaction I made on your site.
On (date), I placed a purchase for goods well worth over (amount) from your store. But, a substantial issue has arisen that requires your immediate awareness. After completing the purchase, I came across error indication on your page, stating it was unable to complete my payment and that simply no finances were taken from my credit card. To my complete surprise, upon reviewing my banking account, I found out that the payment had truly been executed and the corresponding amount had been taken.
I need you to address this matter with the utmost urgency and fix the problem quickly. It is vital that you analyze the cause of this situation and make immediate actions to return the subtracted sum. For your review and as evidence of the purchase, I have presented a copy of my account statement below, which clearly shows the cash withdrawal.
This should act as final proof of the payment and highlight the emergency of the refund.
I will genuinely appreciate your instant actions. Here document approve transactions (scammer fake invoice address)

The return address for the email in my cases was always invalid so I assume the point of the scam is to make you click on the (fake invoice address) at the bottom which presumably will take you to a page with more “details”.

In reality, no purchase like that was ever made and no transaction like that exists. It is likely the scammer does not really have any of your information except your email.

What to do to protect yourself:

• DO NOT CLICK on the link at the bottom of the email. In fact, do not click on any link in the email.
• Verify your online store transaction list just in case.

Fake Unusual Sign-in Activity

You may have received an email with a subject like this: “Microsoft account unusual sign-in activity”, or “Facebook account unusual sign-in activity”. The email will have a link in it to “log in” or perhaps to somehow tell “Microsoft” or “Facebook” about the problem.

I do not believe you are individually targeted by this scam, it is my belief that the scammer simply sends such emails to a whole list and then follows up with the ones who open the email or click one of the links.

If you follow up and try to click on links you will be directed to a site that looks like your Outlook or Facebook login and prompted to enter your credentials. That site is NOT Microsoft or Facebook, it is a scammer;s site and the purpose is to steal your login credentials.

What to do and how to protect yourself:

• Verify what is the exact link you are directed to. Hovering with the mouse on it (on desktop) you will see the actual link, and can assess if it is Microsoft or not. Probably not.
• Never enter your credentials on a page that you reached from a link from an email. NEVER. If you have to log on somewhere, type the address yourself or use a local link known to be good (I have a bookmark page that I set up myself).
• Change the password for your online accounts often, and use a secure password. I understand remembering passwords is a hassle, but having your identity stolen is a much bigger hassle. Trust me.

Fake Survey Reward Scam

This is a scam that targets everyone. “You won a gift card…”, “you won a Makita drill…”, a Le Creuset set, a Home Depot shopping spree, a Sam’s Club reward, etc. No, you did not actually win anything.

The link in the image below does not have anything to do with Le Creuset, or Kohls. The link goes to recruitmasks dot com which was registered – surprise! – six days ago (as of the writing of this article), therefore is only six days old. I am not sure what exactly this website does and how long will it keep doing that, but I can say this with 100% confidence: it has nothing, but absolutely nothing, with either brand names mentioned in the email.

What to do and how to protect yourself:

• Report the email as phishing if your mail service has such an option, or as junk email otherwise.

• Delete these emails.
• DO NOT click on any links in the email

The Fake Delivery Scam

Thew fake delivery scam starts with an email pretending to be from USPS, of FedEx, DHL or UPS (or other shipping company) which presumably have a package for you held for some reason. Here is an example:

This particular one claims to be coming from DPD (European shipper) but the link in the email is obviously not a DPD link (it actually goes to a site named buzzcity dot club).

If you fall for it and actually click the link you will most likely be presented with a request to input your credentials and login or perhaps to pay a delivery fee, or customs fee, etc.

No, there is no delivery. There is no parcel, there is no customs fee, no underpayment of taxes, no VAT to be paid. I collect handheld calculators and I have received (in the US) packages from the whole world, literally. From South Africa, China, Japan, Israel, Brazil, Thailand, Singapore, Australia, New Zealand, Canada, the UK, Germany, France, Italy and probably many other countries I forgot about. I frequently send and receive machines to other collectors and we exchange repair services and spare parts. You can see some of my collection here.

In my over 25 years of calculator collecting I did not receive from any shipping company any email like this. All, but absolutely all such emails were scams 100%.

What to do and how to protect yourself:

• Report the email as phishing if your mail service has such an option, or as junk email otherwise.

• Delete these emails.
• DO NOT click on any links in the email

The Fake Business Opportunity Scam

You may receive an email with a content like this:

“I am the manager of a bank in <insert country> and I have X million dollars to invest in your country”

“I am a Ukrainian (or any other country at war) and need to move my money to your country”

“I am a rich sheik and want to invest X millions in your country”

Or any other message pretending to be from a rich guy wanting to invest his money and needing your help. Sometimes the message will suggest that the money is not really clean and that is the reason this convoluted way of “investing” is chosen.

No, there is no money. There is no investment. Rich people already know how and where to invest and people with illegal money will never advertise that on the Internet to everyone. I am not sure WHAT exactly will the scammer look for, because I have never followed such emails, but very likely if you answer the scammer will request that you come up with money for any number of reasons.

Stay away from these fake investment “opportunities”.  They are, without the smallest shred of doubt, scams. They are not the only type of “investment” scams out there but they show up with the greatest frequency in my inbox.

Fake Lottery Scam

From time to time I also receive fake lottery “winning” announcements like the one below.

I have never followed up with the scammer so I am not sure exactly what the scam is about. What is sure is that the scammer requests a lot of personal information that, at a minimum, can be sold as part of the “likely to answer to scams” list.

It is also possible that if you do follow up there will be, at some point, some requests for money for “fees”, “lawyer charges”, etc. 

Never answer these fake lottery letters. I can assure you, there is no lottery and if there was one, it would be highly regulated by the government of the respective jurisdiction. A lottery works because a lot of people pay a little sum of money each, and from the total amount collected the lottery organizer (and the government) takes its share, for expenses and their own profit. The rest is distributed as winnings. But the key is, the participants must PAY to enter, where else can the lottery get the money?

Unlike what get-rich-quick schemes claim, real money doesn’t grow on trees.

The “I Hacked You” Extortion Scam

This scam begins with an email saying “I hacked your computer and if you don’t send me money I will do bad things”. The “bad things” may be wipe out your computer, or publish your private data on the Internet, or may be a threat that you accessed some adult sites and the fact will be made public. A recent example addressed to me is below.

99.99% of the time this is an empty threat. No, the scammer probably does NOT have control of your computer (or phone, or tablet, etc.) and no, probably this email did not target you specifically (notice the absence of any information that might be linked to me or my site). The scammer did not access your email account and this email is definitely not proof that he has access to your contact list. You have probably not been hacked at all, or to put it differently, the email does not offer any clue or proof that you may have been hacked.

What the scammer wants is obvious: money, he even tells you how to do it (send Bitcoin, which is anonymous).

✅ Note: It is possible that you have been, or will be hacked in the future, and that you will get a virus. Please read the section “What to do if I got a virus” further down for suggestions how to deal with it.

How to protect yourself from this:

• Ignore the email
• Make sure you have good backups of your files on the computer or phone

The Fake Inheritance Scam

The Fake Award Scam

The Fake Grant Scam

The Fake Lost Money Scam

All these scams have one thing in common: they promise you an amount of money (usually well above 1 million) which can be released immediately, or is waiting for you in a transit account, or is in a foreign bank, or United Nations account, or has been found to belong to a relative of yours (now deceased), or, or, or.

No, there is no money, nothing is waiting. The scammer will first promise everything, will give you details, will even show images if necessary. And at some point there will be a request for a small amount of money for “taxes”, or “stamp fee”, or “lawyer’s fee”, or any other treason. If you pay this fee, more requests of “fees”, higher and higher, will come. The purpose of the scam is to extract money from you, and that is the end of it.

There is an unwanted addition to this scam: if you answer the emails, even if you never send any money, you will get rewarded by having your name placed on an “easy to be fooled“ list and will get on that email even more and newer scam attempts.

What to do and how to protect yourself:

• Never, but absolutely never, open these emails. If you open them, make sure you can not be traced (see below)
• Never answer any such emails.
• Report them to your mail provider as “phishing” or “junk” if possible. This will help the mail provider in better screening the mail in the future.

Love Scams

There is a whole class of scams that prey on the most vulnerable people: single mature people. Perhaps recently widowed or divorced. Or perhaps single people who recently retired and suddenly find themselves with too much time on their hands. Or people who need companionship, who simply need a friend – and we all know there are many in this situation.

Let me give you an example: I have an acquaintance who was going through an abusive marriage and after her separation was looking for a friend or pen-pal, nothing more. Somehow she contacted on Facebook a person who claimed to live in Florida, be of roughly the same age (Facebook shows your age, if you don’t choose to hide it) and similarly in need of a friend.

What happened was an exchange of letters and after a couple of months my acquaintance became suspicious because there should have been about 7 hours difference in timezone between the Florida person and her, but she was immediately receiving answers to messages written at 9 in the morning (2 am in Florida!). So she insisted on a face-to-face meeting via video messenger. Luckily my acquaintance was not in a position to give him money because at some point the “Florida” person did ask for money for a new phone (or he could not have a face to face meeting, you know).

Well, the meeting never took place, the “Florida” person confessed he is in fact in Nigeria (only 1 hour difference in timezones) and his purpose was to get some money to emigrate.

I will not say that all online friendships or budding relationships are fraudulent, because there are many success stories out there. But I will say this: be very, very careful. Any request for money is a very red flag and at that point the probability of a scam is close to 100%.

There are many sob stories: sick kid, terminal cancer, progressive blindness, government taxes, ransom money, etc. I have even heard a request that the person (scammer) needed money “to pay for shipping his things back to the US” from wherever he was, or to pay visa fees to be allowed to leave the country, or bribe money to get his passport back, etc.

No matter how it is presented, the request for money while you did not meet the other person is 100% a scam. Even after you meet in person a request for money is suspect and has to be treated with a lot of care.

Be careful with these scams, they exist, I have seen them and while I was not a direct subject, I know people who were.

Avoid email tracking

Did you know that every time you open an email, the sender can tell if you opened it, and if you click a link in that email, the sender knows that you clicked the link? It is very easy and it is done by virtually all companies which send you emails. Companies do that to assess the effectiveness of their email communication and if the emails are sent in good faith, to avoid sending them to people who might not be interested, if they never opened the emails.

Without this feedback, the sender of the email has no way of knowing the communication has reached its destination since the email does not have a delivery confirmation mechanism built in. The sender has of course a legitimate interest to know if the email has actually reached its destination and may use the “opened” event as confirmation of delivery.

Unfortunately this works for scammers too. A scammer acquires a large email list legally or (most of the time) illegally, then he sends a prospective email to the list. The people who open the email may find themselves confirming to the scammer that 1. Their email is valid and 2. They are interested enough to open it. These people are now at a higher risk of a scam by email and a second email with a real scam may be sent.

You definitely do NOT want to advertise to a scammer (or unknown person) that his email has reached you and that you opened it, therefore you may want to STOP your email client from actions that will notify the sender. Most of the time this means stopping the email client from downloading the images and dynamic email content automatically. 

There are many excellent articles on the Internet about how to do that and one of the best I found is this: How to Stop Your Emails from Being Tracked | Digital Trends. I recommend reading that article and – more importantly – ask your significant other, son, son in law, grandson or the geekiest person in the family to help configure your email client(s) to avoid online tracking.

For my mobile devices, I use an email client designed with privacy in mind: FairEmail. The free version is excellent but for a donation of about the price of a Starbucks latte you can get the professional version for all your mobile devices and then you can safely open emails to inspect the content knowing the tracking is by default off. I recommend that program. I am not associated with FairEmail and I get no benefit whatsoever from this recommendation, this is solely because I believe it is a good utility. The website is https://email.faircode.eu/.

What to do if I got a virus

Unfortunately it is likely that at some point you would get a virus on your computer. How? Most likely by clicking on a link in an email, or visiting a dubious site and agreeing to install a piece of software, or opening a Word or Excel document that has a virus in it (yes, Microsoft Word and Excel both can carry very dangerous viruses). Or running an app or program downloaded from a dubious site.

No, the virus protection is never perfect, no matter what virus protection you use, there is always a chance of infection. Best defense against it? MAKE BACKUPS of your precious files and HAVE A GOOD VIRUS PROTECTION in place.

How do I know I have a virus? There are many ways to do that, but usually you notice that the computer (or phone) just works differently than before. Perhaps it crashes. Perhaps it is too slow. Perhaps your home page has changed unexpectedly (big red flag), or you see unexpected popups on your screen, or requests for authorizations when you do not attempt to do anything. Very good articles on the subject here How to Tell if You Have a Computer Virus on Windows and here How to Know If Your Phone Has a Virus.

At this point you have probably already lost your personal information that was residing on that computer and can no longer trust ANY FILES on that computer. That computer should be treated as dead for all purposes. Yes, I know there are ways to remove the infection, but unless you are a very savvy computer security specialist I would recommend against cleanup. You never know if you got out all pieces of malware. Yes, the following assumes the worst. But unless you have proof that the infection is limited and can be dealt with, my advice is: better safe than sorry.

If however you are a security specialist please do not laugh, in the following I will assume that you know little about computers.

What to do:

• Stop using the computer or phone asap. No more work, no more anything.
• Inspect your backups and make sure they are virus free. This is not optional; you might have copied unknowingly documents, programs or other files to backup which have already been infected.
• Disable immediately all network access for the computer. Shut down the WiFi, change your router password, remove the network cable. This cuts the communication between the hacker and the computer and prevents the hacker from accessing the computer remotely (yes, that is a danger). Also prevents any further theft of information.
• Do NOT attempt to connect any devices to the computer. No USB drives, no thumb drives, nothing.
• Do not attempt to send email or copy any files from that computer. If you indeed have irreplaceable files there find someone savvy and ask if he/she can help with salvaging some data. You need an expert at this point.
• Notify (using other devices, not the infected one) your contacts that you have been hacked. They probably will receive messages that seem to come from you asking for things, or asking to click on links, etc. The messages coming from the email accounts that are on the hacked device should no longer be trusted by anyone.

✅ Note: such messages are very dangerous. Your contacts are likely to trust a message coming from you, with a subject – for example – “Look how funny this joke is” and click on the link, then accept the condition the site is asking for. The message came from a trusted source, right? Wrong! This is why you should NEVER click on links in the emails until after you make 100% sure you know the whole story.

• Change all your passwords that you used on the hacked device. ALL OF THEM. It is likely the hacker already has them. Most browsers that I know have a secure password generator built in, but you can also use a free third party strong password generator. The one in the link is very simple and easy to use.
• If you have banking information on the computer monitor your bank accounts and credit cards. After you changed all passwords.

✅ Note: In fact it is not a bad idea to have a credit monitoring service monitor your credit. Some credit cards in the US (Discover, for example) will offer this as a free service, it pays to have this card even if only for this.

Will you ever be able to use the computer or phone again? Certainly. But not the data or programs already in memory or on the hard drives, or at least not without expert help. You will need to:

• Reset the phone to factory specifications.
• Reinstall Windows (or whatever OS you have) from a good known source

Gift Card Request Scam

This scam starts with an email which seems to come from someone you know, possibly a friend or acquaintance. It will be something like this one below:

You will know the person who seems to have sent the email, so you may be inclined to answer. If you answer, the email will not go to your friend’s email but to the scammer’s email. You will notice that my mail client shows both the “Received from” email address and “Answer to” address, which is different. So if you answer, you will effectively communicate only with the scammer.

What will follow is a sob story where you will be asked to buy a gift card for which you will be immediately reimbursed. Of course if you do that you will never be reimbursed!

What to do:

• Make sure the “Answer to” address is your friend’s address. When you click “answer” in your email program, without actually sending anything, you can check where the mail goes to. Beware there might be small typos, for example if your friend’s email is (just an example) “[email protected]” you might see “[email protected]”. Still different.
• Call your friend on the phone, if possible, and make sure he/she knows someone is spoofing her email.
• Ignore the request and delete the email

If you wonder what “spoofing”: means, here is the Merriam Webster definition:

2 (as in tricking)
to cause to believe what is untrue

Purse in Shopping Cart Theft

And finally let’s close with a warning: ladies, while in a supermarket (or elsewhere where you use a shopping cart) do NOT leave your purse or wallet in your shopping cart. In fact, do not leave ANY personal item of value there. While shopping we are frequently distracted when looking at an item, talking to a salesperson or checking out the offers. It is extremely easy for a thief to snatch the purse, wallet or high value object (camera, for example) and then disappear around the corner of the next aisle.

For a more in depth discussion about this kind of theft please consult this article: Shopping Cart Purse Theft

And while it is not really a scam, we are more and more often confronted by a problem: package theft. We all order things online! There are on YouTube a lot of “porch pirates” videos, some funny, some not so funny. A very good article on the issue is this one: Package Theft Statistics: 2024 Report – Chamber Of Commerce and reading it may give you a new perspective on how large the problem has become.

Scam Awareness Resources

For more detail about scams and how to protect yourself please check out some of the sites below.

Federal Trade Commission: Avoiding and Reporting Scams

Better Business Bureau: Scam Tracker

US Government: Report Scams and Fraud

Citizens’ Advice (UK): Advice on Scams

FBI (Federal Bureau of Investigations, USA): Scams and Safety

UK Government: Fraud, tricks and scams

Australia Government: Scams

Canadian Government: Scams and fraud

New Zealand Government: Scams