Curious about how Snopes' writers verify information and craft their stories for public consumption? We've collected some posts that help explain how we do what we do. Happy reading and let us know what else you might be interested in knowing.
The internet has long been used by bad actors to perpetrate fraud and scams, so it's unsurprising that many of the deceptive techniques perfected (and still used) by email-based scammers are now proliferating by other means. From fake Cash App payments to bogus giveaway offers to nonexistent prizes and special anniversary coupons, social media platforms are currently rife with scammy content.
One very common type of bogus post, known as a "survey scam," promises (but rarely delivers) rewards for filling out an online survey. Such scams can be relatively harmless, but they can also be ruses for stealing your identity or your money, or downloading malware onto your computer. Another kind of post to beware of is "phishing scams," which attempt to lure users into divulging personal information such as passwords, contact info, and even bank account details. The U.S. Cybersecurity & Infrastructure Security Agency (CISA) offers a page describing these and other kinds of scams users are likely to encounter online.
Generally speaking, it's important for anyone who spends much time on the internet to be able to recognize when someone is out to scam you.
A Helpful Adage
The best general advice we've heard for detecting scams comes in the form of an adage: "If an offer seems too good to be true, it very likely is." There's also a corollary: "It's better to be safe than sorry." If you find yourself tempted to click when someone appears to be offering something for nothing, don't do it!
Below, we've compiled tips from reliable sources to help detect and avoid online scams.
Avoiding Social Media Scams
The Minnesota Attorney General's Office offers these helpful hints on avoiding social media scams in general:
- Don’t take the “bait.” Never click on pop-up messages, posts that contain content that seems shocking, scandalous, or too good to be true, or links or attachments in unsolicited emails and text messages.
- Create a strong password. This means that it is a minimum of seven characters and contains a mixture of upper and lower case letters, symbols, and numbers. You should never provide your password to someone you do not know.
- Don’t provide your information (personal or financial) online unless you know the website you are using is legitimate, secure, and encrypted. It is also important to make sure that you are dealing with the right entity and using its real website and not a look-alike site created by a scam artist. Also, look for “https://” (the “s” stands for secure) before a web address.
- Delete unsolicited emails and text messages that request personal or account information. Companies you do business with already have this information and do not need to verify or confirm it. If there is a security breach, most companies contact their customers in writing to alert them of the breach.
- Contact companies only through trusted channels. If you are concerned about an email or other message you received, call the company immediately at its publicly-listed phone number. Never trust the phone number or email address given in the message.
- Verify the person you are dealing with is who they claim to be, and not an imposter. Contact a friend or family member who could confirm the person’s story, or try contacting the real person at a phone number you know is correct.
- Don’t be rushed into sending money immediately or secretly. Don’t send money by wire transfer, overnight delivery, or reloadable cards unless you are absolutely certain that you are sending money to a real friend or family member.
Avoiding Phishing Scams
The U.S. Federal Trade Commission (FTC) defines phishing scams as follows:
Phishing is when someone uses fake emails or texts to get you to share valuable personal information – like account numbers, Social Security numbers, or your login IDs and passwords. Scammers use your information to steal your money, your identity, or both. They also use phishing emails to get access to your computer or network. If you click on a link, they can install ransomware or other programs that can lock you out of your data.
Scammers often use familiar company names or pretend to be someone you know. Here’s a real world example featuring Netflix. Police in Ohio shared a screenshot of a phishing email designed to steal personal information. The email claims the user’s account is on hold because Netflix is “having some trouble with your current billing information” and invites the user to click on a link to update their payment method.
Here's the FTC's advice on how to spot someone phishing for your private information:
Scammers often update their tactics, but there are some signs that will help you recognize a phishing email or text message.
Phishing emails and text messages may look like they’re from a company you know or trust. They may look like they’re from a bank, a credit card company, a social networking site, an online payment website or app, or an online store.
Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment.
They may:
- say they’ve noticed some suspicious activity or log-in attempts
- claim there’s a problem with your account or your payment information
- say you must confirm some personal information
- include a fake invoice
- want you to click on a link to make a payment
- say you’re eligible to register for a government refund
- offer a coupon for free stuff
What To Do If You're the Victim of a Scam
Again, from the Minnesota Attorney General:
If you are a victim of a social media scam, take the following steps:
- Stop all contact with the scam artist and block his or her phone numbers, instant messages, and email addresses.
- Keep copies of all communications.
- Report the matter to the social media website.
- Report the matter to your local police department.
- Report the matter to the Federal Bureau of Investigation’s Internet Crime Complaint Center online at www.ic3.gov/complaint/default.aspx/
- Report the matter to the Federal Trade Commission as follows:
Federal Trade Commission
Consumer Response Center
600 Pennsylvania Avenue NW
Washington, DC 20580
(877) 382-4357
TTY: (866) 653-4261
www.ftccomplaintassistant.gov
Be safe out there!