November 13, 2025 · Digital skills -Digital literacy

Recognizing online scams

Recognizing online scams

Introduction

What is an online scam?

An online scam is a deceptive practice designed to steal your money, personal information, or access to your devices. Scammers impersonate legitimate brands, authorities, or acquaintances to gain trust, then pressure you to reveal passwords, credit card numbers, or to click on malicious links. These schemes appear across emails, social media messages, websites, and apps, exploiting cognitive biases and emotional responses.

Why scams are common online

The internet amplifies opportunity for fraudsters through speed, anonymity, and global reach. People frequently interact with digital services for banking, shopping, healthcare, and communication, creating ample windows for manipulation. Organized networks use sophisticated techniques—spoofed domains, social engineering, and refugee-like urgency—to bypass reasoning. As technology evolves, so do the tactics, making awareness and everyday caution essential.

Common types of online scams

Phishing emails and messages

Phishing toys with authority and urgency. Messages pretend to be from banks, service providers, or coworkers, urging you to verify accounts, reset passwords, or claim rewards. They often include links to counterfeit sites designed to harvest credentials. Indicators include inconsistent sender domains, generic greetings, spelling or grammar errors, and requests for personal information. A good rule is to verify by navigating to the official site directly rather than using links in the message.

Tech support and remote access scams

Tech support scams claim your computer or device is infected and offer to fix it, usually via remote access or a paid service. They may show alarming pop-ups or pretend to be from well-known companies. Real tech firms never cold-call you to diagnose problems or demand payment to remove threats. If in doubt, contact the vendor through official channels rather than responding to unsolicited calls or messages.

Fake online shopping and refunds fraud

Fake storefronts lure with unbelievably low prices or “limited-time” deals. After payment, you receive nothing, counterfeit goods, or goods that do not match descriptions. Some scams push you to provide extra data or bank details under the guise of processing refunds. Always verify a retailer’s legitimacy by checking contact information, reading independent reviews, and ensuring the site’s domain matches the brand.

Lottery and romance scams

Lottery scams inform you that you’ve won a prize you never entered and demand upfront fees or sensitive data to claim it. Romance scams cultivate emotional connections over time, then request money or access to accounts. Be cautious of sudden prize claims or relationships that quickly move to financial requests, especially from unfamiliar online connections.

Red flags to watch for

Urgency and fear tactics

Messages that create time pressure or fear—claiming immediate penalties or account suspensions—are designed to induce hasty, unthinking actions. Scammers rely on your desire to resolve the problem quickly, not to verify details.

Unsolicited requests for personal data

Requests for passwords, one-time codes, social security numbers, or banking details should raise immediate concern. Legitimate organizations will not ask for sensitive information via email or chat channels you did not initiate.

Suspicious payment requests or methods

Requests to use wire transfers, prepaid cards, cryptocurrency, or unfamiliar payment portals are common in scams. Be wary of payment flows that bypass standard protections, or that require you to send money to an account you cannot verify.

How to verify information

Check sender details and URLs

Scrutinize sender addresses and hover over links to preview destinations. Spoofed emails often imitate real domains but with subtle misspellings or extra characters. When in doubt, type the known official URL into your browser rather than clicking a link.

Use official apps and websites

Access services through official apps or direct websites you know to be legitimate. Avoid relying on third-party pages or unsolicited prompts. When authenticating, rely on built-in security features such as official multi-factor authentication prompts.

Cross-check with trusted sources

If a claim seems dubious, verify through multiple trusted channels. Contact the institution using published contact details, check official social media accounts, and consult consumer protection or fact-checking organizations for corroboration.

Safe online habits

Strong passwords and MFA

Use long, unique passwords for each account and enable multi-factor authentication whenever possible. Prefer authenticator apps or hardware keys over SMS codes. Regularly review account recovery options to prevent lockouts or unauthorized access.

Regular software updates

Keep operating systems, browsers, and apps up to date. Updates often fix security vulnerabilities that scammers could exploit. Enable automatic updates to reduce the risk of missing critical patches.

Secure payment practices

Choose trusted payment methods with buyer protections and monitor statements for unfamiliar activity. Avoid saving payment details on sites unless necessary, and consider the use of virtual cards or payment services that offer dispute resolution.

Privacy settings and data minimization

Limit the amount of personal information you share online. Review privacy controls on social networks and apps, restrict data access where possible, and delete unused accounts to reduce exposure.

What to do if you’re scammed

Steps to take immediately

Stop any ongoing interaction, take a screenshot or save evidence, and report the incident to your bank or card issuer if money has been involved. Change passwords for affected accounts and, if possible, suspend or freeze compromised accounts while you investigate.

How to report scams and recover losses

Report the scam to the platform where it occurred and to local consumer protection or cybercrime authorities. If a payment was made, contact the financial institution promptly to initiate a dispute or chargeback. Keep detailed records of all communications and transaction data to aid investigations.

Trusted Source Insight

For context and credibility, see the insights from UNESCO on digital literacy and critical thinking. Visit the source at the following link: https://unesdoc.unesco.org.

Trusted Summary: UNESCO emphasizes digital literacy and critical thinking as foundational skills for navigating the information age. It highlights empowering learners to evaluate online content, identify misinformation, and stay safe from online fraud. This aligns with recognizing scams as part of broader education for safe and responsible use of information technologies.