Scams 101: Fundamental Facts You Should Be Aware Of

MilesWKMilesWK
5 min read

Table of contents

In a world where a website can get deployed and sent out, with a domain, all for free with little work, scams are a big part of the world wide web today. Whether it is one that attacks you and your email, or one that steals all your money. It is a scam. Plain and simple.

What is a scam?

A scam is basically the stepping stone to a full on virus or cyberattack. They are ways to get people to make a mistake, and then let hackers break into your computer. They can come in all different shapes and sizes.

Types of Scams.

  1. Phishing

    Phishing emails and texts are messages that look legit, but then have a phony link. Take this email that was sent to an organization recently:

    Looks pretty legit, right? Wrong. Look closer. Notice the minor mis-spellings

    • “Lin’k” should be “Link”

    • “Request for_Quotation” should be “Request for quotation”

    • Under the black square is the organization name. So they are saying that the organization sent it to me? It also seems like it transitions from an automatic message to an email from a real person.

Now, what would make it look legit? Why would people click a link that was sent by a stranger?

For starters, it was sent from a real email. This happens by someone clicking a bad link, and giving there email information away. I like calling these “infectious diseases.” Because then the hackers use that email to send an email to the organization, that collect more emails, and so forth.

Okay. So now we know that the email is fake, but how do you protect yourselves and other people against these?

  • Really look. You can even hover over the link, to see where it is going. (Sometimes.)

  • DON’T CLICK. Even if you know it is a scam, DON’T CLICK. You could accidentally make a mistake. You don’t know what they want from you.

  • Report it. Most email platforms, including Gmail, Outlook, and Yahoo all have features to report Phishing emails. In Outlook, for example, you can right click the email, Report → Report Phishing

  • Let others know. If this was sent out to a mass group, let the group know that that email is a scam and should be ignored. Tell others to report it.

  1. Clickbait

    I see this every day. Especially when you go to download new software. Let me just show you:

    A webpage with multiple red-bordered boxes advertising a "Download" for a free extension called Fire Shield Chrome Safety. The page also includes instructions for installing MCreator modding software on various systems, links to additional resources, and system requirements.

    Here is a download page to download MCreator: A popular Minecraft modding software. Here is the one thing you don’t see from that picture: The actual download button. People want to move fast. They see a download button on a download page, they click it.

    Now, in that picture, I have actually surrounded everything in red that is an add. Here is how it looks without it

    Much harder. You don’t know where to click.

    How to protect yourself:

    • Look for Clues: Pay attention to small hints that indicate a download button might not be legitimate.

    • Avoid Unwanted Extensions: Be cautious of prompts to download extensions you didn't intend to install.

    • Don't Click Recklessly: Be mindful of what you click on to avoid potential scams or unwanted downloads.

  2. Uh Oh! Computer hacked? Let’s fix it…

    People fall victim to this all the time. Somebody clicks a bad link that simply sends them notifications that the computer is hacked, things are bad, people are stealing money, and so forth. However, lucky for them, the messages have a phone number to call and let the person fix your computer. What really happens is that you let the person into your computer, and then they steal all sorts of stuff.

    Picture credit goes to someone from a Microsoft support forum.

    https://answers.microsoft.com/en-us/windows/forum/all/fake-mcafee-notification-alert/929186ab-a74b-486b-8e07-1fc71537c089

    So… looks creepy, and looks real. Here are all of the signs that would make someone believe this:

    1. Panic. People see this, and they think “oh darn it. Is this going to take all my information?” and then they click it, not really taking the time to really examen the notification.

    2. Has legit signs. See the windows sign in the corner? People see these and think “oh this looks real.”

How do these happen?

  1. You enter a typo in your browser. Such as mincraft.net instead of minecraft.net, amazom.com instead of amazon.com. etc.

  2. You give them notification permissions. I have seen this in the form of a “Chrome Verification” where they tell you “enable notifications” to pass the verification test. Then they start spamming your computer with notifications!

Now, how to detect these scam messages? Let’s say you give a bad website the notifications.

  1. They typically start instantly.

  2. Looking at the URL under the “Click here to fix the error,” that URL is where the notification was sent. In a real virus-detection notice, this wouldn’t exist or would be Microsoft or such.

  3. Looking above the “System alert!” text, it shows which app sent it. In this case, Google Chrome. Again, if this was a legit message, it would be something like “Microsoft Defender” or “Window’s Security.”

Wow. That is a lot. However, there are sooo many more. To conclude, you have to be so careful when on the internet. Reallly dig deep. Really watch out. People will use anything to there advantage. Recently, we can see AI coming into play with scammers.

Thank you for reading this! Please list suggestions, corrections, and additions to this blog post!

Stay safe,
MilesWK

4
Subscribe to my newsletter

Read articles from MilesWK directly inside your inbox. Subscribe to the newsletter, and don't miss out.

ScamhackerSecuritysafety

Written by

MilesWK
MilesWK

Hi! I am MilesWK: a programmer and musician from planet Earth.*