Technology has opened up new opportunities for people with bad intentions to try to trick you out of your money. Learn how to identify and guard against online and computer scams.
Scam 1. Malware or spyware
You’re browsing the internet. An online ad features an item you’ve been thinking of buying. You click on the ad to learn more. A window pops up on your computer saying “Your personal files are encrypted!” The only way to “release” them is by paying a steep fee. If you don’t pay the fee in the next 72 hours, “you will never be able to recover your files”.
This is an example of malware, which is software used to disrupt use of a device or gain access to sensitive information. Some malware is called spyware because it is installed on your device without you realizing it.
Scammers try to install this software on your device so they can fool you into paying them money or gain access to information stored on your computer such as bank account details and passwords.
The installation of the software can be triggered in many ways—when you click on a link in an email, download a file from a website, or install free software.
In fact, it is illegal to install software programs on someone’s device without the consent of the device owner or an authorized user (for example, a family member or employee).
Scam 2. Phishing emails
You get an email message that appears to be from your bank. The sender’s name, the layout of the email, the logo—it’s all the same as your bank’s, at least on first look. The email says that your account has been compromised, and you need to visit a website to verify your account information. As you look more closely at the email, you see there are some typos, the logo is slightly off, and the address of the website is slightly different from your bank’s website.
This email is fake. It has been sent by scammers pretending to be from your bank, trying to trick you into handing over personal and financial information. This is known as phishing. The email is being used as a “lure” to fish for victims.
Once the scammers have your information such as bank account details, credit card numbers, and passwords, they use it to take your money and commit more fraud.
These scams use email messages and web pages that closely resemble those of legitimate institutions such as banks, government agencies, retailers, or software companies. The imitations can sometimes be very good. The emails or web pages might look and sound legitimate. But in reality institutions like a bank or government agency will never expect you to send your personal information by an email or online.
Signs of a phishing email or fake website include:
- there are obvious spelling and grammar mistakes
- the company logo looks wrong or fuzzy
- the email or website urges you to click on a link or provide personal information
- the tone is threatening or urgent
Treat all unsolicited emails with skepticism. Never give credit card or online account details to anyone you do not know and trust. If an email asks you to visit a website to "update" or "confirm" your account information, be extremely cautious.
Scam 3. Money transfer scams
“I got an email from a lawyer overseas. A person sharing my family name had died and left behind a large sum of money. The lawyer hadn’t been able to locate any of the dead person’s relatives. He suggested that, because I had the same family name, he could pay the inheritance to me. We could then split the money, rather than handing it over to the government. I just had to pay some taxes and legal fees, and to provide my bank details so they could deposit the money.”
– Harry, Surrey
An email from overseas claims that an important event—such as an inheritance or a change of government—has resulted in a person having a large sum of money which needs to be transferred out of the country. The sender claims that if you help with the transfer, you can keep a portion of the money. If you reply to the email, the sender says you will receive your “reward” once you pay various “taxes and fees”.
This is a money transfer scam. It is sometimes called a Nigerian scam or 419 fraud, after the section of the Nigerian criminal code dealing with fraud.
There are many variations of the scam, but all aim to steal your money.
You will never be sent any of the money, and you will lose any amounts you pay in “taxes and fees”.
If you are approached by someone asking you to transfer money for them, it is probably a scam. Once you send money to someone, it can be very difficult, if not impossible, to get it back.
Scam 4. Antivirus software scams
“I received a call from someone saying they were from Windows. The caller said my computer had been reported as having a virus that was infecting others. They told me to go to a website so they could fix it. Once I did, they took over the controls of my computer. They then told me that I would have to pay $300 for the 'repair'. I pulled the power on my computer and brought it to a local company to fix it.”
– Kathy, Nanaimo
One of the most reported scams targeting Canadians is the antivirus software scam. You get an email or phone call from a company that says your computer has a virus. They say they can “repair” your computer. This can involve installing software or “taking over” your computer to fix it.
The software they install turns out to be malware or spyware that enables the scammer to gain access to your personal information. Or the scammer insists on a payment for their “repair” before they turn the controls of your computer back over to you.
Never give control of your computer to a third party unless you can confirm they are a real representative of a company you trust. If you receive an unsolicited call from someone claiming to be from “Microsoft Support”, “Windows” or “Apple”, hang up. Technology companies do not make these kinds of calls.
Scam 5. Mobile phone scams
Many of the tricks scammers try with email and computers are also used on mobile phone users.
For example, scammers send text messages to mobile numbers trying to trick you into entering credit card or personal information. The message might be disguised so that it appears to be from your phone service provider, a retailer, or a software company.
Or scammers hide malware in games or apps that you can download on a smartphone. When you download the game or app, the malicious software is installed on your phone. It can then be used by the scammers to steal your personal and financial information.
Other scammers use the missed call scam. They call your phone and hang up so quickly that you can't answer the call in time. You may be tempted to call the number to find out who called you. If it is a scam, you will be paying premium rates for the call without knowing.
A variation with text messages involves scammers sending a text from a number you may not recognize, but it sounds like it is from a friend—for example, "Hi, it's Mike. I'm back! When are you free to catch up?" If you reply out of curiosity, you might be charged at premium rates for text messages.
1. Protect your devices
Password protect your devices. On your cellphone, lock the keypad when you're not using it.
Have software installed on your devices to prevent spam (email that is not wanted), viruses (harmful computer programs), and spyware. Keep that software up-to-date.
2. Be cautious using email
When using email, never click on a link in an email, even to log in to well-known sites such as Facebook or Twitter. Go to the site directly and log in there.
Don’t open an attachment in an email sent by someone you don’t know.
3. Be cautious online
Don’t click on links unless you trust the site you’re on.
Don’t download files or applications unless you can verify the source. Never give personal information to “unlock” a feature or application.
When you’re using social media services such as Facebook or Twitter, be alert for scammers posing as a friend. They may share something with you, trying to trick you into clicking on a link to a malicious site.
Be aware that wireless networks in public places such as coffee shops, libraries and airports are not secure. When using a public wireless network, never send personal information or visit sites that require a password (such as online banking).
4. Erase information
Make sure your information is completely erased before you sell, recycle or discard your computer or cellphone. This involves more than deleting everything. To make sure that your private information is gone forever, you need to “wipe the hard drive” using special software. You can buy this software or have a professional do this for you.