Cyber Aware? Know the Top Internet Scams

Older couple worrying about their money situation

October is National Cyber Security Awareness Month, and no doubt you’re fully aware of what happened to Target, Home Depot and scores of other companies that were victims of cyber attacks. Those big-brand data breaches certainly make news.

But what really hits home? The cyber scams that don’t generate headlines yet result in the most reports and complaints to the National Consumers League and other watchdog groups. So along with the often-preached mantras that warrant repeating this month — use strong and unique passwords, regularly update protection software, don’t click on links from unknown sources — be aware (and beware) of these most frequent cyber scams.

1. F ake Check Scams

They pretend to be buyers on Craigslist and eBay. Or vacationers interested in your beachfront rental. Or employers hiring babysitters, mystery shoppers or other workers. Even deposed Nigerian kings promising you millions to help move their fortune. Whatever the role, the ruse is the same: After initial contact on the Internet, they mail you a check with instructions to deposit it into your account and then forward a portion to a third party (read accomplice).

Simple ways to save a buck, expert investment advice, scam alerts and much more! » AARP Money Newsletter

What to know: The con artists’ check proves to be counterfeit after they get your very real forwarded payment; then you’re on the hook for the deposited amount and could have your account frozen and face bank fraud charges. Fake checks can be hard to recognize, but any time you’re asked to deposit a check and then forward a portion of it, it’s a scam.

2. Bogus Buys

Bargain prices for pharmaceuticals, electronics and other merchandise touted on social media, unsolicited email, pop-up ads and your own search engine results are often laden with computer malware. The other gotcha: They lead to scammer-run copycat websites, which aim to collect your credit card information for possible identity theft, to sell inferior counterfeit goods or just to get your money while delivering nothing.

What to know: Before taking the bait, carefully read domain addresses for even slight tweaks in recognized company names, such as extra letters or words or anything but the usual .com or .org ending. Websites such as can reveal who owns the website; avoid those that shield that information. And ask yourself: Can you actually buy “real” Viagra for 2 cents per pill or an iPhone for $20?

3. Prize Lies

Told you won a lottery or sweepstakes? Offered a “free” vacation, plane tickets or anything else? Congrats … unless you’re asked to first pay “taxes,” “processing” or other alleged fees.

What to know: You never have to pay upfront to collect prize winnings; taxes are deducted from your lottery winnings. With sweepstakes, free merchandise or payment is just that, though the IRS will be notified (so you’ll pay Uncle Sam, not the contest holder). Free vacations either don’t exist (a ruse to get your upfront payment) or they’re used to bait you to attend a high-pressure sales pitch for hassle-filled travel clubs or time-shares.

4. Hoax Help

No-hassle loans and instant credit with no credit check or concern about your history? Bad debts removed from your credit file? The only “guarantee” in such offers — touted in (often unsolicited) emails and online ads — is that you’ll have to pay an upfront fee and then you’ll receive nothing.

What to know: Legitimate lenders never guarantee or say that you’ll get a loan or credit card before you apply, especially if you have bad credit, no credit or a bankruptcy. And anyone who promises to remove legitimate bad debts is lying; under federal law, accurate negative information remains on your credit report for about seven years, and bankruptcies stay listed for 10 years. What’s more, credit repair companies can’t charge before performing services.

Get discounts on financial services from trusted companies — AARP Member Advantages »

5. Phishing

Posing as recognized companies and government agencies, scammers send emails and text messages seeking personal and financial information, often with links or attachments that, when opened, install computer malware or lead to rogue websites.

What to know: No matter how official electronic correspondence appears, don’t access bank, credit card or other sensitive accounts via links — and never act on “Dear Customer” messages asking for log-in credentials or account numbers. If a problem is alleged, call the company or check accounts by typing its website address yourself.

For information about other scams, sign up for the Fraud Watch Network . You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and gain access to a network of experts, law enforcement and people in your community who will keep you up to date on the latest scams in your area.

Photo: michaeljung/iStock

Also of Interest

See the  AARP home page for deals, savings tips, trivia and more.

Search AARP Blogs