Category: Safety | Internet Security

So many scams, too little time to stay ahead of them all. Cyber criminals are not nice people, but they certainly are creative; always thinking of new ways to scam you. Scammers are opportunists working in multiple areas at the same time. Their motivation is money. They will either access your personal information and sell it to others or easily steal your money outright.

You may not know about every scam that’s on the internet or offline in the real world. But there are common ways of how you can be aware of and prepared for all potential scams. That doesn’t mean you shouldn’t try to learn about old scams and new ones that are created.

Common Scams to Be on the Look Out For

In Part 1 of our scam awareness series, we look at common scams and new scams that are ever emerging.  Through this education on scams, you’ll notice a persistent theme of how you can be prepared. Even if a brand-new scheme designed to fool you rears it’s ugly head for the first time, there are consistent things you can do to protect yourself.

Most people become victims of scans through email and texts.  The first defense against malicious messages is to follow the SLAM Method.

SLAM stands for Sender, Links, Attachments, and Message. All of these elements should be scrutinized.  

Sender: Don’t accept message requests from outside of your known circle of friends or connections.  Don’t accept friend requests from anyone you don’t know.

Links:  Do not click on any links in social media posts, profiles or messages unless you can see the full URL and be certain that the site is legitimate.

Attachments: Never download or open attachments from social media posts, profiles or messages.

Message:  Look carefully at the body of any social media message or post that you are interacting with. If it feels off, contains misspellings, off grammar or even uncharacteristic emojis, you might be looking at a phishing attempt.  Be wary of messages that push you to take some urgent action or another.

Remember the SLAM Method throughout our scam educational series.  But we’ll also be looking at scams that also happen via direct communication with scammers.  Let’s begin!

Charity Scams

Types of charity scams include:

Crowd Sourcing Scams:  Don’t take for granted that all is legit. Scrutinize the validity of the crowding funding request.

Post Tragedy Scams:  When a tragedy strikes, scammers will sometimes spoof the website or create a site that closely resembles the site of a legitimate donation site.

Firefighter, Police and Military Scams:  These scammers will often use familiar or local organizations to build trust and take people off guard.   Some will directly target military veterans and their families.

Warning Signs of Charity Scams:

1. Requests for cash, money wire, or gift card donations can be a red flag. Use a credit card instead.
2. Non-tax deductible donations are a red flag that a charity may not be legitimate.
3. Pressure Tactics: Real charities will never use a hard sell or pressure tactics to solicit a donation.
4. Fake information: Charitable donation websites almost always end with .org and domains will always start with https:// not http:// without the “s”.

Beware of fake charities based related to common world issues, such as what happened during the pandemic. Scammers prey on the emotions of people who want to help those in need of disaster relief, such as during war or refugees fleeing their country for safety or a better life.  Charity and disaster fraud often increases during the holiday season.

Cybercriminals will also call people thanking them for a previous donation, a donation which may have not been made. Veteran fraud and disaster fraud are often the premise used for fake charity scams.

Marketplace Scams

There are two categories within marketplace scams.

Non-Payment Scam:   In a non-payment scam, cybercriminals will use a phony screenshot of a completed cash transfer to trick a victim into shipping an item.

Non-Delivery Scams:  Scammers trick victims into paying for goods and services that are never delivered.  They offer prices that are almost too good to be true.

Non-delivery scams advertise popular items and services at deeply discounted prices and ask for payment using gift cards or cash payment through a payment app.

Marketplace scams come in many forms so always be cautious.  These creative types of scams also happen when individuals are selling items online.

Prevention Tips:

1. Know your marketplace:  When shopping online, do so on trusted sources with secure processing and payment policies that protect consumers.
2. Use a credit card:  Credit card companies have systems and policies in place to protect against a fraud.
3. Stay on the platform you are shopping on:  Scammers will try to bait their victims into leaving the marketplace platform for messaging and payment.

Gift Card Scams

It may seem obvious to many that that any legitimate organization would ask to be paid in gift cards.  Still, it’s a common scan that pulls people in. Scammers create a sense of fear and urgency pressure their targets into acting quickly without thinking. Asking to keep the transaction a secret is a warning sign of a gift card scam.

Cyberthieves prefer gift card payments because they offer anonymity.  Unlike other forms of payment, transactions can be anonymous and are difficult to trace or reverse, unlike bank transfers.  Gift cards are also widely available and offer immediate access to funds once the victim buys a gift card at a local store and send the scammer the number and pin to redeem the funds.

What To Do If You Are Targeted

Any gift card payment request is likely a scam and should be ignored. If you receive a phone call, email, or text message requesting a gift card as payment, immediately hang up or delete the message.

Contact the company directly using a known number or email address instead. If you have an account with the organization, log into your account to see if there are any notices, such as an overdue payment.

Display Name Scams

Display name spoofing occurs when the cybercriminal manipulates the sender’s display name or makes the display name look like an email address.  Seeing a legitimate display name deceives you into believing that it’s from a trusted email source.

If a sender looks familiar, but the message makes unusual requests, it is best to contact the person or company directly through another method of contact.

Delivery Scams

Types include:

Pet Delivery Scams: These are fake ads where payment is required upfront.

• Protect yourself asking to see the pet in person before you pay.

Fake Delivery Notifications:  Here, scammers mimic big name online shopping or shipping companies in their delivery scam messages. They claim there is a problem with the delivery of your package, or you need to confirm something has been delivered.

• Be cautious of clicking on links or downloading attachments.  Never enter personal information when requested. Verify the tracking number and status of a delivery through the companies’ official website. 

Non-Delivery Scams:  An example of a non-delivery scam in this training involves making a purchase online, but never receiving the order or confirmation details of the purchase.  Only make purchases on reputable websites.

• When you do make an order, follow up immediately if you don’t receive a confirmation of your order. Check the address on the website and phone number. 

If you are unable to make contact and your credit card was charged by a non-delivery scammer, you should call your credit card company and consider deactivating the card.

Transportation Scams

Scammers will make phone calls or send messages via text or email claiming that your flight has been delayed or cancelled. Messages will likely include links that offer a refund for the flight or an opportunity to rebook for a small fee.  Airlines will never ask for a fee to rebook. Contact your airline directly on their website or call them to enquire about the status of your flight.

Cyberthieves also set up fake websites or send messages offering deals on rental cars as well. Always verify the URL and company phone number before booking. In your unsure, going to directly to the official website is always better than clicking a link.

Learn the dangers of freight scams.  Be on the look out for gifts and rewards being offered by transportation companies. Tread carefully and do your research before jumping on a deal that may be a scam created to steal your information or your money.

Technical Support Scams

Technical support scams often involve cybercriminals pretending to work for well-known companies to fix non-existent issues. They manipulate victims to build trust and convince them to comply with their demands.

A scammer gaining remote access to your device remotely can install harmful software or access sensitive data, leading to significant privacy and financial risks.

Requests for payments to be made via gift cards or cryptocurrencies should always be treated as a scam.

Technical support scams often start with unsolicited pop-ups or phone calls warning of an issue with your device.  These tactics are designed to create urgency and trick victims into engaging with the scammer.  Malware may contain a fake phone number urging you to call to fix issues you are having with your device.

Pop-ups may happen when visiting infected websites.  Or, they can occur if your computer is infected by malware. To guard against these issues, install anti-malware software to both prevent and remove malware.

Even if you are certain that you may be dealing with a legitimate company who has called about your account, express your concern and state that you wish to call them back directly using a phone number posted on their companies official website.

Never give our personal information to anyone that calls you.  Legitimate companies will not call you and ask you for personal information.  Remember, that with much of our personal information being available on the dark web due to data breach, scammers can easily sound like they are legitimate when they state facts about your personal info.

Conclusion

Most scams come to us when we have our guard down. They prey on our emotions by using fear filled headlines or threats of potential loss of accounts or hard-earned dollars. It’s not uncommon to receive an email, phone call, or text that is related to something we have already done.

You may be expecting a package that you ordered a few days earlier. You may have booked a flight.  Maybe you happen to be needing of a product or service. That fact that relevant messages come to us are simply a coincidence. When you receive a text or email out of the blue, always ask the question; “Is this real? Or is it a scam?”

Some scams also encourage users to download malicious apps in order to receive a reward or discount. This does not prey on our fear, but entices a natural human desire for personal gain. Be cautious of all app downloads in every situation.

In one second you could infect your devices with malware to give away personal login information. However, it only takes a few seconds more to carefully review the message to verify it’s legit. When in doubt, go to Google and search for the company. Visit their website directly. Or, login to trusted websites directly at the source from a personal bookmark, not though an email link.

If an email or text message lines up with a legitimate notice about a login verification or purchase you just made, it’s still a good idea to only click the link after you’ve double checked that it’s not going you to a different site.  This can be done by hovering over the link to see the destination.

Continue to educate yourself on how to spot scams, while being mindful that exercising caution is your first best step to protecting yourself.   Be prepared by thinking twice before you click or react to any message or phone call. Take a breath and take the time to do a bit of research. I will save you a world of trouble.

Continue your education, read about Common Scams – Part 2.

Read our Glossary of Online Scams and Cyber Threats

The internet is part of everyday life for families, and kids are spending more time online than ever before. While screens open doors to learning and fun, they also introduce risks that can feel overwhelming for parents.

Finding a balance between freedom and protection is key, and that’s where borrowing ideas from child-safe organisations can help. These groups create safe spaces for children in real life, and their principles can guide us in making digital spaces just as secure.

In the same way that safety standards in childcare centres ensure children are protected, supervised, and empowered, parents can adapt these lessons for their homes. Whether it’s zero-tolerance rules, strong supervision, or encouraging kids to speak up, the framework used in child-safe organisations can serve as a practical blueprint for digital safety. By following a few simple steps, families can build an online environment that protects kids while allowing them to grow with confidence.

Why Borrowing from Child-Safe Organisations Works

Child-safe organisations take safety seriously. Their policies are designed to reduce risks, encourage transparency, and support children in speaking up. Parents can apply these same ideas to digital life at home. The goal is not just to block danger, but to build trust and respect so children know how to handle challenges when they appear.

By leaning on these practices, parents can create a home culture that feels open, secure, and supportive. Children learn that safety isn’t about control but about care. This mindset helps them understand that the internet can be used responsibly when guided by clear values.

Zero-Tolerance Rules at Home

One of the strongest ideas from child-safe organisations is zero-tolerance policies. These rules set clear boundaries around unacceptable behaviour. Parents can do the same for online use.

Set family rules about what is and isn’t allowed. For example:

• No sharing personal information with strangers.
• No downloading apps without approval.
• No responding to messages that make them feel uncomfortable.

These rules should be simple, consistent, and easy for kids to remember. When children know there are clear lines, they feel safer and more confident navigating online spaces.

The Power of Supervision

Supervision is another critical standard. In childcare settings, staff always know what children are doing and step in quickly when needed. At home, parents can use this same principle with digital devices.

This doesn’t mean hovering over a child’s shoulder every moment. Instead, supervision can take the form of shared screen time, device use in common areas, or checking in during gaming or messaging. Parents can also use parental controls, but these should support rather than replace conversations.

Active supervision sends the message that parents care about what their children are experiencing online. It also builds opportunities for discussion when something new or concerning comes up.

Photo by Julia M Cameron

Empowering Kids to Speak Up

Empowerment is often overlooked but is one of the most valuable lessons from child-safe organisations. When children are encouraged to share their thoughts and feelings, they develop the confidence to speak up if something doesn’t feel right.

At home, this means creating space for open conversations about the internet. Ask kids what they enjoy online, what they find confusing, or if they’ve ever seen something that made them uneasy. The more comfortable children are in sharing, the more likely they are to turn to parents instead of hiding problems.

This approach also respects children’s voices. It shows them that their feelings matter and that safety is a partnership, not just a set of rules.

Building a Digital-Safe Pact

Putting these elements together, families can create a digital-safe pact. This pact is a simple agreement that outlines rules, supervision, and open communication. It doesn’t need to be complicated. A short list of values and expectations can work wonders.

For example:

• We keep personal details private.
• We use screens in shared spaces.
• We tell each other if something feels wrong.
• We respect breaks from technology.

Parents and kids can write the pact together, ensuring everyone has input. This makes children more likely to follow the rules because they helped shape them.

Avoiding Common Pitfalls

While creating a digital-safe home, some pitfalls are easy to fall into. Over-restricting access can cause children to feel left out or rebellious. On the other hand, too much freedom can leave them exposed to harmful content.

The key is balance. Rules should protect but not isolate. Supervision should guide but not invade. Conversations should empower but not lecture. When families strike this balance, children learn how to manage the digital world responsibly and with resilience.

A Safety Culture That Lasts

What makes child-safe organisations so effective is their culture of care. Safety isn’t treated as a one-time policy but as part of everyday life. Parents can mirror this by keeping conversations ongoing and updating family rules as children grow.

As kids get older, they may need more independence. Instead of removing rules completely, parents can adjust them. For example, older children might get more privacy in messaging, but they still agree to share concerns when something goes wrong. This evolving culture ensures safety stays relevant through every stage of development.

Final Thoughts

Digital parenting can feel daunting, but parents don’t have to start from scratch. By looking at the proven strategies of child-safe organisations, families can adopt principles that are already making a difference in childcare settings.

With clear rules, thoughtful supervision, and encouragement for children to speak up, families can build homes where kids explore the online world safely and with confidence. The digital-safe pact becomes more than just a set of rules—it’s a shared commitment to care, respect, and trust.

School sports programs, like football, boxing, or gymnastics, help nurture a child’s skills and overall development. Parents like you appreciate these kinds of activities, as they bring out the best in your children. So, whenever they head to practice or a game, there’s full trust that they’ll be fine and safe.

Now, the problem arises when an accident happens due to someone’s negligence or unsafe conditions. Even more so if it results in a serious injury like a concussion. The U.S. alone sees around 1.7 to 3.8 million traumatic brain injuries yearly, and about 10% of these are linked to sports and recreational activities. (1)

If you’re in this situation, it’s normal to feel worried and confused. But one thing is certain: your child is entitled to proper care and legal compensation. So, it’s important to know their rights and how to safeguard their well-being. Here’s what you need to do:

Get Medical Help Right Away

Your child’s health has to be the top priority here. The tricky thing about head injuries is that they don’t always show symptoms right after the accident. Don’t get complacent, even if your child looks fine, talking and acting normally. Sometimes, signs of brain trauma can develop or appear hours or days later.

To be safe, as well as minimize the chances of permanent disability, have your child checked by a medical professional as soon as possible. A thorough evaluation can detect hidden injuries and ensure they get the care they need before complications arise.

On top of that, those medical records can turn into powerful proof for legal claims. They document your child’s condition, the treatments given, and the impact of the injury. Each detail strengthens your side and makes it harder for the responsible party to dodge accountability.

File a Police Report

After seeking medical attention, it’s important to report the incident to law enforcement. This is your way of creating an official record of the incident, ensuring that every detail is documented accurately.

Keep in mind that you must file a police report in the city or jurisdiction where the incident took place. When you’re at the station, focus strictly on the facts and avoid adding assumptions. The goal is to ensure the report reflects an accurate and clear account of the incident. (2)

Also, officers might ask follow-up questions to clarify details or gather additional information. Just answer honestly and provide any supporting documents you have, such as medical records or witness statements.

Consult a Brain Injury Attorney

Once the medical treatments and police report are underway, the next step is to get guidance from the right legal professionals. And we’re not just talking about any lawyer here. You need a competent lawyer for brain trauma cases who knows how to navigate the complexities of these claims. Part of their role is to check medical records, interview witnesses, and dig into the details of how the accident happened.

The only challenge is finding the best legal advocate, which can be daunting. This is especially true since the industry keeps growing, with over 1.3 million active lawyers just in the U.S. today. (3)

To narrow your search process, here are critical qualities to look for:

Proven Track Record

A lawyer’s past work can tell you a lot about their expertise in handling your unique case. Check if they’ve successfully resolved cases involving concussions, traumatic brain injuries, school-related accidents, or any personal injury lawsuits.

Seeing a positive track record gives you peace of mind knowing they truly understand what your family is facing. More importantly, it means you have a much better chance of obtaining the outcome your child is entitled to.

Strong Communication Skills

Legal terms can get confusing. You may be overwhelmed with documents, policies, and statements from the school or insurance company.

That’s why it’s essential to look for a brain injury lawyer who communicates clearly, both with you and the other side. They should be able to explain things in plain language and keep you in the loop every step of the way.

And when it comes to dealing with schools or insurance companies, your lawyer needs to switch gears completely. That means being firm, persuasive, and making sure your child’s rights stay front and center.

Compassionate and Dedicated

The emotional toll for brain injury victims can be heavy. It’s even more painful and stressful for parents trying to deal with such a devastating incident.

So, it’s best to have a legal expert who offers more than just legal services. Opt for someone who genuinely understands the mental and physical burden your family is carrying.

Brain injury cases can test the patience, resources, and resilience of families. And your chosen brain injury attorney can at least help shoulder some of that burden. So, find someone who can guide you through each challenge with expertise and empathy.

Learn About Your Child’s Legal Claims

At this stage, you already know your child has the right to seek compensation. But what that actually covers isn’t always clear. Most people immediately think of medical bills, yet the reality is that a claim could extend beyond that.

Possible areas of compensation might include:

• Medical expenses: These include hospital bills, doctor visits, medical treatments, medications, and any future care related to the injury.

• Pain and suffering: Compensation for the mental distress and physical pain your child experiences as a result of the accident.

• Lost wages or educational impact: If the injury affects your child’s ability to attend school or your family’s ability to work, you may be eligible for compensation.

• Rehabilitation costs: These are the expenses for physical therapy, occupational therapy, or other specialized care needed for recovery.

Remember that each claim is unique, so a skilled attorney can help identify all the areas where compensation may apply.

Takeaway

It’s never an easy journey for parents like you facing the aftermath of a child’s brain injury. Nothing can describe the emotional exhaustion you feel. Still, knowing your legal rights can go a long way in ensuring the best outcomes for your case.

Make sure you take those crucial steps and work with an experienced brain injury lawyer. Doing so can make a meaningful difference in both your child’s recovery and the pursuit of justice.

References:

1. “Sports-related Head Injury”, Source: https://www.aans.org/
2. “Filing a Report”, Source: https://police.ucla.edu/
3. “Growth of the legal profession”, Source: https://www.americanbar.org/

This A–Z glossary makes it easy to locate and learn about the most common online scams and cybersecurity threats.  Each entry is followed by a short and clear definition.  This list is designed to help parents, educators, and everyday internet users stay safe and informed.  To read more about each one, Google It! 🙂

A

• Ad Fraud:   Scam where fake clicks or views are generated to steal advertising money.

• Advance-Fee Scam:   Fraud promising large sums of money in return for an upfront payment.

• Adware:   Software that forces unwanted ads onto a user’s device.

• ATM Skimming:   Device placed on ATMs to steal card information and PINs.

• Account Takeover:   Criminals gain unauthorized control of an online account.

• AI-Powered Phishing:   Scams using AI to create realistic fake emails or messages.

---

B

• Bait-and-Switch:   Advertising one product but delivering something inferior.

• BEC (Business Email Compromise):   Targeted scam tricking companies into transferring money.

• Bitcoin Scam:   Fraud using fake crypto investments or wallets to steal funds.

• Blackmail Scam:   Criminals threaten to release private info unless payment is made.

• Bluetooth / Smart Device Exploits:   Eavesdropping, device hacking, BlueBorne vulnerabilities.

• Botnet:   Network of infected computers controlled remotely for attacks or spam.

• Brute Force Attack:   Automated guessing of passwords until access is gained.

• Browser Hijacker:   Malicious software that redirects searches or changes homepage settings.

---

C

• Catfishing:   Creating a fake online identity to deceive victims.

• Charity Scam:   Fake charities collect donations that never reach the cause.

• Click Fraud:   Bots or people click ads repeatedly to drain advertiser budgets.

• Clone Phishing:   Fake copy of a legitimate email used to trick users.

• Credential Stuffing:   Using stolen login details across multiple websites.

• Crypto Mining Malware:   Hidden software that hijacks devices to mine cryptocurrency.

• Cryptojacking:   Unauthorized use of someone’s computer to generate cryptocurrency.

• Credit Card Skimming:   Theft of card info via hidden readers at payment terminals.

---

D

• Data Breach:   Unauthorized access and theft of sensitive information from a system.

• Deepfake Scam:   AI-manipulated videos or audio used to impersonate people.

• Denial-of-Service (DoS):   Attack that floods a system or website with traffic to make it unavailable.

• Disaster Relief Scam:   Fake appeals for donations after natural disasters.

• DNS Spoofing:   Redirecting internet traffic to fake websites by corrupting DNS records.

• Drive-By Download:   Malware installed automatically when visiting an infected website.

• Dumpster Diving:   Stealing sensitive data from discarded physical documents or hardware.

---

E

• Eavesdropping Attack:   Unauthorized interception of private communication.

• Email Spoofing:   Forged sender address in an email to trick recipients.

• Event / Ticket Scams:   Fake ticket offers, fraudulent streaming services around events.

• Elder Fraud:   Scams that specifically target older adults.

• E-skimming:   Injecting malicious code into online stores to steal credit card details.

• Exploit Kit:   Toolkits hackers use to find and exploit system vulnerabilities.

• Extortion Scam:   Criminals demand payment by threatening harm or exposure.

---

F

• Fake Antivirus Scam:   Fraudulent software that pretends to detect viruses to scare users into paying.

• Fake Job Offer Scam:   Criminals trick victims with bogus employment opportunities to steal info or money.

• Fake Tech Support Scam:   Fraudsters pose as IT staff, demanding payment to “fix” fake issues.

• Fake Shopping Website:   Fraudulent e-commerce sites that steal payment information or never deliver goods.

• Fitness App Scams:   Using of social fitness apps or trackers to gather info, build fake relationships, or push fraudulent products.

• Formjacking:   Inserting malicious code into online forms to capture user data.

• Friend Impersonation Scam:   Criminals impersonate friends on social media or email to request money.

• Fraudulent Investment Scheme:   Promises of high returns with little risk, used to steal funds.

---

G

• Gambling Scam:   Fake gambling sites rigged to steal money.

• Gift Card Scam:   Criminals demand payment in gift cards to avoid traceability.

• Gig Work Scam:   Fake freelance jobs that steal work or personal info.

• Google Docs Phishing:   Fraudulent shared documents used to trick users into giving credentials.

• Grandparent Scam:   Callers impersonate grandchildren in distress to steal money.

---

H

• Hacktivism:   Cyberattacks carried out to promote political or social causes.

• Honeypot Trap:   Fake system set up by hackers to lure victims.

• Hoax Email:   False messages designed to scare or mislead recipients.

• HTML Smuggling:   Hiding malware in harmless-looking web files.

• Hybrid Attack:   Mix of brute force and dictionary attacks to guess passwords.

---

I

• Identity Theft:   Criminals use stolen personal data for fraud.

• Impersonation Scam:   Pretending to be someone else to commit fraud.

• Infected Attachments:   Malware spread through files attached to emails.

• Influencer Scam:   Fake social media personalities used to sell scams or steal data.

• Invoice Fraud:   Fake bills sent to trick businesses into paying.

---

J

• Jailbreaking Malware:   Malicious apps disguised as jailbreaking tools.

• Job Scams:   False employment opportunities stealing personal or banking info.

• Juice Jacking:   Malware installed through public USB charging stations.

---

K

• Keylogger:   Malware that records keystrokes to steal login info.

• Kidnap Scam:   Criminals falsely claim a family member is kidnapped to demand ransom.

• Knowledge-Based Authentication Exploit:   Using stolen personal info to bypass security questions.

---

L

• Loan Scam:   Fake lenders offering quick loans to steal fees or data.

• Lottery Scam:   Victims told they won a lottery but must pay fees to claim.

• Love Scam:   Romance-based scam exploiting emotional relationships for money.

• Logic Bomb:   Malicious code triggered by specific conditions in a system.

---

M

• Macro Virus:   Malware hidden in Office documents that executes malicious code.

• Malvertising:   Online ads used to spread malware.

• Man-in-the-Middle Attack (MITM):   Intercepting communication between two parties to steal data.

• Money Mule Scam:   Criminals recruit people to launder stolen funds.

• Mortgage Scam:   Fraud targeting homeowners with fake refinancing deals.

• Mystery Shopper Scam:   Victims paid with fake checks and asked to send back real money.

---

N

• Nigerian Prince Scam:   Classic advance-fee email fraud promising wealth.

• Number Spoofing:   Faking caller ID to appear as a trusted number.

• NFT Scam:   Fraud using fake or worthless digital collectibles to trick investors.

• Non-Delivery Scam:   Buyers pay for goods or services that never arrive.

---

O

• Online Dating Scam:   Fraudsters posing as romantic partners to exploit victims.

• One-Time Password Theft:   Criminals steal or intercept temporary login codes.

• Overpayment Scam:   Scammers send fake payments and demand refunds.

• Overlay Malware:   Fake login screens placed over real apps to capture credentials.

---

P

• Pagejacking:   Redirecting users from real websites to fake ones.

• Password Spraying:   Trying common passwords across many accounts.

• Payment App Scams:   Fraudulent requests or spoofed payment/banking apps, including app-store impersonation.

• Payment Fraud:   Unauthorized use of payment methods to steal money.

• Peer-to-Peer Scam:   Criminals exploit direct money transfer apps.

• Pharming:   Redirecting website traffic to fraudulent sites.

• Phishing:   Fake emails or sites tricking victims into sharing data.

• Pig Butchering Scam:   Long-term romance/investment scam draining victims financially.

• Ponzi Scheme:   Fraudulent investment paying returns with new investors’ money.

• Pyramid Scheme:   Fraud relying on recruitment rather than real products.

---

Q

• QR Code Scam:   Fake QR codes directing users to phishing or malware sites.

• Quishing:   Phishing via malicious QR codes.

• Quarantine Scam:   Fake health or pandemic-related fraud exploiting fear.

---

R

• Ransomware:   Malware that encrypts files and demands payment for access.

• Remote Access Trojan (RAT):   Malware giving attackers full control over a device.

• Reshipping Scam:   Victims asked to forward stolen goods, becoming money mules.

• Rogue Security Software:   Fake antivirus tools that demand payment.

• Romance Scam:   Emotional manipulation to steal money under false relationship pretenses.

• Rogue Wi-Fi Hotspot:   Fake wireless networks used to intercept data.

---

S

• Scareware:   Software that tricks users into thinking they’re infected, demanding money.

• SIM Swapping:   Criminals hijack phone numbers to steal accounts and 2FA codes.

• Skimming:   Hidden devices steal card data at ATMs or POS machines.

• Smishing:   Phishing attacks via SMS text messages.

• Social Engineering:   Manipulating people into revealing confidential info.

• Spear Phishing:   Highly targeted phishing aimed at specific individuals.

• Spyware:   Malware that secretly monitors user activity.

• Subscription Scam:   Hidden recurring charges after “free trials.”

• Supply Chain Attack:   Infiltrating a vendor to target its customers.

• Swatting:   False emergency calls sending police to a victim’s address.

---

T

• Tech Support Scam:   Fraudsters claim to fix fake computer problems for money.

• Trojan Horse:   Malware disguised as a legitimate program.

• Typosquatting:   Registering misspelled domain names to trick users.

• Two-Factor Authentication Bypass:   Exploiting weaknesses in multi-step verification.

---

U

• Unemployment Fraud:   Criminals steal benefits by filing fake claims.

• URL Phishing:   Malicious links that mimic trusted websites.

• Unauthorized Access:   Entering systems or accounts without permission.

• Unpatched Software Exploit:   Attacks exploiting outdated, unpatched programs.

---

V

• Vaccine Scam:   Fraudulent health offers tied to vaccines.

• Vishing:   Voice call phishing where scammers impersonate trusted sources.

• Virus:   Malicious code that spreads across systems, often destroying data.

• Voice Cloning Scam:   AI-generated voices impersonating people for fraud.

• VPN Scams:    VPN services that steal user data.

---

W

• W-2 Scam:   Criminals trick businesses into sending employee tax data.

• Wailing Attack:   Targeted phishing against top executives.

• Watering Hole Attack:   Infecting sites frequently visited by a target group.

• Web Skimming:   Stealing credit card data from e-commerce checkout pages.

• Worm:   Malware that spreads without human action, often across networks.

---

X

• XSS (Cross-Site Scripting):   Injecting malicious scripts into trusted websites.

• Xerox Scam:   Fraudulent printer/copier lease schemes tricking businesses.

• XML Injection:   Malicious code inserted into XML documents to exploit apps.

---

Y

• YouTube Monetization Scam:   Fake offers promising income for uploading videos.

• Youth Targeting Scam:   Fraud aimed at teenagers via gaming or social apps.

• Yield Farming Scam:   Fraudulent crypto projects promising unrealistic returns.

---

Z

• Zero-Day Exploit:   Attacks using vulnerabilities before they are patched.

• Zombie Bot:   Infected computer controlled remotely for cyberattacks.

• Zoom Phishing:   Fake meeting links used to steal credentials.

• Zelle Scam:   Criminals trick users into sending money through Zelle or similar apps.

---

Learn more about Scams and Cybersecurity Threats

Read about common scams to be aware of and prepare for.
Explore emerging online scams.

The top three cybersecurity concerns are AI-powered attacks, ransomware and malware, and social engineering (including phishing and deepfakes).  These three areas are not new, but have become increasingly prevalent.  Let’s dig deeper into each of these, so you can prepare and protect yourself.

Top 3 Cybersecurity Threats

• Attackers increasingly use artificial intelligence to automate sophisticated intrusions, customize phishing, and exploit vulnerabilities faster than ever before.

• AI also underpins deepfake technology, which can impersonate real people in video, voice, or images for fraud or trickery. It does this while working to evade detection.

How to Protect Yourself:

1. Question unexpected requests, even if convincing, such as video messages “from your boss”.

2. Verify identities through a second method.

3. Keep up with security tools that detect AI-powered threats.

2.  Ransomware and Malware

• Ransomware dominates as a top threat, with attacks becoming more frequent and sophisticated.  Critical systems and personal data are frequent targets.

• Malware threats, including “fileless” malware, increasingly evade traditional antivirus defenses, making them harder to detect and stop with standard security tools.

How to Prevent Becoming a Victim

1. Regularly back up important files to disconnected or cloud storage.

2. Always update software and devices, such as Windows.

3. Use security software and set up automatic scans.

3.  Social Engineering and Phishing

• Traditional phishing – which is fraudulent messages or websites – and advanced business email compromise schemes seek to trick users into revealing sensitive data or sending money.

• Deepfakes and personalized attacks driven by AI make social engineering more convincing. It’s vital to teach vulnerable age groups the warning signs to watch for.

Best Steps to Take

1. Never click suspicious links or attachments; confirm unusual requests via alternate channels.

2. Be wary of urgent, emotional, or authoritative demands — classic signs of scams.

3. Engage in regular security awareness training to spot common tricks.

The Basics in Personal Cybersecurity

Use strong, unique passwords for every service, consider adding passphrases, and enable multi-factor authentication.

Stay informed through official advisories and maintain a skeptical, security-first mindset in all your digital communications.

Educate household members or employees on best practices, and consider simulated phishing exercises to improve awareness.