You need last-minute tickets to the big game, and luckily someone on Craigslist is selling seats on the 40-yard line for $200. You meet in person and exchange cash and personal details—phone number or email address—just in case. You get to the gate and that legitimate-looking ticket doesn't scan. You call up the seller, but the number has been disconnected—and good luck getting an email response from [email protected]
It works because ... The seller fed you a plausible story about how this particular game of the season ticket package coincides with their stepdaughter's ballet recital. "You feel like it's a better deal if you think you're taking advantage of their misfortune," says Siciliano. "This person's hardship is your advantage."
Don't get scammed: Buying tickets on Craigslist is always a risk, especially if you use cash. But it's one of the only options if you've waited until the last minute. Instead of paying cash, convince the seller to use an online service, such as PayPal QuickPay, which offers buyer protection in case the tickets turn out to be fake.
2. The Social Media Link Scam
Your Facebook friend just posted a link: "Miley Cyrus did what at a concert last night?" It's accompanied by a fuzzy image of a half-naked Miley. There's even a comment—from the same friend who posted it—that says "You guys HAVE to see this." But click that link and you'll end up on a shady, virus-ridden website. Then it links to your timeline, repeating the cycle...forever.
It works because ... These scams play to our curiosity, says Roel Schouwenberg, a principal security researcher at Kaspersky Lab. "Most of the time when we're on social networks, we're curious—we want to see what people have been up to." Plus, social media sites condition us to "share" and click links, so scammers have the perfect place to hunt down suckers.
Don't get scammed: The solution isn't to never click links again. Schouwenberg advises people to be mindful of links advertising shocking or adult content, because those will often lead to bad—not to mention NSFW—stuff. Still curious? Ask your friend if they meant to post the link. Worst-case scenario: They didn't, and now you've tipped them off to a hijacked account.
3. The Caller ID Scam
You get a call from an unknown number, and the voice claims to be from the local police department. They're investigating a crime, and they want to verify your information—your name, date of birth, and address—to rule you out as a suspect. You're not stupid, so you Google the number and it is the local police department. No big deal, right? Nope—they're actually scammers who fooled your smartphone's robust caller ID with a web service, and now they've got all your info.
It works because ... Smart people don't really want to mess with the police, the government, or any other intimidating agency.
Don't get scammed: Caller IDs are easy to spoof. Other versions of this scam include calls from government agencies, banks, and utilities companies. But if anyone calls you and asks for information up front, hang up, says Siciliano. "There isn't a government agency or corporation on the planet that will ask for your personal information over the phone," he says. "If they're calling you, they already have it." Only provide that type of information if you call the direct number yourself.
4. The Email Phishing Link Scam
You get an email from your bank that says your account has been compromised—please click this link to login and change your password. It's your bank, so you click and enter your personal details into a website that looks exactly like your bank's website. You hit submit, and nothing happens.
It works because ... These scammers make their emails and websites look good. There's no broken English, wonky layouts, or other red flags. Plus, they take an establishment you put a lot of trust in, such as your bank or credit union, and play off that trust to get you to cough up personal details, passwords, and PINs.
Don't get scammed: Don't click on links in emails—go directly to the business's website. Banks, credit unions, and other businesses that handle your sensitive information like credit card numbers will never send you direct links if your account has been compromised. They'll send you an email with detailed instructions on how to change your password, but they'll send you to the main page or they'll make you type in the URL yourself to do it.
5. The Perfect Online Girlfriend Scam
She's hot, fun, and a great conversationalist on OKCupid. She really wants to meet you in person, but she's between jobs and she can't afford the $300 ticket to New York. No problem—you can just send her the money for travel. Also, she needs a little help with her rent and loves this handbag. Unfortunately, she doesn't exist.
It works because ... "Loneliness trumps common sense every single time," says Siciliano. "People make bad, bad decisions when they're lonely." And these scammers aren't stupid, either—they've been working the online dating sites for long enough that they know exactly what to say to make you fall in love with their online personalities.
Don't get scammed: Not too long ago, advice regarding online dating sites and scams amounted to: Don't do it. But today, meeting people online isn't weird. You don't need to avoid online dating altogether, just be smart about it. "The moment you have to lay down cash for someone you've never met, that's a scam," Siciliano says.
6. The Kidnapping Scam
A desperate email, phone call, or Facebook message that says your friend/daughter/wife/work colleague has been kidnapped and is being held for ransom. If you don't wire the cash to the kidnappers within an hour, your buddy is dead.
It works because ... It scares the crap out of you. If it's a phone call, it's usually ill-timed—say at 2 a.m.—to further disorient you.
Don't get scammed: First, don't try to be Liam Neeson or negotiate with terrorists. Second, recognize that you're getting emotional and don't make any rash decisions. Easier said than done, but there are some rational things you can do to help. Try to contact your friend/family member via another form of communication. Something as simple as a phone call or text to a friend who is supposedly being held hostage in Thailand can ease your fears.
7. The Charity Scam
Con artists often take advantage of tragedies. Think of the Sandy Hook shootings, the Boston Marathon bombings, or the Japan earthquake. Cons will appear in your inbox as charity solicitations: Just click on a link to donate money to a charity that will help the victims. You click, and you're taken to a website that opens a bunch of pop-ups or asks you for money.
It works because ... Like most scams, this one plays on your emotions. You're a good person, and you want to help the victims of tragedies. Plus, it's a current event, so it somehow seems less like a scam.
Don't get scammed: The best way to avoid this is to go directly to the source. Don't trust links in emails—go to the advertised charity and donate on their website, where it's simple to contribute. Disaster relief scams are so common that the Department of Justice even has a page dedicated to avoiding them .
8. And yes ...The Nigerian Prince Scam
You get an email from a Nigerian Prince—or other international royalty—who is about to come into an impressive inheritance. He has to leave the country and needs somebody (that's you!) to hold their money in an offshore account. If you pay a nominal fee, they'll give you half of it. No brainer, right?
It works because ... Honestly, this scam doesn't work on about 99.9 percent of the population. When these emails hit your inbox, they're often full of misspellings, bad formatting, and broken English. But that's actually a tactic, says Martin Weiss, owner of private IT security consulting firm Vulnio. "The incompetence is on purpose—it helps narrow down the 'mark,' " he says. "Those who respond are more likely to take things to the finish line."
Don't get scammed: Most people don't have to worry about falling for this type of scam. But just in case, remember: You should never wire money to someone you do not know.