“Remember, if it looks too good to be true, it probably is,” Paige Hanson, NortonLifeLock’s chief of cyber safety education, said in an email interview. “Cybercriminals are experts at creating fake sites, emails, or profiles that look identical to legitimate people or online shops. Make sure that you’re certain before clicking a link or opening a file to avoid getting scammed.”

Watch Where You Click

The most common scams include phishing emails, links to malicious websites, robocall scams, and gift card scams.  Phishing emails often come in the form of fake order or refund notifications, and contain an attachment or link leading to a malicious website that requests the victim’s information or directs the user to unknowingly download malware.  “These fake emails also can take the form of gift card scams, where a message includes a gift certificate that users must redeem by clicking on a phishing button,” Owens said  According to Trend Micro’s research, some scammers will pose as customer service representatives and call you, claiming a problem with your account, membership, or recent orders. They will then request you to take action, such as paying money or changing your account settings. Cybersecurity lawyer Todd Kartchner said in an email interview that his firm has recently seen more scams involving COVID-19 vaccinations. Scammers have been contacting people through online ads, phone calls, or social media, offering to sell vaccines. In getting people to sign up for vaccinations, they attempt to solicit personal information they can use to steal that person’s identity and get credit card numbers or bank account information.   “People need to know vaccinations are not for sale and that they should only sign up for vaccinations through federal or state-approved sources,” Kartchner added. “People should also be wary about posting their vaccination card information online. Their cards contain personal information that scammers may try to use for identity theft.”

How to Protect Your Info

A healthy dose of skepticism goes a long way towards protecting yourself from online scams, experts say.  You should always check the sender’s email address to see if the email came from an official account, Owens said. Cybercriminals may sometimes use a zero in place of an O to confuse users. Got an offer of a great deal in an email? Go directly to the sender’s website and check your account, instead of clicking on links from a suspicious email from a vendor. Hover your cursor over (but do not click) the link embedded in the email, Owens suggests. This link usually reveals the URL that the link will actually go to. Do not open any attachments until you can confirm the email is legitimate, Owens said.  “The most important thing people can do to protect themselves from potential scams is to stop and think before you give anyone your personal information or pay for something online,” Kartchner said. “Do some research if you are getting requests from an unknown source.”