What is a scam?
A scam is any fraudulent activity devised to trick money, favors, or personal information out of people. To avert suspicion, scammers often pretend to be someone the person knows or can trust and manipulate them into taking actions that cause harm to their finances or personal lives.
Types of scams
Scammers use various techniques to trick their targets into actions that jeopardize their financial well-being or personal security. For different types of scams, fraudsters may use different channels, ranging from social media and malicious URLs to emails and phone calls. Learn about the most common types of scams and how they work.
Financial scams
The idea behind financial scams is to trick people into willingly giving away their money. Types of financial scams include:
This investment fraud revolves around paying early investors with money taken from new investors. A Ponzi scammer looks out for inexperienced investors, hyping them with little or no risk investment opportunities and promising high returns.
Pyramid schemes
This type of scheme focuses on recruiting new members rather than actually selling the promoted product or service. As the scheme grows, it becomes unsustainable because it depends on a constant flow of recruits. Once this flow dries up, there isn’t enough money coming in to pay earlier members.
Fake debt collection scams
Scammers pretend to be legitimate debt collectors and urge their targets to pay non-existent debts. Fraudsters play with their victims’ emotions and often threaten them with severe consequences if they don’t pay.
Cryptocurrency exchanges don’t have a lot of regulations, and all transactions are irreversible, making crypto trading extremely vulnerable to scams. Fraudsters can design fake cryptocurrency platforms to steal traders’ funds or do so via fake cryptocurrency wallet apps. Scammers can also drive up the prices of tokens and create a phony hype around them. Less experienced traders often rush to invest in these invaluable tokens while scammers sell their holdings, causing a sharp plummet in tokens’ value.
Forex and trading scams
These scams prey on investors by promising risk-free trading opportunities with guaranteed profits, which is unrealistic for constantly fluctuating trading markets. Fraudsters can set up fake online trading platforms mimicking legitimate foreign or stock exchanges. These fake brokerages can manipulate trades, creating artificial price movements that cause traders to lose money and block withdrawals.
Online scams
Online scams test people's gullibility in many ways, such as promoting too-good-to-be-true offers or urging them to take swift action to fix non-existent issues. Types of online scams include:
A scammer can steal personal information, such as bank account details or login credentials, by pretending to be the target's acquaintance or service provider, as in the case of Google scams. Malicious actors can send legitimate-looking text messages or emails with malicious links or infected attachments. Once clicked, these links can download information-stealing malware onto the victim's device or bring them to a fake website where criminals are waiting, ready to steal their sensitive data.
Online shopping scams
The internet is full of fake e-commerce websites where scammers try to sell non-existent products to unsuspecting consumers. Fraudsters create convincing shopping sites or knockoff versions of famous brand websites to deceive online buyers and steal both their money and personal data. Even well-known e-commerce sites have fallen victim to phishing attacks (read more about Amazon scams and eBay scams).
In this case, a scammer pretends to be an IT specialist from a trusted company and claims they're investigating a bug – a simple quirk of the operating system. A fraudster often asks for the target's password to fix the problem remotely and, once given access to the device or a system, steals sensitive information or financial data.
Social media scams
These scams can come in many forms, from fake giveaways and impersonation attempts to phishing and fraudulent investment schemes. Scammers often create a sense of urgency to pressure users into sharing personal information or sending money for a supposed once-in-a-lifetime opportunity.
Read more about the most common scams on social media platforms:
Facebook scams | Telegram scams | Instagram scams | Linkedin scams
Identity theft scams
Identity theft scams typically involve cybercriminals stealing their victims' sensitive information and using it for malicious purposes. Scammers can also pretend to be somebody else to trick their targets. These types of scams include:
Impersonation scams
Fraudsters often try to extract funds or personal information from their targets by pretending to be government officials, bank clerks, or personnel from trusted institutions. Scammers may even go to extremes, like in funeral scams, where they prey on vulnerable people by pretending to be funeral home representatives.
Cyberattackers can gain unauthorized access to people's online accounts by exploiting weak credentials, leveraging stolen login data, or tricking people into giving out this information through phishing attacks. Once the scammer has taken over the account, they can use it to steal the victim's personal data and savings or lock the original user out of their accounts.
If scammers manage to steal someone's personal or financial information, they may use it to file fraudulent tax returns, claim refunds, or commit other financial crimes in the victim's name. Fraudsters can also call their targets pretending to be employees of tax agencies and demanding to pay an outstanding tax debt that doesn't exist.
Romance and emotional manipulation scams
Manipulating people's feelings and faking relationships proved to be powerful techniques to make people fall for scammers' tricks. Types of romance and emotional manipulation scams include:
The scammer makes their target think they're in an online relationship (whether on dating sites or social media) and exploits them for gifts, favors, or money. Online dating scammers try to establish a relationship and gain trust as quickly as possible – they may even propose marriage to enforce the idea that they're devoted to their victim.
Charity scams
Fake charities pretend to raise money for causes, but all the money ends up in the scammer's pockets. Scam charities target people through emails, social media posts, or crowdfunding platforms or even come to potential victim’s doors to promote their fake cause. Scammers become more active around the holiday season or after natural disasters and prey on people's generosity during challenging periods.
Prize and lottery scams
These scams trick people into believing they have won a large sum of money or an expensive prize. Afterward, they're asked to share their personal details or pay a fake winner's fee. Prize, lottery, and gift card scams create excitement on the part of the potential victim and a need for urgent action, encouraging targets to act quickly before they realize it's a scam.
Employment and business scams
Employment scams exploit employees' trust by taking advantage of the sense of authority or targeting recruits' willingness to get a job. These types of scams include:
Fake job offers
Cybercriminals can place vacancies for fake roles on legitimate job-hunting platforms. These listings may include a link to the employer's website, where people can apply for the position – or, in this case, download malware. Scammers may also ask for an upfront payment for training or equipment supposedly needed for the fake job.
Business email compromise (BEC)
It's a sophisticated scam in which fraudsters impersonate business executives or partners to trick employees into transferring funds or sharing sensitive information. BEC scams exploit trust and authority within companies, rely on social engineering, and are hard to detect.
Consumer scams
Consumer scams take advantage of a buyer’s journey and aim to trick people during everyday transactions or business interactions. These scams include:
Warranty or insurance scams
Fraudsters pose as legitimate companies and offer fake or unnecessary coverage for vehicles, home appliances, or life insurance. Their targets may also receive unsolicited calls or emails warning them about the expiring warranty and urging them to renew it immediately. Scammers often demand upfront payments or steal personal data under the pretense of processing fees.
Advance fee scams
A scammer convinces their victims to pay upfront for a promised service that never materializes, such as a loan, job opportunity, or inheritance. Cybercriminals can claim they need to collect a fee for processing, legal paperwork, or securing a deal, creating a sense of urgency to push a potential victim into paying.
Postal scams
In this case, targets may receive a text message or an email claiming they’ve received a package or asking to reschedule parcel delivery. These messages typically include a link, which hides malware or leads the victim to websites where they’re asked to share their personal details or financial information.
Travel scams
People searching for holiday accommodation often don't have a chance to view the rented properties before their trip, making them attractive targets for online scammers. Travel scams include:
Vacation rental scams
Scammers create fake listings on popular rental websites and, posing as property owners, offer cheap holiday deals. Once the target has made the booking, the fraudster requests upfront payment and disappears with the money, leaving travelers with no place to stay.
Timeshare scams
This fraud scheme targets people looking for a shared vacation home to own with others. Similarly to rental scams, scammers may trick people into buying or renting properties that are lower in value than the price sold or sometimes don't even exist.
Healthcare and medical scams
Health scams target the most important aspect of human lives – their health and well-being. They play on potential victims' deepest concerns to trick them into giving out their money or sensitive data. These types of scams include:
Fake health products
Some fraudsters prey on people's desire to find quick fixes to their health issues. Scammers tend to market unsafe, ineffective, or harmful health products online through unsolicited ads promising miracle effects. Consumers who fall for this scam risk not only their savings but also their health.
Health insurance scams
In this case, scammers pretend to offer legitimate health insurance plans at a lower price. In truth, they overcharge their victims for the provided coverage or sell non-existing insurance policies. Buyers of fake insurance may end up with no health coverage and their personal information stolen.
Education and student scams
Students are among the many groups targeted by online fraudsters who exploit their financial struggles. Education scams include:
Scholarship scams
Students looking for financial aid can be tricked into applying for fake scholarships. Fraudsters may ask their targets to pay fake application fees or disclose their personal information, which they later may use for malicious purposes.
In this case, scammers claim they can help students erase their student debt for an upfront payment. However, there’s no shortcut to student loan forgiveness, and the scam always leads to financial losses.
Scams targeting the elderly
Elderly people may be less aware of circulating scams and, because of that, are often targeted by scammers. Scams targeting the elderly include:
Grandparent scams
Fraudsters pretend to be their target’s grandchild or an estranged relative in distress, asking for urgent financial help. Abusers usually pressure their targets to act fast and not to tell anyone about this.
Medicare scams
Pretending to be Medicare representatives, fraudsters may try to steal seniors' personal information or money. Scammers often claim seniors are eligible for additional health coverage or need to update their Medicare information with personal information, such as their Social Security number or credit card details. As a result, the victims of Medicare scams often lose money and experience identity theft.
Ways scammers operate
Scammers use various online and offline platforms to trick people into falling for their malicious schemes. The method of approach they use is based on the type of scam they are executing.
Scam text messages
Scams carried through text messages are called smishing and typically call for urgent action to deal with fake account issues, non-existent deliveries, or unpaid fines. Smishing SMS typically includes a malicious link that leads a person to fake a website. Once there, scam victims may be tricked into giving away their personal details or to pay non-existent fees.
Scam emails
Fraudsters use phishing emails to urge their targets to pay fake fees or explore phony exclusive deals. To be more credible, scammers often pretend to write from a legitimate source or to be someone the target knows. Phishing emails typically include malicious links that lead victims to fake websites or download malware onto their devices.
Scam calls
Spoofing allows fraudsters to fake caller ID on a target's phone and make it appear as though the call is coming from a trusted or familiar number. Because the victims think they recognize the caller, they may be less critical when listening to the scammer's requests or appeals and more easily fall for their malicious schemes.
Scams using IP addresses
Scammers who manipulate IP addresses often use IP spoofing to make their traffic appear as though it's coming from a legitimate source. They may also compromise legitimate IP addresses to carry out fraud. Online scams that exploit IP addresses are not very common because of their complexity, but they are harder to detect because they hide the scammer's true location or identity.
Scam links and websites
Phishing links and scam websites go hand in hand when it comes to tricking internet users. By using shortened or phishing URLs, scammers often redirect their victims to fake websites or install malicious code on their devices. A more elaborate phishing technique is to use QR codes, which help disguise and deliver legitimate-looking but malicious links.
Another trick online scammers favor is creating fake websites that mimic existing brands to lure people into giving away their sensitive information for bigger discounts or promotional codes.
Scam apps
Scammers may set up fake apps that operate as online stores and sell non-existent goods or services. These apps can help fraudsters steal money and personal information from unsuspecting buyers. Some apps may also use bot-generated comments or fake ads to redirect users to other fraudulent pages.
Want to keep learning?
Subscribe to our newsletter for cybersecurity news and online privacy tips.
Scam prevention
According to NordVPN research, people most often expose their personal information by engaging with links to fake websites, falling for delivery scams, interacting with fake support centers, and claiming non-existent prizes. Find out how you can recognize scams and avoid being tricked.
Stay aware and verify the sources
Two of your best tools against scams are your awareness and critical thinking skills. That’s why it’s important to:
Learn about common scams and recognize their early warning signs, such as misspelled words or vague statements in unsolicited text messages and emails.
Never give away passwords – real tech support staff can fix your account without logging in from external sources.
If in doubt, end communication – further contact only gives a skilled scammer more opportunities to establish trust or cover up any discrepancies.
Don’t blindly trust unsolicited messages, and always verify their source.
Check links and files before you click them. Scammers may pretend to be someone you trust to trick you into downloading malware.
Educate the more vulnerable people in your life about the signs and dangers of scams. For instance, check out these tips on helping to keep seniors safe on the internet.
Sign up for phishing and fraud alerts
Scam and fraud alerts can help you avoid scams by notifying you about suspicious or phishing websites. Fraud alerts and other anti-phishing services typically use databases of known scam sites, threat intelligence tools, and real-time analysis to identify malicious websites.
Strengthen your online security and privacy
You can build up your online defenses with the help of the following cybersecurity tools:
A virtual private network (VPN) encrypts your online traffic and changes your IP address so you can browse without snoopers following you around online. Some VPNs also come with additional security features, such as phishing alerts or malware blockers.
A password manager helps create strong passwords and keeps them secure within an encrypted vault.
Multi-factor authentication (MFA) adds an extra layer of security by requiring additional forms of identification when you’re logging in.
Malware scanners help to identify malicious software or files and prevent malware from infiltrating your device.
Ad and tracker blockers protect your privacy while you are browsing because they stop unwanted ads and intrusive trackers from following you around online.
Report and share suspicious activity
The best way to prevent scams from spreading is to report suspicious activity, both online and offline, as soon as you encounter it. Make sure to report malicious websites, scam messages, and any deceptive behavior to the appropriate authorities.
FAQ
Online security starts with a click.
Stay safe with the world’s leading VPN
