The Complete Guide to Avoiding Online Scams

We know—you’re too tech-savvy to be fooled by an online scam. But even the smartest among us can fall victim to internet trickery, and we’ve all got those friends and relatives who could use a little extra help with digital security.

Here’s our definitive guide to helping you  stay safe online.

Never, ever click a link to your bank or financial institution from an email

Many security experts would argue that you should never click links in emails, period. Scammers can spoof messages to make them look like they come from sources you trust—yet the links lead to fake websites designed to collect your personal information or force you to download malware.

Before you log into a service’s site, make sure you’ve taken a second to look for the lock icon in your browser’s address bar. Though this isn’t a foolproof way to tell fake from real, it at least gives you a little extra clue that the site your connection to a site or service is encrypted, making the site (potentially) more legitimate.

Don’t give out your passwords

This is obvious, but less tech-savvy people might cough up their passwords if a request appears legitimate. The hard-and-fast rule is that you should never give out any of your passwords, period. This is not something individuals or companies should ever ask for directly. If you get an email or a text message asking you to send over your password for any reason whatsoever, don’t do it. Easy as that.

Use strong passwords (and secret questions)

Plenty of people are still using  passwords like “password” and “123456.” Don’t be one of them. If your password is easily guessed (because it contains basic identifying information like your birthdate or your spouse’s name), it won’t even matter if you accidentally give it out. A hacker will crack it in no time. create different credentials for each and every online account you open. We recommend using a password manager to keep track of your dozens or hundreds of unique logins.

Don’t buy anything from a random email you receive

A good spam filter should catch the obvious stuff, like emails trying to sell you everything from cheap watches to fake male enhancement products.

Take advantage of your browser’s security features

Web browsers (Chrome, Firefox, etc.) have built-in features for checking security certificates from trusted websites—click on the lock icon to see all the information about the certificate, including whether it’s valid, who issued it, and where.

Browsers will also generally alert you if you’re trying to access a malicious site or download a dangerous file.

Ignore website popups that say you have a virus

Get yourself an ad blocker, either built into your browser or via a third party. If you are seeing popups or ads as you surf, don’t click on them. Any message that’s scary or has a sense of urgency—your PC is infected with a virus and you need to download this software RIGHT NOW—is a scam.

You can also use antivirus software to detect and prevent viruses and a VPN to anonymize your data as you browse.