By now, most people are aware that the internet is rife with scammers, fraudsters, and con artists who are looking for opportunities to steal people’s money and personal information. However, despite this awareness, the FBI revealed that businesses and individuals lost $3.5 billion to cyber-criminals last year, demonstrating that cyber-crime remains an ever-present concern. In fact, criminals have grown increasingly bold in recent years, leveraging current events to lure victims into their scams; for instance, online security specialists have noted that a prominent phishing scam has been circulating that claims to offer ‘safety measures’ for the novel coronavirus, which then tries to convince users to submit their email address and password to online crooks.

In order to stay safe online, it isn’t enough to just know that there are scammers out there: you need to know how they scam people, what to look out for, and what to do if you encounter one! Though one cannot completely eliminate the risk of fraud while online, being mindful of the strategies that scammers use allows people to make smarter decisions and exercise greater caution while using the internet. As such, let us go over some of the most common types of online fraud, how they work, and what to do if someone tries to scam you.

Identity Theft

Identity theft is a rather broad term, referring to many different types of online fraud, but they all boil down to the same core idea: someone steals your personal information and uses it without your permission. This can range from access your Amazon account and making refund requests to nabbing your Social Security and credit card numbers to make purchases. Depending on how long it takes to recognize an act of identity fraud, it can lead to anything from minor inconvenience to serious legal or financial issues.

Most forms of online fraud involve identity theft of some kind, as the majority of them involve stealing or tricking people into sharing their personal information. The most worrying thing about identity theft however is that you don’t have to directly interact with a scammer in order for them to steal your data. Not only can people find your information through more traditional methods like mail theft, but many scammers will also target online accounts with weak passwords, forcing their way in and walking away with valuable data. There is a way to completely inoculate yourself from identity theft, but you can a long way by picking stronger online passwords and being more stringent about sharing your information.


Phishing is arguably the most common and widespread method for scamming people online. It refers to techniques in which internet thieves send fraudulent emails, texts, or links to copycat websites in order to trick you into believing you are logging into a trusted site that you normally do business with. The goal here is simple: to steal valuable data such as your login IDs and passwords, Social Security number, or bank details.

Occasionally you will also see phishing emails where a scammer will ask for money exchanges, claiming to be in some kind of situation where their own funds are tied up. Fraudsters lure people in by offering a much larger cash reward if you can help them out of their current predicament. These type of email scams are among the longest running in the history of internet fraud, with people having made jokes about “Nigerian Prince” scams for over a decade. Despite this, these types of money exchange scams are still popular, with reports suggesting they still rake in over $700,000 a year.


Some of the most insidious and scary online scams involve ransomware, where hackers install software onto a victim’s computer that restricts access to their files. These schemes are essentially a form of digital blackmail or extortion, forcing the victims to send payment (often in the form of untraceable bitcoin) before the hacker will undo the damage they have caused. Ransomware can be so advanced that it is virtually impossible to crack without the hacker’s decryption services, making it a particularly effective form of fraud when targeting services with important data, such as schools or hospitals. In 2018, the city of Atlanta, Georgia spent $2.6 million during their efforts to recover from a ransomware scare, demonstrating just how dangerous this type of digital fraud can be.

Confidence & Romance Fraud

Many of the most common types of online scams focus on falsifying one’s identity. Scammers often try to trick people into thinking they are companies they do business with (i.e., Amazon) or a government organization (i.e., the FBI or IRS). Yet some scammers go in a different direction, trying to convince victims that they are someone close to them. Called confidence scams, cyber-criminals will take on the guise of a family member or friend to get money or personal information. This can range from a “friend” claiming that they need bail money to a “grandchild” asking an elderly family member for airfare so they can visit them.

Though scammers often try to gain people’s confidence by imitating someone they know, others actually forge relationships with their victims, pretending to be romantically interested in order to take advantage of them. These types of scams most often target senior age internet users, who are often lonely and find that it is easier to meet people online than in person. An FBI report from 2018 found that romance or confidence fraud was the 7th most commonly reported scam and the 2nd most costly in terms of victim loss.

What If Someone Tries To Scam You?

These are just a handful of the most common types of online fraud that you are likely to encounter, as there are many other ways that people will try to steal your money or personal information. From phony reward programs and lottery scams to fake job offers and contest winnings, fraudsters will go to great lengths to get what they are after. However, it isn’t enough to just avoid scammers: you should do your part to point them out and address them. There are several organizations where you can send internet-related criminal complaints, including the Internet Crime Complaint Center (IC3) or the Federal Trade Commission (FTC).

Most importantly, if you are or believe that you could be the victim of a cyber-crime, you should report it! Too often, people will hesitate to report when they have been victimized online out of embarrassment or confusion. Yet not reporting on such a crime makes it easier for criminals to act with impunity.

Reporting their actions puts them on the radar of the government and law enforcement, bringing them closer to justice and helping keep other internet users a little bit safer.