Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How Can I Protect Myself From Scams?

Steps you can take to be prepared.

Scams are everywhere, it seems. I'll cover some common ones, and share the single most important rule to protect youself.


Question: A friend of mine had his computer scammed today. Fake emails were sent to everyone in his address book asking them to do him a favor by buying either an eBay or Apple gift card and then providing him with the card’s serial number so he could forward it to a cancer friend. I suspected foul play and sent my friend a direct email only to have the scammer email me back saying all was well and there was no scam. Is there anything we can do to protect ourselves against this type of attack and report him to some authority?

Ah, yes. The gift card scam. It’s common enough that it has a name.

The good news, though, is that it’s common enough that we can identify some characteristics to look for to prevent it from happening again.

Become a Patron of Ask Leo! and go ad-free!


Protecting yourself from scams

The best way to protect yourself from scams is to employ basic account security, like strong passwords and two-factor authentication, and to be skeptical at all times. Some scams have specific characteristics, like using gift cards or asking for remote access that make them easy to spot and avoid.

Basic security comes first

As outlined in my most important article — Internet Safety: 7 Steps to Keeping Your Computer Safe on the Internetthe best defense is something you put into place before you need it. It includes:

  1. Keeping things up to date.
  2. Scanning for malware.
  3. Keeping yourself educated.
  4. Securing your network.
  5. Securing your equipment physically.
  6. Backing up.

It’s #3 that scammers exploit. If they can fool you, they can bypass all the other security you have in place, no matter how good.

Signs of scams

Scammers love gift cards for two important reasons:

  • They’re generally not traceable.
  • They’re not refundable.

They’re the closest thing there is to handing the scammer your cold hard cash.

It’s not that gift cards are bad — they’re not. Use them for their intended purpose: giving gifts to people or organizations you know. But if someone specifically asks you to give them money as a gift card, that should be a huge red flag. Ditto for asking you to wire money or use Western Union to transfer money.

That’s when it’s time to be skeptical and at least ask questions. Not by responding to a scam email — as you saw, the scammer replies saying, “Sure, everything’s all right, it’s really me, honest!” In scenarios such as yours, reach out to the person using some other means. You might even pick up the phone and call them.

The same is true of the “remote access scam” where someone contacts you and offers to “fix” your computer if you’ll give them remote access. Again, remote access tools are not bad, but how the scammers use them can be. Never grant access to someone you don’t know who has called you rather than vice versa. Period.

The most important rule: be skeptical

Scams are not new. From counterfeiters to snake-oil salespeople, con artists and more, scams and scammers have probably existed since the dawn of humanity. Our increasing interconnection, particularly on the internet, has made it easier than ever to scam people and evade capture.

The most important thing you can do is to always be skeptical. Question everything.

  • If “they” contact you, and not the other way around, make sure you are absolutely certain you know who “they” are before you trust them.
  • If it sounds too good to be true, it’s not true.
  • If it sounds desperate or very time sensitive, get independent confirmation by some other means.
  • If you’re just not sure, even a little, ask a knowledgeable friend for help. Better safe than very, very sorry.

But above all, don’t let anyone take advantage of your kind nature. Being skeptical and making sure you’re helping who you think you are is kindness as well.

About reporting

If you find you’ve fallen for a scam, there is no shame. It happens to the best of us.

Report it to the various agencies involved: the police, your credit card company, and whatever else may have been involved or compromised in the process. If other people are involved in helping you with your technology, let them know as well. There may be ramifications you’re unaware of.

If you see a scam but know enough to avoid it, I don’t recommend taking any additional action. There are those who say reporting it to your local authorities can help, but I’m… skeptical. These scams are so broad and common that I’m sure the authorities are well aware. My take is to ignore it, delete it or mark it as spam, as appropriate, and get on with your life.

Do this

Be skeptical. Seriously, that’s my single most important takeaway here. If you remember nothing else, remember to be skeptical. Familiarize yourself with specifics like the gift card scam and the remote access scam, if you like, but it’s skepticism that will protect you from the scams that aren’t even dreamed of yet.

Something else that will help: Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

Podcast audio


5 comments on “How Can I Protect Myself From Scams?”

  1. One place you might want to report a scam or scammer is with the FTC (Federal Trade Commission). Their website is at:

    Do take care to include the “s” in the “https://”, and the “.gov” at the end of the URL — that’s how you can be sure the website is authentic. ;)

    • That might be effective in rare cases, but law enforcement is swamped with so many cases they prioritize what they consider the most important. And to make matters worse, the vast majority of spam and scams comes from other countries that don’t have the facilities to deal with it or simply don’t care. So unless you’ve been the victim of a scam, reporting a scam attempt is likely a waste of time.

  2. Yes, and it wastes the time (and our tax money) of the agency you report it to.

    If it’s suspicious enough that YOU know it’s a scam, don’t you think the professionals who deal with this fulltime already know about it? Don’t bother them; just delete it and move on.

  3. When I get an email from a friend asking me to do ANYTHING, I call my friend to make sure (s)he sent the email before I do anything else. I have received email messages from people purporting to be high school/grade school classmates. If they did not provide contact information, I’d delete the message. After all, why would someone who knew me in high school or grade school want to re-connect now (I’m in my 70s). On Facebook or Twitter, I NEVER join any of the myriad organizations purporting to help some malady. If I want to contribute to the Cancer research Fund, or any other organization, I can do so directly (and not through some link on Facebook/Twitter). I NEVER assume that ANYONE on the Internet (especially on social media) is who they say they are until I can confirm it for myself. For example, when I get a friend request on Facebook, if I know the person, I call on the phone to make sure they sent the request before taking any action. If they sent it, I friend them, if not, I deny the request. If I don’t know them, I ignore the request (why would I want to be friends with someone I don’t know?).

    The bottom line is if it comes from the Internet, don’t trust it until you can confirm for yourself that it is as it claims to be, regardless of whether it is a social media post/friend request, an email message, or anything else you may encounter. If it comes from the Internet, it may not be what it claims to be, so be skeptical.




Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.