Does it seem like you’ve been getting a lot more text messages and calls from scammers lately? There seems to be an uptick, and in a few cases the senders or callers seem to have at least some correct information about their targets.

This first text message is an old-fashioned, non-targeted attempt that preys on potential victims’ security fears:

Your browsing history showed visits to unsecured websites. You now have (3) virus on your phone. Clean your phone [link redacted] ASAP

The next one has been reported by a lot of AT&T mobile customers, indicating that some information linking their name with their mobile phone provider (and number) has fallen into the wrong hands:

AT&T Free Msg: [correct first name], we accidentally overcharged your account last month. Kindly your reimbursement here: [link redacted]

There are other versions that mention a “gift” or “freebie” for paying your bill, “appologies” for signal issues, or a threat that your phone will be locked unless you follow a link.

On the robocall scam side of things, one common fraud attempt again apparently has linked potential victims with using (or having used) AT&T services at some point. One such robocall message goes like this:

“Hi there I’m calling you from AT&T DIRECTV to let you know that your existing account is qualify for 50% off. In order to avail the discount kindly call us back on [phone number redacted] thank you and have a great day.”

Student loan forgiveness is a hot topic these days, and this next robocall tries to strike up a conversational tone with potential victims. Since this call is also received by people without any student loan debt, it does not appear to be a targeted attack using personal information. The only unusual thing is the use of the correct current date in the call:

Hello this is Jay following up with an earlier request for a evaluating student loan forgiveness options or possible or payments. It’s currently [correct current date] and the reason for my call today is that we were never able to reach you to complete your student loan forgiveness application. Please give us a call by the end of business day today otherwise we do have to close out your application process. Please give us a call at [phone number redacted]. That is [phone number redacted]. Thank you.

In every case above, the only correct response is to ignore and delete. You can block the numbers, but since the scammers use a new randomly-generated fake phone number every time, it won’t do much good. Never call them back to tell them to stop contacting you; all this does is confirm that your number works. They absolutely will NOT stop calling. They will do the opposite.

One tool some mobile phone providers offer is the ability to silence incoming calls from numbers that aren’t in your contacts. This means you have to make sure certain numbers are saved in your phone (all possible work numbers, friends, relatives, medical providers who might call), but these tools can cut down a lot of annoying interruptions, at least from robocalls. It’s a lot easier to recognize and deal with robocalls when they’re just a (partial, usually) voicemail instead of a live call.

If you’ve played the free version of any mobile games, you’ve probably seen more than your fair share of advertisements for other games while playing. After all, running ads for other applications is the primary source of income for most apps that have a non-paid version.

You may have noticed a number of ads for “brain games,” along with some pretty wild claims about their effect on cognitive function. Some advertisements will display “Your brain age is…” and a number that starts at 100 but begins to decline as the video of gameplay continues. The implication is that this game will either assess your cognitive state, or even reverse your brain’s aging process. Other ads charge out of the gate with “This game cures Alzheimer’s!”

First, that claim about curing Alzheimer’s is utterly false. There is no cure for this disease, and there are certainly no computer games that will diagnose, prevent, or reverse it. These advertisers are preying on anxiety about getting older. And it works. Dementia is frightening.

The truth is that there is no proof that these games provide anything but a diversion. Published science (the kind where actual science people do experiments using the Scientific Method, and then more science people say “hey wait, let’s do that again to make sure”) has found no real cognitive benefit to these so-called “brain games.” Nobody went in aged 85 and came out with the brain function of a 30 year-old, no matter what the advertisements might indicate.

But…the people who play the game got better at it; that means they’re reversing cognitive decline, right? Not that any experts can detect outside of playing the game itself. In other words, when you play a game over and over, you tend to get better at it because you learn what to do.

But…isn’t stimulation good for your brain as you age? Of course it is. But there are vastly more and better ways to get that stimulation and keep your brain as healthy as possible for as long as possible, other than matching shapes on a smartphone. Reading books, talking to other people, going for walks or other physical activity, eating right—all of these are far superior to playing a mobile game. Perhaps playing a mobile game is preferable to sitting and doing nothing, or staring at a TV, but probably not by much.

One of the common tactics used by con artists is to prey on fear or anxiety. Notice when an advertisement for a new mobile app is using this same method, and ignore ads that use unproven medical claims. A game that was proven to improve brain function and slow or reverse dementia would be considered a medical device and have to be approved by the FDA. And let’s face it—it would likely cost a lot more than $1.99.

Besides, almost every mobile game you see advertised in this way ends up just being a knockoff of a certain other confection-based game you probably already have installed.

You’ve heard of identity theft. Someone gets ahold of your name, date of birth, address, maybe some assorted other information, and of course your Social Security number. They use this information to open new credit accounts, wring all possible cash from those credit lines as quickly as possible, then move onto the next victim. Meanwhile, lenders and the credit bureaus believe YOU did all that, at least until you clear your name, which can take a lot of time and effort.

But have you heard of Synthetic Identity Theft?

This type of fraud starts with a real Social Security number, but pairs it with other information fabricated by the identity thief. So you might end up with your SSN being used with someone else’s name, a different address, DOB, and other details. Since the information, taken as a whole, is not linked to any real person, it makes this type of identity fraud very hard to detect.

Thieves also use this synthetic identity differently. Rather than quickly opening new credit lines, draining them, and moving on, they might establish a longer relationship with a financial institution over months, even years, using the accounts legitimately to build credit and good standing before making the final withdrawal. They may even commit “fraud” on their own synthetic identity, and attempt to get reimbursed for the “loss” before making their final move. The difficulty in identifying a victim buys them time.

Of course, eventually all that activity is linked back to the one piece of information that is real: the victim’s Social Security number. Someday, the bills and collection calls start rolling in.

The problem for the thieves, of course, is that a “used” SSN already attached to a credit history might raise red flags if it appears in a credit pull (when the creditor checks the applicant’s report) with a completely different name attached. This can result in the new account not being opened. This makes people with no credit history attractive targets for synthetic identity theft. And this makes children particularly lucrative potential victims. Not only do they have no credit history, if the identity thief gains access to their SSN early enough, it may be many years before the victim is even old enough to apply for credit.

When you’re checking your own credit report for unusual activity (at AnnualCreditReport.com), it’s important to also check your children’s reports as well, essentially to make sure no credit lines are currently open under their Social. Be sure to report anything suspicious. You don’t need your or your children’s credit score, just the report itself to make sure there are no unauthorized accounts.

If you’ve got stuff to sell, there are plenty of online options. eBay and Facebook Marketplace are probably the most well-known, but there are plenty of others. And it’s possible to bring in some decent money while decluttering your own living space.

However, there are also plenty of people who will attempt to steal money from online sellers, and one of their most-used strategies is to convince you to accept payment off-platform.

Don’t fall for it.

If you’re selling something on eBay, for example, when someone purchases your item, make sure you do everything through eBay’s platform, including accepting payment and entering tracking information when you ship it. Do not allow a buyer to either mail you a check or pay through Venmo, Cashapp or PayPal Friends & Family, because you’re setting yourself up for a fake check scam.

The classic version of the fake check scheme uses a counterfeit cashier’s check, made out for a vastly higher amount than the agreed-upon price. When you ask the buyer why the check is so large, they will claim to have made an error—but hey, no big deal, just wire the difference back to them after you cash it! Of course, a few days later the check is returned as counterfeit, and if you wired money to this stranger, there’s no recourse. And if you already shipped the item, you’ve lost that, too.

However, there is a new version of this scam becoming increasingly popular. The buyer will offer to pay with one of the popular peer-to-peer apps (Venmo, CashApp, PayPal Friends & Family). The seller then receives a fake payment confirmation and sends the item, having not received any actual funds. In other cases, money will show up, but the buyer will have used stolen credit card information to make this payment. Once the credit card issuer discovers the fraud, the money disappears from the seller’s—your—account.

One of the first signs of a scam is a buyer wanting to communicate off-platform. Marketplaces such as eBay have their own messaging and payment systems in place to provide a digital “paper trail.” By keeping a record of every interaction between buyer and seller, the company can provide protections to both parties and help resolve disputes. As soon as you move your communications to text message or another platform, you have no record of anything the buyer said. You’re also violating the seller terms of service in a lot of cases, and you could lose some or all of your seller protections for doing so.

It’s hard not to think about: if you had bought $50 worth of Bitcoin back when it was trading at $0.08, and managed to not sell it, not have it stolen, and keep track of the hard drive or other device your coins were stored on for the last 11 years or so, you would have…well, a whole lot of money if you sold it today. Millions of dollars.

This makes the idea of “investing” in other potentially up-and-coming cryptocurrencies (i.e., speculating) extremely tempting. And if you can truly afford to lose the money (by which I mean this: if literally throwing the amount of cash you are using to purchase cryptocurrency into a hole would not affect your financial wellbeing in any way whatsoever), there really isn’t anything stopping you. I’m not going to tell you to do it, or not to do it.

However, if you decide to go for it, you should know that crypto scams are rampant.

For the most part, cryptocurrency has gone mainstream. It’s still unregulated and not backed by anything or anyone, but at the same time you can now purchase coins through apps like PayPal, investment platforms like Robinhood, or dedicated crypto trading apps such as Coinbase (this is not an endorsement of any of the above, by the way). It’s a do-it-yourself kind of thing.

This means you don’t need anyone’s help getting into cryptocurrency. Anybody approaching you on the internet with an “investment opportunity” (for anything, but we’re talking about crypto today), or offering “help” getting into trading, has only one goal in mind: to steal money from you.

Some of these schemes are simple “take the money and run” deals, but some are more complex. They will take your initial investment, then show you a website that allegedly shows your money magically growing. You only transferred $1,000 (via Cashapp or some other P2P payment app) to this dude and look!—you’re already up to $24,000 in a few weeks!

Now try to withdraw your “earnings.” That’s when the runaround begins. They’ll tell you that you can’t take it out just yet, or to withdraw those funds, you have to add more cash to the “account” first. Maybe a few thousand this time? After all, you’ve already earned much more than that, and the gains aren’t stopping. It’s like magic!

The truth is, there never was an account. The scammer simply took your money, showed you a fake website with fake numbers to encourage you to “invest” even more, and then tried to get still more when you inquired about withdrawing it.

There are also “money mule” schemes involving crypto, which start with a stranger asking for your help with this whole “Bitcoin thing” they don’t quite understand but want to get into. They’ll send you some money through Venmo or Cashapp, ask you to purchase Bitcoin or another coin, tell you to keep a little for yourself, then hand over the crypto wallet information. What you’ve just done is volunteer to be the only traceable link in a money laundering operation.

If you are truly interested in cryptocurrency, if you’ve read up on the risks, if you have said “yes, I am doing this,” if your financial situation is such that you could watch that $20 or $50 or $50,000 catch fire and burn away to ashes in front of your eyes without shedding a single tear, then have fun out there, best of luck, don’t accept help from strangers, and don’t believe anyone asking for your assistance. If you’re going to lose your money on an extraordinarily risky investment, do it the old-fashioned way and throw it out the window yourself. Don’t let some scammer take it from you.

Millions of people go online in search of romance, and while it does work out for a lot of folks, there are also plenty of fishy people lying in wait, pretending to be interested in a relationship for the sole purpose of stealing your money (or having you become the only traceable link in a money-laundering scheme). Here are three warning signs you do not want to ignore.

For most people, the entire point of being in a relationship is to eventually occupy the same physical  space as one another; in other words, to make googly eyes at each other in person (presumably while drinking a chocolate malt with two straws while Bill Haley and his Comets plays on the jukebox) rather than online. If your attempts to arrange to meet someone in real life (in a well-lit, public place, after letting other people know where you’re going and whom you’re meeting) are repeatedly met with last-moment excuses why they can’t show up, it is time to suspect that the person you’ve been talking to is not who they claim to be.

On a similar note, another common feature of romance scams is a list of excuses for why the other person cannot talk via video chat. They’re always in an area with a poor internet connection, or they’re just too busy with their extremely successful career to show their face in real-time video. They’ll send photo after photo, but when it comes to seeing each other over FaceTime or Zoom, there is always a reason they can’t…just yet. Of course, what is really happening is that they are not even remotely who they claim to be, and video chatting would spoil the illusion.

Finally, as soon as the person you’re communicating with brings up money or checks, whether they’re asking you to send money to them, receive money and distribute it to others, cash a check for them and return the funds via wire transfer, something involving CashApp or Zelle or PayPal…anything, at any time, for any supposed reason, this confirms that you are talking to a scammer. As painful as it can be to realize you’ve been tricked, stop all contact immediately, and do not accept any further communication from them. There is no salvaging the “relationship” because there never was one. It’s over.

Sometimes when I’m looking for a new scam (or a new angle on an old scam) to write about, I will check out the “Scams” forum on the social news website Reddit. The posts on this forum mostly consist of users describing a website, email or text message, offer or other situation, in order to ask forum members if it sounds fraudulent.

In nearly 100% of the posts I have ever read, the answer is a resounding “yes!”

Many of these users are young, so their experience of the world is likely somewhat limited. They’ve also grown up with no knowledge of a time before the Internet. It’s just a daily part of life to them. A deal offered online is no different or more suspicious than a coupon from a supermarket.

But if you’ve been around a little longer, it is often painfully obvious within the first few words of the post that yes, what you’re describing is a scam. It becomes repetitive quickly.

“Is this a scam? I found brand new Xbox on Facebook Marketplace for $50 and—” YES. SCAM.

“Is this a scam? I was on a dating site and matched with a guy who works in an oilfield—” YES. SCAM!

“Is this a scam? This site is selling Air Jordan 14—” YES! The URL is a string of random letters and was registered two weeks ago. Absolutely a scam.

“Is this a scam? I deposited my Bitcoin into—” YES. Sorry to say, your money is gone.

Which brings me to the point: it almost doesn’t seem to matter what the details of each situation are. Every single post like this starts out with the same question. The fact that they’re asking the question at all shows that, deep down, they already know something isn’t right. The lucky ones pose the question before they’ve given away money or personal information, but too often they are asking after the fact when it’s too late. I’ve read a lot of variations on, “It sounded kind of weird, but I…”

Trust your instincts, especially when it comes to the intersection of Internet strangers, your personal information, and your money. If you’re even wondering if something is a scam, it’s time to stop and think very hard about the next step.

Here’s a scheme used by fraudulent sellers on sites like eBay and Facebook Marketplace, or third-party sellers on Amazon, Walmart or other retailers. The buyer makes a purchase and submits payment, and the seller responds with a USPS, UPS or FedEx tracking number. Several days later, the tracking shows the item as having been shipped and delivered. However, either no package ever arrived at the buyer’s home at all, or a tiny, worthless item was shipped (i.e. the buyer orders a laptop but receives a ring from a toy vending machine).

When the victim reports the issue to the website they bought the item through, the scammer will attempt to use the tracking information to refute the claim, essentially “proving” the item was delivered. The major selling platforms are aware of this scam and have some steps in place to deal with it, but it’s still not easy to prove a negative; do you send a photograph of your porch with no package on it? After all, there are also fraudulent buyers who will receive an item, claim it never arrived, then get a refund through the site or payment processor.

The best way to rectify this scam is to not fall for it in the first place, and the number one way to avoid this type of scam is to never believe a sale price that’s too good. Unless you find Easter candy on a Target endcap in October, or run across a going-out-of-business sale at an actual brick-and-mortar store, you’re not getting 90% off anything. Especially online.

Nobody is legitimately selling a hard-to-find $700 graphics processing unit for $70. Or genuine Ray-Ban sunglasses for $20. Or $150 Rolex watches. $80 iPhone 12’s. $50 Jordan 14’s. It just does not happen in the real world. There are discounts out there, sure, but if the price seems too good to be true, assume something isn’t right.

Remember that manufacturers don’t discount high-demand, low-supply items. They don’t HAVE to. If it’s sure to sell out anyway, and they’re only making a limited number, why would they needlessly reduce their own profits? It always pays to remember how the world really works.

There has been a data breach.

Who? When? Where? How? What company was breached?

That part I can’t tell you. The truth is, there has ALWAYS been a data breach, at some point, somewhere. Sometimes it’s a big story, like the Anthem consumer data or Target card reader breaches from several years ago. Sometimes it doesn’t make the news at all. Sometimes companies deny there has been an intrusion at all (until Brian Krebs publicly posts the proof on his website).

It’s just a fact of modern living: unless your entire life has been lived completely off the grid, a chunk of your personal information is already out there, in the hands of people you’d rather not have it. It could be your name, phone number and the last four of your SSN. It could be almost everything about you, full account numbers and passwords, date of birth, the whole enchilada. Most likely it’s a mixture of different data points.

It could just be your first name, mobile phone number and provider. Just those three pieces of information can be useful to scammers and identity thieves. Look at these text messages an acquaintance of mine received twice this month (one day apart):

1. AT&T Free Msg: bill is paid. Thanks, [Correct First Name]! Here’s a little gift for you: [link redacted]
2. AT&T Free Msg: bill processed. Thanks, [Correct First Name]! Here’s a little freebie for you: [completely different link redacted]

Those links likely lead to a website designed to harvest the victim’s AT&T login information, then would probably go on to ask for banking account or other personal information, or attempt to glean credit card data in some form of advance fee scam. It could even be a “your phone is infected with 27 viruses, call this number to fix it” scheme. The possibilities are really endless.

This acquaintance does use AT&T as their mobile phone provider. They have automatic payments set up to come out about ten days after these texts showed up, so it wasn’t too hard to see that something suspicious was afoot. But how many people get this text message the day after they make their AT&T payment? If you’re not paying close attention to the fact that AT&T doesn’t give you free things just for paying your bill, or that they would use an “att.com” or “att.net” website instead of [random string of letters and numbers].info, you might end up clicking on that link and thinking you’re logging into to your real AT&T account before you knew what happened.

Always remember that scammers might have enough information about you to make their pitch seem realistic. A text or email that uses your name, or has some other correct piece of information about you, doesn’t prove anything anymore. There have been enough security breaches (not to mention sales of data like buying habits and interests) for anyone to construct a plausible fraudulent offer.