Common Online Scams and How to Handle Them

How to protect yourself from online scams

Written by JVF Solutions

JVF Solutions is your premier source for all things online. From responsive websites to digital marketing services to online marketing strategy, we've got you covered.

February 28, 2024

Hackers are getting more creative in their quest to exploit innocent people. From taking over social media accounts to threatening to publish embarrassing videos, these criminals are relentless. The good news is that these issues are easy to avoid. The bad news is that if you’ve fallen prey, it can be difficult to fix. But in most cases, it is possible to recover.

Before we get into some common scams, let’s review a few dos and don’ts:


  • Use multi-factor authentication when possible. Most issues happen when hackers access your username and password (which can often come from a breach). Having a second step such as a code sent via text, email, or authenticator app can protect you.
  • Use unique & strong passwords. Hackers will often try credentials they find on multiple sites. So if they have your Facebook credentials, they may try them on LinkedIn.
  • Cover your webcam when not in use. You can use a sticky note or buy a camera cover.
  • Report suspicious social media accounts. Each service provides a way to block and/or report accounts.
  • Delete the message. And be sure to empty your trash.

  • Share authentication codes. If someone tells you they want you to check something out and will send a code to your phone, they’ve probably been hacked. Never, ever share these codes.
  • Use guessable passwords. With AI tools, it’s not difficult for hackers to scan a user’s social media presence and generate potential password combinations.
  • Click on links from strangers. Ignore emails, DMs, or texts from people you don’t know. And even if you know them, don’t click on links unless you can see the actual URL and know where it’s taking you.
  • Take and/or share photos you don’t want the world to see. It’s so easy to send a photo to the wrong person, or for someone playing with your phone to send photos to themselves.
  • Send money to the hacker.  It’s usually a scam. Plus, there’s no guarantee that they’ll stop demanding money even after you send it.

Scam 1: Sextortion

In recent years, a disturbing scam has been circulating via email, preying on people’s fears and vulnerabilities. The scam involves hackers claiming to have compromising video footage of you watching adult content. They threaten to release this video unless you pay a ransom in cryptocurrency (usually Bitcoin). The email will often have a password that you use (or used in the past) somewhere in the message (typically the subject).

What’s happened here is that your password was leaked. A common cause is that a site you used the credentials on was breached, and the list was put up for grabs on the dark web. It’s easier for the hacker to create an email template and send a threatening note to everyone on the list than to try to every set of credentials.

The important thing to note is that in most of these cases, there is no such video and the hacker does not have access to your system. However, we recommend running a virus & malware scan to confirm there’s no malicious code on your device.

Scam 2: Sextortion Part Deux

A variant of the email scam is a hacker reaches out via a social media direct message and shares embarrassing pictures of you. If you don’t send them some funds in cryptocurrency, they’ll send the photos to your social media contacts.

The photos typically come from your social media accounts. Often, the hacker uses an AI tool to alter them or create a deep fake. In other cases, someone who had access to the photo may have shared it.

In other cases, it’s possible that the service that backs up the photos on your phone has been compromised. This is rare and these hacks tend to target celebrities. However, it’s possible the hacker could have found your iCloud or Google credentials and gained access to the images. But again, this is rare.

Regardless, it makes sense to run a malware scan on your device. Then change the password on any social media and photo backup accounts involved.

Scam 3: Social Hacking

A friend reaches out via direct message because they need money. Or, there’s this super cool new social media site that they want you to check out. They ask for your cell phone number (their phone was recently replaced so they no longer have it). Then you get a code to share with them. Moments later, you’re locked out of your account and you’re receiving texts from friends asking if you’ve been hacked.

We all spend a lot of time building our social media presence. And in a matter of seconds, everything can be gone if you fall victim to this scam. With so many people falling victim to these scams, the social media services have started putting a process in place to help. For example, if this happens on Instagram, you can go to

There’s no guarantee that you’ll be able to get your account back. And it doesn’t help that social media services aren’t always easy to get in touch with. So, your worst-case scenario is that you start over. Unfortunately, this is one of those scams where multi-factor authentication won’t help you – this scam exploits it.

What to do when you fall victim:

First, keep calm and take inventory of the situation. Is there an actual issue? Did you share the code or click on a link? If not, don’t panic. Just delete the DM or email and if possible, block and report the sender. Then run a quick malware scan on all affected devices and change passwords if appropriate.

If you’ve clicked on a link or shared your code, run a malware scan on the affected device immediately. Then, if your social media account was hacked, below are the links on what to do next:






X / Twitter:

And remember to not beat yourself up because you became a victim. These criminals prey upon people who don’t understand technology. Just make sure you continue to educate yourself and let others know about the scam so they don’t make the same mistake.

Reporting to local authorities

In most of these cases, it’s nearly impossible to track down the cybercriminal. It doesn’t hurt to reach out to your local police department, but your mileage may vary. These issues are so common that many police departments lack the bandwidth to do a full investigation. However, they are best suited to determine whether a crime was committed and can advise on next steps.

Preventing scams:

We have a list of dos and don’ts at the top of the article so be sure to review them again. Following these guidelines will help. But always be suspicious when you receive something that doesn’t seem right. If you receive a link or DM from a friend, call them to verify. If you can, shut off the automatic loading of images in your email client. This will prevent any tracking images from alerting the hacker (and spammers as well) that you’ve opened the email.

If you need help:

With anything crime-related, you should always start with your local police. They will advise if other agencies need to be involved.

We can always help advise you on steps to take to prevent a hack and what to do after a hack. Feel free to reach out to us via our contact page and someone will get back to you.

We’ll keep this article updated so be sure to bookmark it.



You May Also Like…

WordPress 6.5: What to Expect

WordPress 6.5: What to Expect

WordPress 6.5 will be the first major release of 2024. It's currently scheduled to be launched on March 26th, but that...


Pin It on Pinterest

Share This