Web of Deception: Online Scam Prevention

“Cash App” scams and unsolicited texts are surging as Americans are increasingly exposed to online fraud.

Written By: Security.org Team | Published: March 4, 2024

The internet offers us countless opportunities to connect with others, but it can also expose us to a growing number of deceitful schemes that put our security, personal information, and finances at risk.

In the constantly evolving digital world, staying informed about the latest internet scams is crucial. This is why we’re following up on our 2021 report with all-new insights from 1,026 Americans about their recent experiences with cybercriminals and the latest online schemes. We’ll also show you how to spot and stop fraudulent activity online and protect your personal data.

Here are the latest statistics from our research on new online scams:

  • 68% of peer-to-peer payment app users say someone has scammed or attempted to scam them, up from 42% in 2021.
  • About 26% of cryptocurrency owners say they’ve been targeted by scams. Most often, victims lost money when they thought they were sending cryptocurrency to a well-known figure in the crypto world.
  • 37% of gamers have been the target of a gaming scam at least once. Most frequently, gamers clicked on a fraudulent link they thought would give them free in-game accessories or upgrades.
  • Malicious links in text messages are becoming increasingly common: 66% of Americans have gotten a suspicious text from someone they didn’t know, and about one in five have clicked on links in text messages from senders they did not know.
  • 22% of people in our study bought something on social media that they have yet to receive.

15 Internet Scams You Need to Be Aware Of

  1. Peer-To-Peer Payment App Scams
  2. Cryptocurrency Investment Scams
  3. Gaming Scams
  4. Malicious Link or Phishing Text Message Scams
  5. Social Media Shopping Scams
  6. Student Loan Forgiveness Scams
  7. IRS Impersonator Rackets
  8. Bank Impersonator Scams
  9. Package Delivery Scams
  10. Google Voice Verification Code Scams
  11. Work-From-Home and Other Job Scams
  12. FEMA/Disaster Recovery Scams
  13. Sextortion/Romance Scams
  14. Apartment and Vacation Rental Scams
  15. Facebook Marketplace Seller Scams

Peer-to-peer payment scams, phishing frauds, cryptocurrency schemes, and various gaming scams have become more sophisticated in recent years. Other new and timely scams include IRS impersonation scams and student loan forgiveness scams. The huge popularity of online shopping has also added fuel to package delivery scams.

1. Peer-To-Peer Payment App Scams

About 76% of Americans use a peer-to-peer (P2P) app, such as PayPal, Venmo, or Zelle, at least once a week. Though convenient and easy to use, these apps are especially susceptible to scammers since it’s typically the users’ responsibility to ensure that transactions are legitimate.

According to our latest research, 68% of peer-to-peer payment users in 2023 experienced some form of attempted (or successful) scamming activity while using the apps. That’s up from 42% of users in 2021. The most common type of scam involves fake prize winnings.

Which of these situations has happened to you when using peer-to-peer payment apps? Percent of P2P app users
Someone claimed I won a prize but needed to pay fees or taxes to receive it. 20%
I paid for something and did not receive the product/service. 13%
Scammers asked for my payment authentication codes for a transaction. 12%
The scammer pretended to need help moving a large sum of money and asked for a small “fee” first. 10%
I clicked a text/email with fake customer support information. 8%
A scammer built an online relationship with me and then asked for money under false pretenses. 7%
The scammer overpaid for an item with a fraudulent check and then asked for the “overpaid” amount back. 6%
I sent money to the wrong person and never got the money back. 6%
I received a payment that was later reversed because the original funds were stolen. 4%
The scammer posed as an employer, asking for fees they promised to reimburse but never did. 3%
Someone promised to multiply my money but disappeared once they received the funds. 2%

Note: Multiple selections allowed.

According to our study, P2P app users noticed attempted scams most often on PayPal, followed by CashApp. Very few users saw scam attempts on Apple Pay.

Preventing Peer-To-Peer Payment App Scams

As long as you know the warning signs of peer-to-peer payment app scams, you can use them and safely enjoy their convenience. Follow these tips:

  • Use phone numbers, email addresses, or QR codes to verify a recipient’s identity before you send money.
  • Activate all identity verification options available to you in an app. The recipient of any money transfers must go through various extra steps to pass muster with security.
  • When paying a new recipient for the first time, send a $1 test payment and confirm the correct person received it. This step is even more critical when transferring large amounts of money.
  • Move the money you receive in your P2P app to your bank quickly so that Federal Deposit Insurance Corporation (FDIC) insurance kicks in.
  • Monitor your P2P accounts routinely. If fraud occurs, you may catch it early enough that the impact on you is minimal.
  • Close and delete all P2P apps you do not use.

While P2P apps are beneficial, you shouldn’t use them for all types of transactions since fewer protections are in place in case of fraud. Instead, use credit or debit cards with built-in purchase protections whenever possible.

2. Cryptocurrency Investment Scams

Cryptocurrency (“crypto” for short) is an unregulated global and digital currency that takes the form of “coins” or tokens. A few examples are Bitcoin, Ethereum, and Litecoin. While crypto investors appreciate that the currency is unregulated, this also makes them more susceptible to scams and fraud.

Our latest cryptocurrency report found that 30 percent of Americans in 2023 own cryptocurrency, up from 15% in 2021. Unfortunately, we also discovered that 26% of crypto owners had been targets of scams. In recent years, crypto values have declined rapidly, and major exchanges crashed, meaning many people have lost money on their investments. Some may have been desperate to recover their money, leaving them vulnerable to bad actors.

Which of these situations has happened to you when using cryptocurrencies? Percent of crypto owners
A scammer pretended to be a well-known social media figure in the crypto world and asked me to send them a small amount of cryptocurrency, promising to return a larger amount, but they never did. 8%
My cryptocurrency was stolen when I put it in a bad exchange. 7%
I’ve lost cryptocurrency in a cyberattack. 5%
I was promised high returns if I invested in crypto, but it was a Ponzi scheme. Early investors were paid with the funds of later investors. 5%
Scammers hyped up a certain cryptocurrency, I bought in, then they sold their shares, causing the price to plummet. 5%
I lost cryptocurrency when the creators left with my money. 5%
I’ve lost cryptocurrency in giveaway scams. 5%
I invested in a cloud mining operation that promised consistent returns, but it was a scam. There was no mining happening, and the returns were not paid out. 5%
I downloaded cryptocurrency-related software that was actually malware. It stole my wallet’s private key and drained my funds. 5%

Note: Multiple selections allowed.

Crypto scammers may pose as virtually anyone, including celebrities and government representatives. They can claim to be from your bank or FedEx, and contact you about problems, such as possible account fraud. They’ll claim you can only resolve these issues by you purchasing crypto and sending it to them (don’t do it!).

Ways to Prevent Cryptocurrency Scams

How do you stay protected from cryptocurrency scams if you’re an investor? As with all types of fraud, be wary of any unsolicited questions, emails, texts, or calls about your investments, and never give away your account information to anyone. According to the Federal Trade Commission, if the following happens to you, it’s likely a scam:

  • Someone says you must pay in cryptocurrency (especially in advance): Legit companies rarely require crypto payments as the only way to do business with them.
  • Someone guarantees huge profits: No one can promise any type of return in the markets. A person who makes guarantees is a con artist.
  • If a person you’re dating online asks to show you how to invest in crypto or requests crypto: this is typically a sure sign of a scam.

Properly storing your cryptocurrency is also essential for avoiding scams. Check out this guide for the safest way to store Bitcoin in cryptocurrency wallets, such as a paper wallet, hot wallets, digital wallets, cold storage, and other options.

3. Gaming Scams

Fraud in video games is a big problem that spoils the fun for players. Our study found that 37% of gamers have been the target of a gaming scam at least once. People can trick others by selling fake in-game items and money on unauthorized websites. They also make phony game codes and sell them. This cheating hurts gamers by stealing their money and messing with their accounts. As gaming gets more popular, players need to be careful. Knowing about fraud, protecting yourself, and keeping your gaming stuff safe is important.

Which of these situations has happened to you during online gaming? Percent of online gamers
I’ve clicked on a link to a seemingly legitimate website that promised free in-game accessories or upgrades. 14%
My account was hacked, but I never gave out my login information. 13%
Another player I’d never met formed a relationship with me and then asked for money or personal information. 10%
Scammers pretended to be game staff to get my personal data. 10%
I was offered access to an upcoming game in exchange for personal information or money, but the game didn’t exist. 10%
I paid for in-game items or currency that I never received. 9%
I was offered a free game that was actually a virus. 8%
Scammers promised cheat software but used them to infect my computer with a virus or steal my personal data. 7%
I was tricked into giving my login details and they stole my account or in-game items. 7%
Scammers created a fake tournament, asked for an entry fee, and then disappeared. 5%

Note: Multiple selections allowed.

How to Avoid Gaming Scams

To prevent hacking and phishing while playing video games, take these general precautions:

  • Avoid clicking on links in emails offering free in-game items; instead, log into the game directly.
  • Use strong and unique passwords for your gaming accounts, not ones you’ve used elsewhere. Never share login, personal, or financial information with people claiming to be gaming staff or online partners.
  • Be cautious of too-good-to-be-true offers, especially those promising free access to new games in exchange for personal information or early access at a heavily discounted upfront cost.

4. Malicious Link or Phishing Text Message Scams

Malicious link scams pose a significant threat in the digital landscape, targeting unsuspecting internet users. These scams often involve deceptive emails, text messages, or advertisements that lure individuals into clicking on harmful links that can capture personal data. By clicking these links, people open themselves to identity theft, financial loss, or the installation of malware on devices.

These scams can look like:

  • “Oops, wrong number!” texts
  • Emails and texts pretending to be from Amazon or other retailers
  • Free-gift QR codes
  • Tech support scams that gain remote access to your computer
  • Late or failed package delivery messages

Unfortunately, malicious links in text messages are becoming more and more common. 66% of Americans have gotten a text from someone they didn’t know trying to make conversation, and about one in five have clicked on links in text messages from senders they did not know.

Which of these have you ever experienced? Percent of American adults
I received a text from someone I didn’t know trying to make conversation 66%
I received a text confirming a purchase that I didn’t make 52%
I received a text that appeared to come from a bank with a link for me to login to my account 41%
I clicked a link in a text message from someone I didn’t know 21%

Note: Multiple selections allowed.

Preventing Malicious Link or Phishing Scams

These scams are so insidious in part because they can appear legitimate with messages featuring company logos and the like. Here are a few ways to stop scams before they impact you:

  • Ignore messages, emails, and text messages from people you don’t know, and block unknown senders.
  • Ignore unexpected emails or texts, including those that claim failed log-in attempts or suspicious activity.
  • Watch out for messages with generic greetings such as, “Hello, Dear.”

Legitimate companies do not email or text you to update payment details. If you want to access your account to check on billing, never click on a link in a suspected scam message. Instead, type in the URL or Google the company in case you don’t remember the URL.

5. Social Media Shopping Scams

Shopping through social media is becoming increasingly common. Young adults are especially likely to buy something on a social media platform without leaving the app. However, 22% of people in our study bought something through social media that they never received. This was more likely to happen among younger adults since they spend more time on social media than older adults.

Beware of this common online shopping scam: You click on a product link on social media and purchase on the company’s website but receive an email stating that the item is out of stock and you’ll get a refund. However, the refund never arrives, and the company remains unresponsive when contacted. Likely, the product never existed, and scammers rely on you not noticing the missing refund.

Thankfully, if you paid with a credit card, you can dispute the charge and recover your money. Before buying from social media, research the business with the keyword “scam” to check for any red flags like unbelievable deals or fake coupons. Always use your credit card for added protection.

6. Student Loan Forgiveness Scams

Beware of student loan forgiveness scams as they take advantage of the confusion surrounding this issue. Scammers may promise partial forgiveness or work opportunities to reduce your debt, but they have ulterior motives. These scams often involve upfront or monthly fees, requesting your Federal Student Aid login details, and pressuring you to enroll immediately.

In June 2023, the U.S. Federal Trade Commission sent out about $3.3 million in relief to 37,800 consumers who were victimized in a student loan forgiveness scam. In this situation, scammers promised debt cancellation or consolidation to customers who paid upfront fees.

The U.S. Department of Education advises watching out for grammatical errors and password requests, as they never ask for passwords. Contact your loan servicer if you worry about paying back your loans. Trying out a dicey scheme is not the way to go, and servicers working with the Education Department offer their services free to you.

Ensure your loan servicer is on the approved federal student loan servicers list, and avoid responding to suspicious emails or texts claiming to be from your lender.

7. IRS Impersonator Rackets

Since 2018, more than 75,000 people have lost about $28 million to scammers pretending to be IRS agents. These scams increase around tax time as Americans try to file their taxes or get extensions.

It’s important to remember that the IRS initiates contact with taxpayers through U.S. postal mail. In special cases, agency reps may call taxpayers or go to their homes or businesses if they owe money. They may also need to tour a business during an audit or investigation. If someone claiming to be an IRS agent visits you, first ask to see their HSPD-12 card. Remember, IRS collection employees will ask for payment only to “U.S. Treasury.”

The IRS will not contact you through email, texts, or social media. If you suspect you owe money, contact the IRS directly using the information on their official website—never click on links in messages. Authentic IRS personnel will not make threatening or demanding statements, involve police or immigration, or request immediate payment via gift cards or prepaid debit cards. They will not ask for your card information via phone, text, or email. Stay vigilant and report any suspicious activity to the IRS.

8. Bank Impersonator Scams

According to the FTC, bank impersonation scams are the most reported type of text message scams. Scammers pretend to be from financial institutions like Bank of America or Wells Fargo. Their texts are designed to create a sense of urgency, often by asking people to verify a large transaction they did not make. Those who respond are connected to a fake bank representative who may obtain bank account credentials and other sensitive information, which can lead to identity theft.

To avoid falling for bank impersonator scams:

  • End phone calls from anyone claiming to be from a bank. Remember, caller ID is not always accurate, and scammers can manipulate the numbers on the ID.
  • Don’t share personal information or account numbers with people claiming to represent banks over the phone.
  • If in doubt about communications from your financial institution, go to a local branch in person to discuss the matter with employees.
  • Avoid downloading any attachments to “bank” emails and texts.

9. Package Delivery Scams

Delivery scams are the most common text scams after bank impersonation. Since many people shop online, scammers exploit this by sending messages pretending to be FedEx, UPS, or USPS, claiming issues with package delivery. To avoid these scams, independently check your delivery progress by logging into your account, and avoid clicking on any links in the message. Never share personal or financial information, and ensure that the shipping company’s website matches the one handling your package. If a legitimate fee arises, use a credit card or PayPal with buyer protection instead of wire transfers, gift cards, or cash.

10. Google Voice Verification Code Scams

A staggering 61% of scam victims who contacted the Identity Theft Resource Center in 2022 reported being targeted in a Google Voice scam. This scheme continues to be effective since scammers act like they’re concerned about fraud, and it’s still relatively new and unfamiliar to many people.

These scammers assume various roles, posing as potential buyers on platforms like Facebook Marketplace, Offerup, Craigslist, or even pretending to have found a lost pet. They may also present themselves as sellers, advertising available rooms for rent. Regardless of the scenario, scammers will claim concern over your legitimacy and request that you verify your identity through Google Voice, even if you don’t have an account. Remember, this is always a scam, and you should never share verification codes with anyone.

If you have been targeted, disconnect your phone number from Google Voice to prevent further exploitation. International scammers specifically seek U.S. numbers to use with Google Voice, and acquiring verification codes is their primary goal. By possessing your Google Voice verification code, scammers can impersonate you and perpetrate scams under your identity, often attempting to extract additional sensitive information from their victims. To ensure legitimacy, always meet people locally and in person, and never share any verification codes.

11. Work-From-Home and Other Job Scams

Work-from-home scams have increased as remote work has become more popular and desirable since the Covid-19 pandemic. This makes it easier for fraudsters to enact work-from-home schemes and other job-related scams. Unfortunately, immigrants may be targeted more than others as they need work to get or maintain a visa.

Be cautious when considering work offers, especially if a visa or work visa is required. Some fraudulent recruiters may offer tourist visas instead of the necessary work visas or claim to provide “open” work visas that allow you to choose any employer or engage in unskilled work in the United States for an extended period. These criminals advertise job postings in the same places as legitimate employers, including social media, job sites, newspapers, and ads. However, unlike genuine employers, job scammers are primarily interested in obtaining your personal information and money rather than your skills and expertise.

Remember, if a job offer seems too good to be true, it likely is. Before applying for a new job, search the employer online using keywords like “scam,” “review,” or “complaint.” Avoid job opportunities where you have to pay for the job or inventory.

12. FEMA/Disaster Recovery Scams

Disaster fraud is rising as climate crises intensify. In this type of fraud, scammers employ various tactics, such as texting victims of disasters, urging them to click on links, and providing their personal information to receive government checks. They may use this data to apply for FEMA assistance: in fact, FEMA has paid more than $3 billion in assistance to fraudulent applicants since 2003. Remember, FEMA inspectors will never request your application number or banking details and always ask to see their identification badges when meeting in person.

Another disaster scam involves individuals posing as federal or local disaster workers, asking for money. Legitimate FEMA and Small Business Administration (SBA) staff will never charge for application assistance or promise grants in exchange for upfront payments. Similarly, ignore requests for payment to restore services like phone or electricity.

Charitable donations can also be exploited, with criminals soliciting funds for disaster relief. To ensure your donations reach legitimate organizations, visit Give.org and donate through the official channels listed on their websites.

13. Sextortion/Romance Scams

Online dating is booming today, and 3 in 10 U.S. adults have tried it at least once. The rapid growth of online dating has created many opportunities for scams. For example, a person might start chatting with you on a dating app. Once the conversation turns intimate, they may request photos or videos of an explicit nature. Then, they may threaten to publish the photos unless you pay them large sums of money or send even more photos. This is often referred to as “sextortion.” The FBI reports that financial intimate extortion cases targeting minors have increased in recent years.

You don’t need to be on a dating app to become a victim of this crime: scammers can reach out to people on their regular social media profiles. LinkedIn relationship fakes take a similar path, with the criminals asking you to be their career mentor.

Teen boys aged 14 to 17, college students, and senior citizens, particularly widows, widowers, and the recently divorced, are common targets. Scammers want victims to feel dehumanized, ashamed, and isolated, so they feel obliged to pay up.

If you have children, reassure them they can talk to you about anything, including intimate extortion. If you’re being extorted, immediately stop communication. Never pay money to the blackmailer. For one thing, payment is unlikely to stop their behaviors. Save everything you can to serve as evidence and block the perpetrator. Don’t delete your profile or messages; report the sextortion to the dating or social media platform. Change all of your passwords just to be safe.

14. Apartment and Vacation Rental Scams

With housing prices soaring, people are looking for good deals, which creates a lot of opportunities for scammers. During the Covid-19 pandemic, real estate rental fraud warnings jumped 30%.

Exercise caution if a purchase or rental price seems too good to be true, especially if the landlord claims to be abroad and requests the security deposit upfront. This applies to long-term housing, timeshares, and short-term rentals, such as for summer vacations. Scammers often duplicate legitimate ads, changing only the contact information or gaining access to the genuine property owner’s email account.

Wiring money is a clear warning sign of a scam, regardless of whether it’s for rental fees, deposits, or other payments. Additionally, be wary if you’re asked to make a deposit or pay rent before signing a lease. Personally visit the properties or send trusted individuals on your behalf whenever possible. Utilize credit cards with fraud protection or opt for reputable vacation rental providers with secure payment systems.

15. Facebook Marketplace Seller Scams

Buyers and sellers can get scammed on Facebook Marketplace. Few people know this since much of the attention is on buyers, so sellers are an appealing target. Here are a few key ways scammers try to defraud sellers on Facebook Marketplace:

  • Prepaid shipping labels (lost packages): A buyer asks to give you a prepaid shipping label. It is genuine, but the buyer requests that the package be delivered to a different address after you ship the item. The buyer claims they never got the box and tries to get a purchase protection refund. To avoid this scam, do not use prepaid shipping labels that buyers give you, and use tracking information for shipments.
  • Phone number requests (verification codes): Buyers want your phone number so they can text you to discuss picking up an item ASAP. In reality, they want your phone number so they can register for Google Voice and ask you for the verification code to ensure you are real. Never give out verification codes, and keep communications on the Facebook platform.
  • Overpayment: Suppose you and buyers agree on a $30 sales price. Except…oops! The buyers accidentally pay $50 and ask for $20 back, and you do it. However, the transaction becomes messy when your bank notifies you that the buyers used a stolen card or fake check to pay. You have now lost the original payment plus the $20 you returned. Always decline overpayments, and tell buyers to send payments for the exact item price.

Final Thoughts

With fraud online rising, too many Americans are left exposed to sophisticated scams. We’ve mostly seen a large number of victims come from peer-to-peer payment apps and unsolicited texts.

By recognizing the warning signs, being cautious with your personally identifiable information, and verifying the legitimacy of offers, you can safeguard your online security and financial well-being. Always remain aware – skeptical even – of random or too-good-to-be-true offers. Even if it takes you a few extra minutes, always verify who is contacting you. In fact, many times it’s better to respond to the company directly by finding contact information on an official website.

Remember to conduct research, trust your instincts, and seek reputable sources when in doubt. With these precautions in mind, we can confidently navigate the digital realm, sidestepping the traps of new internet scams and ensuring a safer online experience for ourselves and others. Besides, you read this article, which means you are several steps ahead already.


  • How common are online scams?

    Scams are unfortunately always on the rise. In 2023, Statista reported that 82.6 percent of people lost money due to an online shopping scam. It’s safe to say that online scams are more common than you might think.

  • What are common scammer phrases?

    Scammers get creative with their phrasing, but a few phrases that we’ve seen repeated include:

    • “Immediate action required to avoid penalties!”
    • “Make BIG money working from home!”
    • “Act now!” or “Claim it now!”
    • “Confirm your identity to secure your account.”
    • “Exclusive offer! Act fast before it’s gone!”
    • “This is the IRS. You owe back taxes.”

    Look out for any sense of urgency, and if you get a weird feeling, always verify the information before acting. Most importantly, never click or download attachments unless you’re certain of the sender.

  • What are the latest scams to be aware of?

    A few of the latest scams to be aware of in 2024 include easy remote jobs, government account takeovers, and deep fake or AI voice scams.

  • What information does a scammer need to access my bank account?

    To officially access your bank account online a scammer will need your online banking login information. This is why two-factor or multi-factor authentication is always recommended for online accounts. Even with your login credentials, you’ll have the opportunity to block the login.

    To access your bank account through other means, scammers may need your account and routing numbers, security questions and answers, full name, date of birth, your Social Security number, contact information, ATM PIN, and credit or debit card information.

  • How much information does a scammer need to steal your identity?

    Scammers and cybercriminals can steal your identity just by using your name, address, and date of birth. Each case varies.