How to Protect Yourself Against Online Scams, Fraud, and Identity Theft

Mark Menne |
Categories

It's a question we've been hearing from clients more and more lately: "How do I protect myself against online scams, fraud, and identity theft?"

It's a smart question to be asking. Scams targeting everyday people have become more common and more convincing. But the good news is that awareness really is the best protection. Once you know what to look for, most of these schemes become much easier to spot.

 

Here's a practical guide to what's out there and how to stay ahead of it.

 

SOME OF THE MOST COMMON SCAMS RIGHT NOW:

1. Fake investment opportunities

These often start with an unexpected message on social media or a dating app. It could be a friendly stranger or love interest who eventually steers the conversation toward a "great investment opportunity" they've been using personally. The platform looks professional. The returns look impressive. And by the time you try to withdraw anything, the money and the person are gone.

What to watch for: Unsolicited investment tips, especially involving cryptocurrency or platforms you've never heard of. Promises of unusually high or guaranteed returns. Anyone who suggests keeping an investment secret from your family or financial advisor.

 

2. Government impersonation calls

A call comes in from someone claiming to be from the IRS, Social Security Administration, or Medicare. The message is urgent: your account has been flagged, you owe money, or there's a warrant for your arrest unless you pay immediately. These calls are designed to create panic so you act before you think.

What to watch for: Real government agencies do not call demanding immediate payment. They do not ask for gift cards, wire transfers, or cryptocurrency. If you receive a call like this, hang up and call the agency directly using a number from their official website.

 

3. Tech support pop-ups

A warning appears on your computer (sometimes with a loud alarm) claiming your device has been infected with a virus. A phone number is provided to call for help. Once you call, the "technician" asks for remote access to fix the problem, and uses that access to reach your financial accounts or steal personal information.

What to watch for: Legitimate tech companies like Microsoft and Apple do not send unsolicited pop-up warnings with a phone number to call. If this happens, close your browser and restart your computer. Do not call the number.

 

4. Urgent calls or messages pressuring you to act fast

This one shows up across nearly every type of scam. Whether it's a call about a "suspended" account, a text about a package that couldn't be delivered, or a message claiming a family member is in trouble, the script is always the same: act now, don't tell anyone, send money immediately.

 

What to watch for: Urgency and secrecy are almost always signs that something is wrong. Legitimate institutions will never pressure you to move money quickly or ask you to keep a financial decision from your family.

 

THE MAIN RULE WORTH REMEMBERING

If something feels off, stop and call someone you trust before you do anything.

That might be a family member, a friend, or us. A quick five-minute phone call is all it takes to confirm whether something is real or not. Scammers rely on speed and isolation, slowing down and reaching out breaks both of those.

We mean this genuinely: if you receive something suspicious and want a second opinion, call our office. That's what we're here for, and there's never any judgment in asking.

 

WHAT TO DO IF YOU THINK YOU'VE BEEN TARGETED

First, don't be hard on yourself. These schemes are carefully engineered to deceive people who are thoughtful and careful. Being targeted says nothing about you.

If money has already moved, call your bank or financial institution immediately, time matters and many transfers can be reversed if caught quickly. Then report it to the FTC at ReportFraud.ftc.gov and the FBI's Internet Crime Complaint Center at IC3.gov. Reporting helps protect others even if your own situation can't be fully resolved.

If you're unsure whether something has happened or just want to talk it through, reach out to us.

 

BONUS: A FEW WAYS TO PROTECT YOUR IDENTITY

Identity theft is often the downstream result of the scams above: a stolen password, a phishing link clicked from an email, and more. It's worth taking a few simple steps to make yourself a harder target.

  • Freeze your credit. A credit freeze is free, takes about ten minutes across all three bureaus (Equifax, Experian, and TransUnion), and prevents anyone from opening new accounts in your name without your knowledge. You can temporarily lift it anytime you need to apply for credit. For most people in or near retirement, this is the single most effective thing you can do.

  • Use strong, unique passwords and a password manager. Reusing the same password across accounts is one of the most common ways identity theft spreads. A password manager (like 1Password or Bitwarden) makes it easy to have a different strong password for every account without needing to remember them all.

  • Turn on two-factor authentication. Most banks, email providers, and financial platforms offer this. It means that even if someone gets your password, they still can't access your account without a second verification step, usually a code sent to your phone number or email.

  • Be cautious about what you share online. Scammers frequently use information from social media: your name, hometown, family members' names, even your birthday, to make their approaches feel more personal and convincing. A little privacy goes a long way.

  • Watch your accounts and your credit report. You're entitled to a free credit report from each bureau annually at AnnualCreditReport.com. Checking it once a year takes just a few minutes and can catch problems early.

 

We hope this is a helpful reference to come back to. If you have questions, or just want to talk through something that felt off, reach out anytime.

Contact Us


Source: Federal Bureau of Investigation (FBI), Internet Crime Complaint Center (IC3) Annual Reports, U.S. Department of Justice, IC3 Annual Reports, accessed June 18, 2026