Common Online Scams and How to Spot Them
The Scale of Online Fraud
Online scams cost UK consumers hundreds of millions of pounds every year. According to Action Fraud, fraud is now the most commonly experienced crime in England and Wales, with the majority of incidents originating online. Scammers exploit trust, urgency, and emotion to manipulate their targets, and no one is immune. People of all ages, backgrounds, and education levels fall victim to well-crafted scams.
This article provides an overview of the most prevalent scam types. Each section links to a more detailed article where you can learn about specific tactics and defences.
Phishing and Impersonation Scams
Phishing remains one of the most widespread forms of online fraud. Attackers send emails, text messages, or direct messages that impersonate trusted organisations, attempting to trick you into clicking malicious links or revealing login credentials. These messages often create a false sense of urgency, warning of account closures, suspicious activity, or missed deliveries.
Warning signs include suspicious sender addresses, generic greetings, spelling errors, and links that do not match the claimed organisation's domain. For an in-depth look at phishing tactics and how to respond, read our article on recognising phishing emails and messages.
Romance Scams
Romance scams target people on social platforms and dating sites. Scammers create fake profiles, build emotional connections over weeks or months, and then manufacture crises that require financial assistance. Victims may be asked to send money for medical emergencies, travel costs, or business problems that do not exist.
Red flags include a reluctance to meet in person or video call, rapid declarations of love, and any request for money, no matter how reasonable the story sounds. Our detailed article on romance scams explores these tactics and how to verify someone's identity.
Marketplace and Payment Scams
On marketplace platforms, scammers may pose as legitimate buyers or sellers. Common tactics include overpayment scams (where a "buyer" sends more than the asking price and requests a refund of the difference), fake payment confirmations, and requests to complete transactions outside the platform's secure payment system.
Always use the platform's integrated payment system and never send goods before payment has fully cleared. Read more about marketplace-specific risks in our marketplace and payment scams article.
Job and Recruitment Scams
Fraudulent job offers lure victims with attractive salaries, remote work, and minimal qualifications. The goal is usually to extract personal information (identity documents, bank details for "payroll setup") or to collect advance fees for training materials, equipment, or background checks that never materialise.
Be suspicious of job offers that arrive unsolicited, require upfront payments, or ask for sensitive personal information before a formal interview process. Our job and recruitment scams article covers these tactics in detail.
Investment and Cryptocurrency Scams
Investment scams promise guaranteed returns, often using cryptocurrency as the vehicle. Tactics range from pump-and-dump schemes and fraudulent trading platforms to elaborate long-term deceptions known as "pig butchering" scams, where victims are groomed over time before being persuaded to invest large sums into fake platforms.
No legitimate investment can guarantee returns, and pressure to act quickly is always a warning sign. Learn more in our investment and cryptocurrency scams article.
Fake Customer Support Scams
Scammers impersonate customer support agents from well-known platforms and companies. They may contact you via phone, email, or social media, claiming there is a problem with your account that needs immediate attention. Their goal is to obtain your login credentials or convince you to install remote access software that gives them control of your device.
Legitimate companies will never ask for your password via message or phone call. Read more in our fake customer support scams article.
QR Code Scams (Quishing)
Tampered or fraudulent QR codes can redirect you to malicious websites designed to steal your credentials or install malware. These scams appear in public places, in fake delivery notifications, and even in phishing emails. Our QR code scams article explains how to verify QR codes before scanning them.
AI-Generated Deepfake Scams
Advances in artificial intelligence have made it possible to create convincing fake videos and audio recordings. Scammers use deepfake technology to impersonate trusted individuals in video calls or voice messages, making fraud harder to detect through visual or auditory cues alone. Our deepfake scams article covers emerging threats and verification strategies.
Universal Warning Signs
Despite their variety, most scams share common characteristics:
- Urgency: Pressure to act immediately, before you have time to think or consult someone else.
- Secrecy: Requests to keep the interaction private or not tell anyone about it.
- Too good to be true: Offers that seem unusually generous, whether financial returns, job offers, or romantic attention.
- Unusual payment methods: Requests for payment via gift cards, cryptocurrency, or bank transfers rather than established payment platforms.
- Emotional manipulation: Exploiting fear, greed, loneliness, or sympathy.
What to Do If You Suspect a Scam
If you believe you have encountered or fallen victim to a scam, report it to Action Fraud or contact Citizens Advice for guidance on your options. Acting quickly can limit the damage and may assist law enforcement in preventing others from being targeted.