How to spot scams on the internet

Phishing is a cybercrime in which an attacker disguises itself
as a trusted entity in order to gain access to sensitive data.
– Stomchak via Wikimedia Commons

by Corvey Lee, ICS 281 student at Kailua High School

Special to Ka ‘Ohana

Within the first three months of 2020, the Anti-Phishing Working Group reported more than 300,000 unique phishing sites and emails. That’s more than 30,000 unique phishing scams a day.

Phishing is a cybercrime in which an attacker disguises itself as a trusted entity in order to gain access to sensitive data, such as banking information and passwords, which can then result in identity theft and financial loss. Often these scams come through emails or websites.

The easiest way to avoid such scams is to be vigilant and stay skeptical. Taking the time to look at the email or site in question can quickly reveal its validity. Always look at who is sending the email. It should be a legitimate email address of the company that the email is claiming to be from.

Also be on the lookout for any spelling or grammatical errors in the writing. Major companies will always take the time to proofread their emails and websites. Speaking in a demanding tone or using slang or informal writing is also a major red flag.

Another way to verify if something is a scam is to check the information given. Companies like Netflix, PayPal or Facebook see thousands of scammers trying to imitate them for malicious purposes. If you get an email from a well-known company, make sure to take a close look and question every aspect of the email. The accompanying photo shows a Netflix scam that was spotted and reported to the Federal Trade Commission. In it, you can see that it is addressed with “Hi dear.” If you have an account with the company, Netflix will most likely use your name instead of generic openings such as “dear” or “consumer.”

If you want to take it a step further, you can verify the contact information given. For safety reasons, you should not click any external links but rather just note the URL or phone number and search if it is the correct information. Even though it is hard to see, the number in the email states you should contact a number starting with 0-800. If you search for Netflix’s customer service line, you would find that it actually starts with 1-866, a completely different number.

Finally, companies will almost never ask for personal information over email. Passwords, bank account numbers and other personal information are never needed to be given over email. If companies ask for it, then it is definitely something to be wary of.

Scams can be dangerous if handled incorrectly, but they can be spotted and prevented with proper technique. As a good rule of thumb on the internet, you should never enter your personal information anywhere you have doubts about. You should always double check and verify the legitimacy of things on the internet before believing they are true. Staying up-to-date on current scams and being on the lookout for them can also prevent them from happening to you.

Finally, if you want to report phishing attempts when you find them, the Federal Trade Commission recommends emailing them at or contacting the Anti-Phishing Working Group at By reporting these scams, you can get others in the know and may be able to save other people time and money as well.