How to avoid online scams before you click, pay, or share information.

You do not have to identify every scam perfectly. You only need to pause at the moments that matter: before you click, pay, reply, share a code, enter information, download something, install an app, or move a conversation somewhere less protected.

Most online scams are built around one small action. A message, caller, profile, listing, pop-up, invoice, or website tries to make that action feel urgent, normal, private, or harmless. The safer habit is not paranoia. It is slowing down when someone asks you to do something that could give them money, account access, personal information, or control of a device.

The core rule: verify outside the message

If a message, pop-up, invoice, QR code, caller, profile, or listing makes you unsure, do not use the link, phone number, QR code, attachment, reply thread, payment note, or support number inside it to prove it is real.

Open the real app yourself. Type the website address you know. Use a saved bookmark. Use the phone number on the back of your card, on a bill, on an official statement, or on the organization's real website. If the message claims to be from a marketplace, delivery service, bank, payment app, employer, dating app, or account provider, check inside that real account instead of through the message.

This one rule covers many scams: bank alerts, package texts, unpaid toll messages, subscription invoices, account closure warnings, fake support pop-ups, refund calls, job offers, rentals, marketplace buyers, romance requests, and fake payment screenshots.

Pause before the action

A scam often becomes dangerous only when it gets you to act. Use the request itself as the signal to slow down.

Suspicious emails, texts, DMs, and QR codes

A message can use a real logo, a familiar company name, a plausible sender name, or a professional-looking design and still be unsafe. The risk is not only how the message looks. The risk is what it pushes you to do through the message itself.

Be especially careful with messages that say there is a bank problem, a failed delivery, an unpaid toll, a tax refund, a subscription renewal, a suspicious login, an invoice you do not recognize, a job offer, a prize, a missed court matter, or an account that will close unless you act now.

• Do not click unexpected links just to see where they go.
• Do not trust short links, QR codes, or login buttons from unexpected messages.
• Do not call the number in a suspicious invoice, receipt, pop-up, or text.
• Do not assume caller ID proves the caller is who they claim to be.
• Do not enter a password, card number, Social Security number, one-time code, or ID image after following a link from a message.
• If you are expecting a package, payment, refund, or account alert, check through the official app or site instead.

Payment safety

The safest time to question a payment is before it leaves your account. Payment risk depends on the method, provider, transaction type, and whether you authorized it. ScamClarity cannot know in advance whether a provider can reverse a specific payment.

Treat payment requests as higher risk when someone insists on gift cards, cryptocurrency, wire transfers, bank transfers, Zelle, payment apps, cash pickup, or a specific method that feels unusual for the situation. Also pause when a buyer or seller sends a screenshot instead of letting the payment show in your real account.

Common traps include fake payment screenshots, overpayment and refund stories, business account upgrade fees, small delivery or redelivery fees, fake toll fees, fake tax or prize fees, job task deposits, rental deposits before verification, and requests to send money to recover money already lost.

Personal information safety

Some personal information is normal in real situations. An employer, bank, landlord, school, insurer, government agency, or platform may sometimes need sensitive details. The timing and verification matter.

Slow down before sharing passwords, one-time codes, Social Security numbers, card numbers, bank details, account screenshots, direct deposit forms, tax forms, ID photos, selfies with documents, verification links, recovery keys, or private records. A real employer, landlord, bank, government agency, or platform should be verified outside the message before you share that information.

If a request feels official but came through a text, email, DM, ad, marketplace chat, dating app, or unexpected call, do not answer through that channel. Find the real account, portal, office, platform, or phone number yourself.

Account and device safety

Most scam prevention is not about buying a product. It is about reducing the number of ways someone can get into your accounts or talk you into giving access away.

• Use unique passwords, especially for email, banking, Apple, Google, Microsoft, social media, payment apps, and phone carrier accounts.
• Use stronger sign-in protection where available, such as multi-factor authentication, authenticator apps, prompts, passkeys, or security keys.
• Keep your phone, computer, browser, and apps updated.
• Do not share one-time codes, backup codes, password reset links, or recovery keys with anyone.
• Do not install remote-access tools because a caller, pop-up, refund message, employer, buyer, seller, or romantic contact tells you to.
• Avoid installing apps, browser extensions, configuration profiles, or security tools from links in messages.
• If something suspicious happened, check official account security pages for recent sign-ins, recovery settings, forwarding rules, connected apps, and devices.

Marketplace, dating, jobs, and rentals

Many scams do not look like scams at first. They look like ordinary transactions or relationships that change once trust has started to form.

Buying or selling online

Do not rely on screenshots as proof of payment. Check your real payment account. Be careful with buyers or sellers who push you off-platform, ask for a phone number to send a verification code, ask you to pay a fee to receive money, overpay and ask for a refund, use a courier story, or want a deposit before you can inspect the item.

Dating apps and social media relationships

A relationship becomes higher risk when money, gift cards, crypto, investment accounts, bank help, secrecy, emergency travel, medical costs, customs fees, or refusal to meet normally enters the conversation. You do not have to decide whether the person is real before you pause. You only need to notice what they are asking you to send, buy, open, keep secret, or move.

Jobs and remote work

Pause before giving bank details, Social Security numbers, ID photos, direct deposit forms, tax forms, or account logins to a recruiter you have not verified. Be careful with fake checks, equipment purchases, task deposits, reshipping roles, crypto tasks, personal payment app transfers, or jobs that ask you to move money for someone else.

Rentals

A rental request becomes risky when someone asks for a deposit, application fee, ID image, bank information, or lease signature before you can verify the property, landlord, management company, and listing. Search for the address and listing, confirm through an official property manager or owner channel, and be cautious if the price is far below similar rentals.

How to help someone else avoid a scam

If you are helping a parent, spouse, friend, coworker, or other family member, start with the request instead of trying to prove the whole relationship, job, profile, listing, or message is fake. People become defensive when they feel judged. They may stay engaged because the scam feels like love, opportunity, rescue, status, or urgent responsibility.

Ask calm, concrete questions: What are they asking you to send? What are they asking you to buy? What link do they want you to click? What code do they want? What app do they want installed? What do they want kept secret? What happens if you wait 24 hours and verify through the official company, bank, platform, or agency?

Suggest a pause, not a public confrontation. Offer to verify the request together from the real website, app, statement, or known phone number. If money or personal information was already involved, help preserve evidence and contact the relevant bank, payment provider, platform, or official agency.

What not to do

What to save if something feels wrong

Even on a prevention page, saving evidence matters. If you later need to report the message, payment, profile, listing, account alert, or identity exposure, it is much easier when you still have the details.

• Screenshots of emails, texts, DMs, pop-ups, QR codes, profiles, listings, invoices, and websites.
• Sender details, phone numbers, email addresses, usernames, profile links, website URLs, and app names.
• Payment requests, transaction IDs, wallet addresses, gift card receipts, bank transfer details, shipping labels, and account alerts.
• Dates and times of messages, calls, payments, sign-ins, downloads, or requests.
• A short note about what was requested: click, pay, reply, share a code, enter a password, upload ID, install an app, or move to another platform.

Where official resources fit

ScamClarity is not a government agency, bank, payment provider, platform, police department, support desk, or recovery service. Use ScamClarity to understand the request pattern and choose safer next steps. Use official channels for reports, account-specific help, transaction questions, or identity-theft recovery.

• Use FTC ReportFraud for U.S. consumer scams, fraud attempts, and scam patterns.
• Use IdentityTheft.gov if personal information was misused or could be used for identity theft.
• Use FBI IC3 for internet-enabled crime and online fraud reports.
• Use your bank, card issuer, payment app, crypto exchange, marketplace, dating app, email provider, phone carrier, or account provider for account-specific and transaction-specific help.
• Use local law enforcement for threats, immediate danger, blackmail, local theft, or when a provider asks for a police report.

FAQ

What is the easiest way to avoid online scams?

Do not act through the message. If something asks you to click, pay, reply, share a code, enter personal information, download something, or call a number, pause and verify through the official app, website, statement, card number, or known contact.

What should I do before clicking a suspicious link?

Do not click it to test it. Check whether you can reach the same account, delivery update, invoice, toll notice, bank alert, or support issue through the real app or website. If you cannot verify it there, treat the message as unsafe.

How can I tell if a payment request is risky?

Risk rises when the request is urgent, private, emotional, unexpected, off-platform, tied to a fee or refund story, or limited to gift cards, crypto, wire transfer, bank transfer, Zelle, or a payment app. Before paying, verify the person or organization through a channel you already trust.

What information should I never share through a message?

Do not share passwords, one-time codes, backup codes, recovery keys, account reset links, full Social Security numbers, card numbers, bank logins, ID photos, tax forms, or account screenshots through an unexpected text, email, DM, pop-up, or call.

How do I help a parent or family member avoid scams?

Focus on the request, not on whether the person, job, relationship, or message is fake. Ask what they are being asked to send, buy, click, install, share, or keep secret. Offer to verify it together through the official company, bank, platform, or agency.

Are all scam messages obvious?

No. Some scam messages look polished, use real logos, mention real events, spoof caller ID, or copy the style of a real company. That is why the safer habit is to verify outside the message instead of judging only by appearance.

Where should I report a scam if something already happened?

For U.S. consumer scams, use FTC ReportFraud. For identity theft, use IdentityTheft.gov. For internet-enabled crime, use FBI IC3. If money moved or an account was affected, contact the relevant bank, card issuer, payment app, platform, carrier, or account provider through an official channel.