2022 scams

The first half of 2022 was marked by economic uncertainty, inflation, new Covid variants, shootings and war. While much of the news wasn’t great, it provided an ideal environment for scammers. Here are some of the most prevalent so far this year.

1. LinkedIn phishing scams: Microsoft’s LinkedIn social network was intended for professionals to create new connections and stay in touch with colleagues. The relative ease with which someone could assume a fake or stolen identity combined with the willingness of users to accept new connections and share professional information with strangers has made it an ideal platform for scams of all kinds, especially ones that implement phishing: One study estimated that over half of phishing campaigns used LinkedIn branding in the first quarter of 2022.

You can hear about LinkedIn scams on our podcast.

What you can do: Double-check any incoming emails claiming to be from LinkedIn for signs of phishing. Don’t open or click links from LinkedIn sent by mail. Instead, go directly to the website or app. Don’t overshare on LinkedIn either; any information posted about your education, employment history and connections can be used to tailor more convincing messages from scammers.

2. Subscription renewal scams: As streaming services and paid apps have become ubiquitous and more software companies migrate to subscription-based models, most of us have more auto-paying accounts than ever. Those email notifications letting you know your subscription is about to renew provide an ideal way for scammers to coax you into downloading malware.

What you can do: If you receive a renewal notification for a product or service that you don’t use, ignore it or delete it. Double-check the sender’s email address to confirm it matches the organization; if your iCloud invoice email is from “alkfsklj@frttt.kr” or something similar, it’s a scam. If you do need to see an invoice for services, go directly to the organization’s website rather than clicking or opening emails. 

3. Callback scams: Targets receive emails on behalf of an online security company or provider claiming that they urgently need to call a provided phone number. Once the target calls the number, they’re told of a serious issue or threat to their security and are convinced to provide their personal and payment information and/or to download “security software” to fix their problem.  

What you can do: Notifications or emails about your safety from a security firm you don’t use are always scams. Never click on links in incoming emails from unfamiliar addresses, regardless of how urgent the subject matter seems. Wait a beat before responding or opening an email; Scammers often succeed by creating a sense of panic in their targets.

4. Amazon Prime Day Scams: At least once a year, Amazon.com runs “Prime Day,” where popular products are offered at deep discounts. Competitor sites ranging from big box retailers to small businesses have followed suit, and Prime Day (usually a few days long) has become the summertime equivalent of Black Friday. A wide variety of scams ranging from phishing emails to phony websites designed to steal payment info from victims are the criminal response to these retail promotions.

You can hear more about Amazon.com and e-commerce scams on our podcast.

What you can do:  Go directly to the website offering a discount on a product, avoiding links in emails. Check and double-check the URL of any website to make sure it isn’t using a typosquatted domain name (e.g. Amazzon.com). Keep in mind that fraudulent sellers can also operate on legitimate e-commerce platforms; if a deal looks too good to be true, it usually is, even during a sitewide sale.