Scam or not – how can you spot the difference? | Traficom
Skip to main content
Transport and Communications Agency

Scam or not – how can you spot the difference?

Scammers are masters at fooling you and it is not always easy to recognise a scam. Scammers often appeal to a sense of rush and your emotions. This top offer is available for a limited time, this invoice must be paid immediately or a surprising, good or bad, event has occurred that suddenly requires money.

On this page

Unfortunately, scams are common and more appear all the time. However, you can learn to recognise them. Follow the news, ask your friends or an expert and talk about scam messages with your close relatives. Or, learn the basics of how to protect yourself against online scams  on this web page. In this section, we will discuss different online scams, as well as how to avoid becoming the victim of a cyber scam.

Phishing

Did you receive a suspicious text message, email or phone call? With phishing, criminals try to acquire e.g. usernames, passwords, online banking credentials and credit card information.

Tietojenkalastelu, henkilö kalastaa tietoja

The message contains an unusual link

  • Do not click the link if you suspect it is a scam. Check the actual address of the link. 
  • If the page that opens from the link asks for your banking credentials or credit card information, do not enter them. 
  • The link can also be hidden behind a button in the email, such as “Confirm” or “Sign”. All links can be shortened using an URL shortener. 
  • You can find out the real address of the page by holding the mouse pointer over the link without clicking on it. Then the actual address of the link will appear at the bottom left of the site in its entirety. If you are using a mobile device, keep the link pressed and you will see the complete URL.

You are pressured to act fast

  • Remember that you can always take your time and think about it in peace. Never handle matters of money in a hurry.

Grammar mistakes or odd choices of words

  • Grammar mistakes or odd choices of words can reveal a scam. However, sometimes the language of the scam message and the layout of the sites can be very believable. 

You receive a surprising offer or you are promised great benefits for money or information 

  • Incredible claims are not to be believed. If something seems too good to be true, it often is.

Receiving an order confirmation or unexpected invoice without having asked

  • To your knowledge, you have not ordered anything, but you are being asked to pay for the order, complete the failed payment, or provide additional money or banking information. If the claims and situation of the message do not sound familiar, the message may be a scam. A sign of a scam can also be that the message is being too general and vague. Scammers' phishing messages are sent to a large number of people. That is why there is usually nothing personal about them that you could definitely identify that the message was meant for you.
  • Be careful if the message claims you have ordered something, tried to pay for something, or you are asked for more information or money. Can the claims even be true, or was it a scam?

Unknown sender

  • Is the message coming from an unusual address or a strange sender? Are there spelling mistakes in the URL? Criminals often try to make their message look as credible as possible. They can use a very real and familiar-looking address with, for example, only a 0 in place of the letter o.

Do you suspect a romance scam?

Romance scams take advantage of people's fundamental feelings and needs, such as yearning for love and intimacy, or loneliness. Scams are often systematic and skilfully executed. That is why falling for them is human.

Scammers use false identities, and pretend to be looking for a companion or partner, as do real people. You should be careful if a person you recently met online asks you for money with any excuse.

If you suspect your close relative or loved one is being scammed, talk about it. There are a lot of online stories of romance scam victims, and the cases often follow the same pattern. Seek information together and go through other people's stories. They may have familiar features that help a victim recognize that he or she is the target of a scam.

Tunnista romanssihuijaus. Tuore nettituttavuus on hyvin kiinnostunut ja pyytää yhteystietoja. Viestit ovat usein huonosti kirjoitettuja tai epämääräisiä. Henkilön profiili ei täsmää siihen, mitä hän kertoo itsestään. Henkilö saattaa pyytää intiimejä kuvia tai videoita. Voitettuaan uhrinsa luottamuksen huijari pyytää tai jopa kiristää rahaa, lahjoja tai pankkitietoja.
  • The person you are talking to is interested in knowing things about you but does not tell you in detail about themselves.
  • The conversation turns romantic quickly, even if you don’t know each other well yet.
  • The person you are talking to does not want to meet face-to-face. 
    • Even if you suggest meeting face-to-face, it does not work out. For example, the person you are talking to may say that he or she lives too far away or that he or she is travelling a lot and therefore cannot arrange to meet. If you have agreed to meet, they will cancel at the last moment. The reason the person gives is a sudden emergency.
  • The conversation is inconsistent and things and stories vary and contradict each other.
  • The person you are talking to will ask you for money or ask you to transfer the money from them to another account. The reason they give for this is usually an acute or surprising situation, such as a trip or illness. The payment needs to be completed now rather than later.

CEO scam

In this type of scam, the employee receives a message that is supposedly from the CEO. For example, the message orders to pay an urgent bill or to buy gift cards. The scammer pleads that they can't handle it themselves right now. If the scam is successful, in reality the employee is transferring the money to the scammer’s account.

Such scam messages can especially target those employees who handle billing, salaries, or HR issues. They are of especial interest to criminals.

Suhtaudu epäillen kaikkiin äkillisiin muutoksiin laskutustiedoissa. Huijauslasku voidaan lähettää luotettavalta vaikuttavasta osoitteesta, murretulta tililtä. Älä annan näennäisen kiireen hämätä. Tarkista soittamalla laskuttajan alkuperäiseen numeroon. Noudata aina organisaatiosi varmistuskäytäntöjä.
  • Always follow your company's instructions on how to handle invoices. Do not skip any step regardless of pressure.
  • In unclear cases, make sure that the request is coming from the right person or organisation and from an actual address or phone number. Check the person’s actual contact details from, e.g. your company’s internal phone book. Compare the contact details and check with the person or a colleague that the request is legitimate. It is good practice to call the person who sent the invoice. 

False search engine results

Victims are also lured to scam websites via links among search engine results. For example, when you search for a bicycle shop with a search engine, the top search result could be "Best Cycle Shop", which in turn could not be a real online shop. If you click the result, you can end up on a scam site. 

For this reason, you should not go to sites through search results, but rather by entering the address of the site directly in the address bar. 

The name of this phenomenon is malvertising. In a scam like that, criminals buy a spot for their site at the top of the search results. For example, a person searching for the pages of a bank or online store may inadvertently select a fake ad or search result that criminals have paid for to appear using misleading tactics. 

Video forgery and AI scams (deepfakes)

AI can be used to combine audio, video, text or images into video forgeries (deepfakes). In them, real people are made into credible virtual copies. Such techniques are utilized for scams and information influencing. For example, a video of one person can be credibly edited to have someone else's face. A person's voice can also be faked so that it seems genuine and used deliberately in a misleading manner. In a video like this, it may seem like a person is talking about things that he or she has never really said.

When every day can be April Fools’ Day - What are deepfakes?
Cyber and information influence activities:What should I know?

10 tips for the safer use of online services

  1. Do not click the links in messages if you are not completely sure that the message is genuine and the sender is trustworthy. For example, type your bank’s URL in the address bar of the browser yourself or use your own bookmarks.
  2. Prefer official bank mobile apps. The same is true for online shops.
  3. Do not give your online banking credentials to others. Remember that your bank or authorities will never ask for your bank credentials in a phone conversation, text message, or e-mail.
  4. Install apps only from trusted app stores. Do not install anything because someone is putting pressure on you, e.g. on the phone.
  5. Enable multi-factor authentication whenever possible.
  6. Keep your devices and programs updated. On many devices, you can choose to have updates download automatically.
  7. Use antivirus software.
  8. Use strong passwords or preferably, use a password manager.
  9. You are not alone! Anyone can become the victim or a scam, and you don’t need to feel ashamed. By sharing your experience you can help others. You can also contact the authorities or your bank if necessary.
  10. Make backups of important data on a regular basis.
Page was last updated