In Q3 of this year alone, 'scam-yourself' attacks spiked 614%
CEO reveals top tips for avoiding scams this holiday giving season
Avoid scammers and know who you are donating to this giving season. Mary Hagen, a professional fundraiser and CEO of Colossal, is sharing her top three tips for supporting charitable organizations this holiday.
You're pulling your hair out, trying to fix something on your computer. You Google it and find what looks like a helpful website or a tutorial with easy step-by-step instructions.
Phew, you’re finally solving your problem, but hold up! You’ve just walked into a "scam-yourself" attack. Cybercreeps use this clever strategy to trick you into compromising your tech so they don’t have to do the dirty work.
BIOMETRIC DATA: IS IT SAFE TO HAND IT OVER TO ANY COMPANY THAT ASKS?
I’m giving away a $500 Amazon gift card. Enter here, no purchase necessary!
How bad is it?
Bad. Really bad. "Scam-yourself" attacks shot up 614% in the third quarter of this year alone. Lumma Stealer, the top data-stealing malware type that grabs banking info and browser extensions, spiked by 1,154%.
A 12-year-old boy types as he uses a laptop computer. (Matt Cardy/Getty Images)
Why do these scams work so well? When something’s broken, our instinct is to rush and fix it as quickly as possible. Now, add to this the fact you’re going through the steps yourself so it feels like you’re in control. That’s exactly what makes these tricks so dangerous.
Scammers are also shockingly good at mimicking trusted sources with professional-looking websites or tutorials, making it easy to believe you’re on safe ground. Add frustration and impatience to the mix, and it’s no wonder so many folks take the bait.
TALK TECHY TO ME: GET YOUR WORK DONE FASTER WITH THIS PRO TIP
RELATED: How to spot a fake retail website before you buy
How they snag you
- Fake CAPTCHA: You verify ("I’m not a robot"), then you’re asked to download a README file for instructions. Those instructions install malware.
- YouTube tutorials: You click a download link in the description of a YouTube video that promises to fix your tech issue. You guessed it! It’s malware in disguise.
- ClickFix scams: You copy and paste commands into your computer while following a step-by-step guide. Oops … You’ve commanded it to obey its new hacker overlords.
- Phony updates: Quick! A pop-up says you need to install a security update right now! It’s malware pretending to be your app, operating system or browser.
RELATED: Another scammer is now rich
Computer code on a screen with a skull representing a computer virus / malware attack. (iStock)
How to protect yourself
These scammers are savvy, but you can outsmart them.
Think twice before downloading: If a tutorial tells you to turn off antivirus software or download a random link, bail. Rely on big names like Google, Apple and Microsoft that publish steps for help online … or, you know, me!
Check URLs and sources: Cybercriminals mimic legitimate sites. Always double-check the web address, especially when you’re looking at updates or troubleshooting guides. If the URL feels off, trust your gut and close it.
3 SECURITY AND DATA CHECKS YOU SHOULD DO ONCE A YEAR
Be careful what you copy and paste: Never copy commands from unknown sources into your computer’s terminal or command prompt. That’s a classic malware delivery tactic.
Update the right way: Don’t click random pop-ups to update your software. Always go through your device settings or the app store.
RELATED: Hackers have a sneaky trick to get you to click their fake links - See it in action
Let’s say the worst happens.
A person is pictured using Google on their laptop. (Serene Lee/SOPA Images/LightRocket via Getty Images)
Despite being careful, you fell for it. Don’t panic, just act fast to limit the damage:
- Run a virus scan: Use antivirus software you trust to detect and remove any malware installed on your device. The free stuff isn’t good enough anymore.
- Change your passwords: Update passwords for any accounts you suspect are compromised. Email and financial accounts should be your first priority. And no password reusing! Every one should be unique. Yes, I know it’s a pain.
- Monitor your bank accounts: Keep an eye on your accounts for unauthorized charges or transactions. Notify your bank immediately if you see anything suspicious. I have the alerts in my banking app turned on so I get a buzz every time something out of the ordinary happens.
- Check for unusual activity: Look for strange logins or changes in your online accounts, too. Many sites and services have a section in the settings where you can see what devices are logged into your accounts and where they’re coming from.
- Reinstall your system if necessary: You may need to reset your device or reinstall your operating system. Steps here to complete a factory reset. Please, please back up your data first.
Get tech-smarter on your schedule
Award-winning host Kim Komando is your secret weapon for navigating tech.
- National radio: Airing on 500+ stations across the US - Find yours or get the free podcast.
- Daily newsletter: Join 559,000 people who read the Current (free!)
- Watch: On Kim’s YouTube channel
- Podcast: "Kim Komando Today" - Listen wherever you get podcasts
Copyright 2025, WestStar Multimedia Entertainment. All rights reserved.
