Have you ever received a suspicious email or pop-up that made your heart race, even for a second? You’re not alone. Online scams are getting more convincing every day, and even the most tech-savvy among us can find ourselves just one click away from trouble.

Phishing is one of the most common ways scammers can access your personal information. Many people fall victim to it every day, which is why this email we received was not surprising.

Just ask “Pamela,” who wrote to us: “I thought I couldn’t be scammed, but I almost was.”

Her story is a reminder that anyone can fall for a well-executed scam. We’ll share what happened to her below, how she caught on just in time, some tips on how to avoid being scammed on Facebook, and how to report it.

Sign up for my FREE CyberGuy Report
Get my best tech tips, urgent security alerts, and exclusive deals delivered straight to your inbox. Plus, you’ll get instant access to my Ultimate Scam Survival Guide free when you join.

Facebook scam warning: How Pamela almost fell for a tech support hoax

“I was working on my Facebook and it suddenly had a screen flash and voice that said the computer was locked and I needed to call a number to report the breach. I thought it was Microsoft so I called the number. The guy was good. He gave me a name and employee number and we went through some things on my computer which brought up a screen that said ‘scammers were listening’ and my IP was being used on the Porn Hub. I thought, how could that be? But still, I was obtuse.

“The screen listed what he said were all my credit cards that had been compromised, but only the beginning numbers: 3xxx, 4xxx, 5xxx, etc. He said in order to make a report to the FTC I needed to tell him all of the numbers. I told him I was not going to do that even though he insisted I had to for the ‘report.’ Then he said he would transfer me to the FTC and gave me a number in case we were disconnected. A different guy answered, gave me his name and said he was Andrew Ferguson, head of the FTC.

“I’ve been in politics and business for over 50 years. I looked him up while still on the phone and realized the head of the FTC wouldn’t be answering a support line. When I refused to give him my information, he yelled that my IP was being used on porn sites and didn’t want to stop it. I hung up.

“I have great virus software on all my devices and use two-step authentication for almost everything – but I still almost fell for it. I’m sharing this story to help others.”

Pamela was fortunate. Her security measures and quick thinking saved her, but these tactics are becoming more common and more aggressive. Here’s what you can do to stay safe.

Beware of pop-up scams that impersonate Microsoft or the FTC

Scammers often use alarming pop-up messages or automated voices claiming your device is compromised, urging you to call a number for help. As described in Pamela’s experience, a pop-up claimed her computer was locked and played a voice message directing her to call what appeared to be a Microsoft support number. The scammer then impersonated both a Microsoft employee and a government official, using fake names and employee numbers, and tried to pressure her into revealing sensitive information.

If you ever receive a pop-up or voice message claiming your device is at risk, do not call the number provided or share any personal information. Instead, contact the organization directly using official contact details from their website. Legitimate companies and government agencies will never ask you to provide sensitive information or credit card numbers over the phone in response to unsolicited pop-ups or calls.

Protect your online accounts with strong, unique passwords

Make sure each of your online accounts has a unique password. This prevents scammers from accessing multiple accounts if one gets compromised. While password generators provide secure passwords, you can also easily create one that’s hard to crack by looking at three random things in the room and using them to form a password. Consider using a password manager for strong, unique passwords. A password manager helps you generate and securely store complex, unique passwords for each of your accounts. This prevents you from reusing passwords and makes it much harder for scammers to access multiple accounts if one is compromised. Get more details about my best expert-reviewed password managers of 2025 here.

GOOGLE’S AI UNLEASHES POWERFUL SCAM-BUSTING FEATURES FOR ANDROID

Don’t fall for urgency: How scammers pressure you to act fast

Scammers will create a false sense of urgency to make you act quickly without thinking. Take your time to verify any urgent requests, especially those involving money or personal information. Don’t act on impulse.

Check URLs carefully before you click them, and use strong antivirus software 

Verify links before clicking them, especially if they come from someone who randomly contacted you on the internet. Scammers often use URLs that look similar to legitimate sites, but they typically contain slight misspellings or different domains (e.g., payepal.com or Microsoft.xyz). Also, install and update strong antivirus software.
Protect all your devices, including computers, tablets, and smartphones, with strong antivirus software. The best way to safeguard yourself from malicious links that install malware, potentially accessing your private information, is to have antivirus software installed on all your devices. This protection can also alert you to phishing emails and ransomware scams, keeping your personal information and digital assets safe. Get my picks for the best 2025 antivirus protection winners for your Windows, Mac, Android and iOS devices.

DON’T CLICK THAT LINK! HOW TO SPOT AND PREVENT PHISHING ATTACKS IN YOUR INBOX

Always update the software you use

Be sure each operating system, browser, and security software you use is updated on your computers and mobile devices. These updates often include patches that fix security vulnerabilities that scammers might exploit.

Be cautious with personal information on social media

Think twice before sharing personal details, such as your birthday, address, or even your pet’s name. Scammers can use information from your social media profiles to guess passwords or craft personalized phishing attacks.

HOW HACKERS ARE BREAKING INTO APPLE DEVICES THROUGH AIRPLAY

Enable multifactor authentication (MFA) on all accounts

Don’t limit MFA to just your main accounts. Enable it wherever possible, including email, social media, and financial services. Multifactor authentication adds an extra step to the login process, making it significantly harder for scammers to gain access, even if they have your password.

Use a personal data removal service to clean up your online footprint

Scammers often scour the internet for your personal information. Using a personal data removal service can help reduce the amount of your sensitive data available online, making it harder for scammers to target you with convincing attacks. While no service can guarantee the complete removal of your data from the internet, a data removal service is really a smart choice. They aren’t cheap and neither is your privacy.

These services do all the work for you by actively monitoring and systematically erasing your personal information from hundreds of websites. It’s what gives me peace of mind and has proven to be the most effective way to erase your personal data from the internet. By limiting the information available, you reduce the risk of scammers cross-referencing data from breaches with information they might find on the dark web, making it harder for them to target you. Check out my top picks for data removal services here.

Get a free scan to find out if your personal information is already out on the web.

Regularly review your financial statements and credit reports

Monitor your bank accounts, credit cards, and credit reports for any unusual or unauthorized activity. Early detection is key. If you spot something suspicious, report it immediately to your financial institution and the proper authorities.

Back up your important data regularly

Ransomware and other attacks can lock you out of your files. Regularly back up your important data to an external hard drive or a secure cloud service. This ensures you can recover your information if your device is compromised.

Report online scams to these official authorities

If you encounter a scam, reporting it to the proper authorities can help you recover lost funds and prevent others from falling victim to the same scam. By reporting scams, you contribute to a database that allows law enforcement to track patterns and catch criminals. Places you can report to include the FTC, your local FBI office, the IC3 and your state’s consumer protection office.

Kurt’s key takeaways

Keep in mind that scammers are constantly evolving their tactics. You must always be on guard. Do not rely too heavily on technology to protect you, since there is a psychological aspect to their methods as well. Have a skeptical mindset and trust your instincts. By sharing experiences and staying informed, we strengthen our community’s defense against cybercrime.

What was your scariest encounter with an online scam, and how did you manage to avoid falling for it? Let us know by writing to us at Cyberguy.com/Contact. 

For more of my tech tips and security alerts, subscribe to my free CyberGuy Report Newsletter by heading to Cyberguy.com/Newsletter.

Ask Kurt a question or let us know what stories you’d like us to cover.

Follow Kurt on his social channels:

Answers to the most-asked CyberGuy questions:

New from Kurt:

Copyright 2025 CyberGuy.com. All rights reserved.