Apple $349 PornHub Subscription Text Scam: The FAKE “Apple Charge” Alert
Written by: Thomas Orsolya
Published on:
A text pops up claiming $349.99 was charged to your Apple account for a Pornhub subscription. It looks urgent, embarrassing, and time-sensitive. Then it gives you a phone number and tells you to call “Apple Support” if you did not authorize the payment.
That message is not from Apple.
It is a smishing scam designed to get you to call a fake support center, where scammers pressure you into handing over access, sensitive information, or money. The porn angle is not random. It is used to trigger panic and shame, so victims act fast and stay quiet.
This article breaks down how the scam works, what the red flags look like, and what to do if you already interacted.
Scam Overview
What this scam is trying to do
The Apple $349 charge text scam is a fake “billing alert” that impersonates Apple and claims a suspicious charge was made on your account. The message usually includes:
A specific amount, often $249.99, $349.99, or $499.99
A provocative purchase description, commonly a porn subscription
A phone number labeled as “Apple Support”
A short instruction that pushes you to call immediately
The objective is simple: get you on the phone. Once you call, you are no longer dealing with a text message. You are dealing with a trained scammer using a script.
From there, the scam typically moves in one of these directions:
They claim your Apple ID, iPhone, or payment method is compromised
They pressure you to “verify” details like your Apple ID, card, or one-time passcodes
They try to get you to install remote access software or enable screen sharing
They attempt to steal money directly or push you into paying with gift cards
The porn-subscription theme is used because it creates an emotional reaction that overrides careful thinking.
Why scammers use a Pornhub subscription as the hook
This scam is engineered around human behavior. A porn subscription accusation triggers a predictable set of reactions:
Shock: “I did not buy that.”
Urgency: “I need to stop this now.”
Embarrassment: “I do not want anyone to see this.”
Silence: “I will handle this myself instead of asking for help.”
Scammers love silence. The less you talk to your bank, Apple, or a friend, the more time scammers have to control the situation.
It also works because it feels personal. A fake charge for “Apple Store” might be ignored by someone who thinks it could be a family purchase. A porn subscription claim feels more urgent and more “wrong,” which pushes people to call.
What the scam text usually looks like
A common version reads like this:
“An amount of USD $349.99 has been charged to your Apple account for a Pornhub subscription. If you did not authorize, contact Apple Support [phone number].”
The language is often slightly off. You may see odd spacing, weird capitalization, or unnatural phrasing such as “An amount of USD” instead of simply “You were charged.”
Scammers do this because they send the same template to thousands of numbers. They are not writing like Apple. They are writing like a bulk scam campaign.
Why the phone number is the biggest red flag
Apple does not send random billing texts that tell you to call a number embedded in the message.
Real companies want you to use official channels you can independently verify, such as:
Your Apple account settings
The Apple Support app
An official Apple support page accessed directly (not via a text link)
Your bank’s fraud department using the number on the back of your card
In this scam, the phone number is not Apple. It routes to a fake call center that pretends to be Apple Support, Apple Security, or a billing team.
If you call, you are walking into the scam’s main stage.
What Apple billing alerts actually look like
Apple typically communicates billing and subscription information through:
Email receipts from Apple (with recognizable formatting and order details)
Your purchase history inside your Apple account
Your subscription list inside Settings
Charges shown by your card issuer as Apple-related billing descriptors
Even then, you should not rely on a message alone. You verify by checking your account directly.
If you ever receive a billing alert, the safest approach is:
Check your Apple subscriptions
Check your Apple purchase history
Check your bank or card statement
Contact your bank using official contact details if something is unauthorized
Do not use phone numbers or links provided in a suspicious text.
How this turns into a tech support scam
The Apple Pornhub subscription alert is often a gateway into a broader “support” scam, the same type used in fake virus pop-ups and fake Microsoft warnings.
Once you call, scammers frequently claim:
Your iPhone has been hacked
Your Apple ID is under attack
Someone is using your Apple Pay or saved cards
Your device is infected with malware
Your financial accounts are at risk
Then they offer a solution that helps them, not you:
“We need to verify your identity.”
“We need to secure your device.”
“We need to reverse the charge.”
“We need remote access to complete the refund.”
Remote access is a major escalation point. It can lead to stolen credentials, bank theft, and account takeovers.
What scammers typically try to steal
Victims can lose money and accounts in multiple ways, including:
Apple ID credentials
One-time passcodes sent by SMS or authenticator apps
Banking logins and account access
Personal information used for identity theft
Gift card funds
Direct transfers via payment apps or bank transfers
This scam is not about a fake Pornhub subscription. That is just the bait. The real target is your money and your access.
Who is most at risk
This scam can hook anyone, but it tends to work especially well on people who:
Use iPhone and Apple services regularly
Have Apple Pay enabled or cards saved in Wallet
Are busy and respond quickly to urgent alerts
Are not familiar with how Apple handles billing disputes
Feel uncomfortable asking for help due to the porn angle
Scammers count on the victim wanting a quick, private resolution.
The biggest tell: payment disputes do not require remote access or gift cards
If the “support agent” you call asks for any of the following, it is a scam:
Remote access or screen sharing “to secure your account”
Your Apple ID password
Your one-time passcodes
Payment via gift cards
Payment via crypto
A bank transfer to “verify” your identity
A request to stay on the phone while you log in to banking
Apple does not handle billing disputes this way. Banks do not handle fraud this way. Legit support does not ask for gift cards.
How The Scam Works
This scam follows a predictable pattern. The exact script varies, but the structure is consistent.
Step 1: The text message creates panic and urgency
The first move is the message itself. It contains three psychological triggers:
A high charge amount like $349.99
A sensitive purchase like a porn subscription
A call-to-action telling you to call “Apple Support”
The goal is to get you to act before you verify anything.
Step 2: You call the number and reach a fake “Apple Support” desk
Once you call, you are connected to a scam call center. The person who answers usually:
Sounds confident and professional
Uses a common name or fake employee ID
Mentions “Apple Security” or “Billing Department”
Quickly confirms the “charge” described in the text
This is not proof the charge is real. They are reading from the same script you are.
Step 3: They build credibility with a fake case number and fake verification steps
To sound legitimate, scammers often do things like:
Assign a “case ID”
Put you on hold briefly to “check your account”
Ask for basic details (name, device type)
Repeat the amount and merchant line
Then they escalate the story with claims like:
“Your Apple ID is compromised.”
“Your account was used from another location.”
“There are multiple attempts, not just one.”
“We need to secure your device immediately.”
They are trying to turn a single fake charge into a full-blown emergency.
Step 4: They push you into “verification,” which is really data collection
Next comes the information grab. They may ask for:
Your Apple ID email address
Your phone number
Your billing ZIP code
The last digits of a card
A verification code sent to your phone
A common trick is asking for the one-time code that Apple or your bank sends. They will claim it is needed “to cancel the charge,” but that code can be used to log in to your account.
If you share one-time passcodes, you can lose control of your Apple ID or financial accounts quickly.
Step 5: They introduce remote access as the “solution”
If the scammer senses you are worried, they may push remote access.
They might say:
“We need to run a security scan.”
“We need to remove unauthorized profiles.”
“We need to process a refund to your account.”
“We must secure your Apple Pay wallet.”
Then they instruct you to install a remote support tool or enable screen sharing.
This is where the scam becomes dangerous. With visibility into your screen, they can:
Watch you type passwords
See bank balances
Direct you to transfer money
Capture personal information
Manipulate what you are seeing and doing
Even if they cannot fully control the device, screen access is often enough.
Step 6: The “refund” narrative appears
Many victims report a pivot into a refund storyline.
The scammer may claim:
The charge was placed by a hacker
They will reverse it immediately
They must “confirm your bank” to complete the refund
At this point, they often steer you toward logging into online banking or payment apps.
This is not to help you. It is to get you to move money.
Step 7: They attempt to extract money directly
Depending on the victim’s responses, scammers commonly attempt:
Unauthorized transfers if they gain access
Persuasion to transfer money to “secure accounts”
Pressure to pay “verification” fees
Requests for gift cards as a “secure payment method”
Gift cards are one of their favorite endgames because once the codes are redeemed, it is hard to recover funds.
Step 8: Gift cards are used as the “fast, private fix”
This is where the Pornhub angle becomes useful to the scammer again.
They may imply that gift cards:
Keep the situation “private”
Are required “because your bank is compromised”
Are needed “to activate a refund token”
Are needed “to validate your identity”
None of this is real.
If any “support agent” asks for gift cards, it is a scam. Full stop.
Step 9: They buy time to cash out
After they get information or money, scammers often try to delay you:
“Refunds take 24 to 48 hours.”
“Do not contact your bank yet, it will interrupt the process.”
“We already secured the account.”
They want you to wait because it gives them time to move money, redeem gift cards, or lock you out of accounts.
Step 10: Follow-up scams can continue
Once you engage, you may see additional attempts, including:
New texts with different charge amounts
Calls from “senior agents”
Emails claiming to confirm your refund
Fake “Apple” notifications to re-hook you
Scammers share and reuse phone numbers that respond. If you called once, you may be targeted again.
The Text Message and Common Variants
Below are examples of the scam text style used in the Apple Pornhub subscription scam. These are provided so readers can recognize and avoid them.
Example based on the common $349 script
An amount of USD $349.99 has been charged to your Apple account for a Pornhub subscription. If you did not authorize, Contact Apple Support at [phone number].
Variant 1: “Apple Security” framing
Apple Security Alert: Your Apple account was charged $349.99 for a Pornhub subscription. If this wasn’t you, call Apple Support now at [phone number].
Variant 2: “Authorization pending” wording
Apple Pay Notice: A payment authorization of $349.99 for Pornhub is pending. To cancel, contact Apple Support: [phone number].
Variant 3: “Account will be locked” pressure tactic
Apple ID Alert: Unusual activity detected. $349.99 Pornhub subscription charged. Call Apple Support immediately to prevent account suspension: [phone number].
Variant 4: “Refund department” angle
Apple Billing Refund Notice: Your Apple account was charged $349.99 for Pornhub. If unauthorized, call the Apple Refund Desk: [phone number].
Variant 5: Link-based companion scam
Apple Support: We detected a $349.99 charge for Pornhub. Verify to cancel: [suspicious link]Support: [phone number]
If you see any version of this, do not call the number. Verify charges through your Apple account and your bank directly.
What To Do If You Have Fallen Victim to This Scam
If you only received the text and did nothing, you can delete it and move on. If you called, clicked, shared details, or installed anything, use the steps below.
Stop contact immediately
Hang up if you are still on the phone.
Do not reply to any follow-up texts.
Block the sender number.
Check whether any real charge exists
Look at your card statement in your bank app.
Check your Apple purchase history and subscriptions.
If there is no matching charge, treat the text as pure bait.
If you called, assume your number is now a target
Expect more scam calls and texts.
Be extra skeptical of any “Apple” or “bank” outreach.
If you shared your Apple ID email or password, change it immediately
Change your Apple ID password.
Use a strong, unique password.
Enable or verify two-factor authentication on your Apple ID
Confirm trusted phone numbers.
Remove any devices you do not recognize.
If you shared any one-time passcodes, act fast
One-time codes can be used to log in and take over accounts.
Change Apple ID password and secure your email account immediately.
Secure your email account
Email is often the key to resetting other passwords.
Change your email password and enable two-factor authentication.
If you installed a remote access or screen-sharing app, remove it
Uninstall anything the caller asked you to install.
Restart your device after uninstalling.
Check for suspicious settings changes
Look for unknown profiles or device management settings.
Review installed apps and browser extensions for anything unfamiliar.
Contact your bank or card issuer using official contact info
Use the number on the back of your card or in the official banking app.
Ask them to review activity, block transactions, and replace cards if needed.
Dispute unauthorized charges immediately
The sooner you report fraud, the better the chance of recovery.
If you purchased gift cards or shared gift card codes
Contact the gift card issuer right away.
Keep receipts and card packaging.
Even if you think it is too late, try immediately.
Monitor your accounts for at least 30 days
Watch for small “test” charges.
Enable transaction alerts in your bank app.
Report the scam
Report the text as spam in your messaging app.
Report the number to your mobile carrier if possible.
Report the incident to your local consumer protection agency.
Do not blame yourself
These scams are designed to create urgency and embarrassment.
Fast, practical steps matter more than replaying the moment.
How to Verify Whether an Apple Charge Is Real
If you are unsure whether a charge is legitimate, use a method you control, not a number from a text.
Check these sources:
Your bank or card statement for the exact merchant descriptor and amount
Your Apple purchase history and subscriptions list in Settings
Email receipts from Apple (then verify by matching to your account history, not by clicking random links)
If you find an unauthorized charge:
Contact your card issuer through official channels
Cancel or dispute the transaction
Replace the card if needed
Secure your Apple ID and email account
Is Your Device Infected? Run a Free Malware Scan
Slow performance, constant pop-ups, or strange behavior? These are classic signs of a malware infection. The fastest way to find out is to scan your device with Malwarebytes Anti-Malware Free — one of the most trusted malware removal tools available.
The free version detects and removes the most common threats, including:
Adware — the cause of those annoying pop-ups
Browser hijackers — unwanted redirects and changed homepages
Trojans and spyware — hidden programs stealing your data
Potentially unwanted programs (PUPs) — software you never asked for
👉 Select your device below — Windows, Mac, or Android — then follow the simple steps to download Malwarebytes, scan your system, and remove any threats it finds. The whole process takes about 5 minutes.
Malwarebytes for WindowsMalwarebytes for MacMalwarebytes for Android
Run a Malware Scan with Malwarebytes for Windows
Malwarebytes is one of the most popular and trusted anti-malware tools for Windows — and it’s completely free for removing infections. It catches threats that many antivirus programs miss, including adware, browser hijackers, and trojans. Follow the steps below to scan and clean your PC in just a few minutes.
Download Malwarebytes
Click the button below to download the latest version of Malwarebytes for Windows from the official source. The free version is all you need — it will scan your computer and remove adware, browser hijackers, and other malicious software at no cost.
(The link opens in a new page where your download will start)
Install Malwarebytes
When the download finishes, open your Downloads folder and double-click the MBSetup file. If Windows shows a User Account Control pop-up, click “Yes” to allow the installation.
Follow the On-Screen Prompts to Install Malwarebytes
The setup wizard will walk you through a few quick screens:
Choose where you’re installing the program — “Personal Computer” or “Work Computer” — then click Next.
Malwarebytes will now install on your device. This usually takes under a minute.
When installation is complete, the “Welcome to Malwarebytes” screen will open automatically.
On the final screen, click Open Malwarebytes to launch the program.
Enable “Scan for Rootkits”
Before scanning, turn on rootkit detection so Malwarebytes can find even the most hidden threats. Click the Settings gear icon on the left side of the screen.
In the settings menu, find “Scan for rootkits” and click the toggle so it turns blue.
Done? Click “Dashboard” in the left pane to return to the main screen.
Start the Scan
Click the blue Scan button. Malwarebytes will automatically update its virus database and start checking your computer for malware.
Wait for the Scan to Finish
The scan checks your entire system for browser hijackers and other malicious programs, so it can take several minutes. Feel free to do something else — just check back occasionally to see the progress.
Quarantine the Detected Threats
When the scan is done, you’ll see a list of everything Malwarebytes found — malware, adware, and potentially unwanted programs. Click the “Quarantine” button to remove all of them at once.
Malwarebytes will now remove the malicious files and registry entries and move them safely into quarantine.
Restart Your Computer
Some threats can only be fully removed after a reboot. If Malwarebytes asks you to restart, click Yes. Once you’re logged back in, your PC is clean and you can continue with the next steps in this guide.
When the scan finishes, click Quarantine to remove everything Malwarebytes found. That’s it — your Windows PC is now clean of trojans, adware, and other malware, and should be back to running smoothly.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Malwarebytes for Mac is a free on-demand scanner that removes the malware other security software tends to miss — adware, browser hijackers, and unwanted programs included. Cleaning an infected Mac with Malwarebytes has always been completely free, and it’s our go-to recommendation. Follow the steps below to scan and clean your Mac in just a few minutes.
Download Malwarebytes for Mac
Click the button below to download the latest version of Malwarebytes for Mac.
When the download finishes, open your Downloads folder and double-click the setup file to begin the installation.
Follow the On-Screen Prompts to Install Malwarebytes
The Malwarebytes for Mac Installer will guide you through a few quick screens. Click “Continue” and keep following the prompts until the installation completes.
When the installation is complete, Malwarebytes opens to the Welcome to Malwarebytes screen. Click “Get started“.
Select “Personal Computer” or “Work Computer”
Malwarebytes will ask what type of computer you’re installing it on. Click either Personal Computer or Work Computer, whichever applies.
Start the Scan
Click the “Scan” button. Malwarebytes will automatically update its detection database and begin checking your Mac for malware.
Wait for the Scan to Finish
Malwarebytes will scan your Mac for adware, browser hijackers, and other malicious programs. This can take a few minutes, so feel free to do something else — just check back occasionally to see the progress.
Quarantine the Detected Threats
When the scan is done, you’ll see a list of everything Malwarebytes found. Click the “Quarantine” button to remove all the threats at once.
Restart Your Mac
Malwarebytes will now remove all the malicious files it found. Some threats can only be fully removed after a reboot — if Malwarebytes asks you to restart, allow it. Once you’re logged back in, your Mac is clean.
Once the scan is done, remove every threat it detected. Your Mac is now free of adware, rogue browser extensions, and other potentially harmful software.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Run a Malware Scan with Malwarebytes for Android
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
After the scan, tap Remove Selected to delete all detected threats. Your Android phone is now clean — no more malicious apps, adware, or browser redirects.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
Now that your device is clean, keep it that way. Most infections start with a malicious ad or a fake download button — so blocking them at the source is your best defense.
We recommend AdGuard, which blocks malicious ads, phishing pages, and dangerous redirects before they can reach you.
The Apple $349 charge text scam uses a fake Pornhub subscription to trigger panic, embarrassment, and urgency. The phone number is the trap. If you call, you are connected to a fake support center that may claim your device is hacked, push remote access, demand one-time codes, and pressure you into sending money or gift card codes.
If you receive this text, do not call the number. Verify any charge using your Apple account and your bank directly. If you already engaged, cut contact, secure your Apple ID and email, contact your bank through official methods, and monitor your accounts closely.
FAQ
Is the “$349.99 Pornhub subscription charged to your Apple account” text real?
No. This is a scam text designed to make you panic and call a fake “Apple Support” number. Apple does not send random SMS alerts demanding you call a number to stop a charge.
Why does the scam mention Pornhub?
Because it triggers urgency and embarrassment. Scammers know many people will act fast, avoid asking for help, and stay on the phone longer when the message feels personal or humiliating.
Can Apple Pay or my Apple account actually be charged by a text message?
No. A text message cannot charge your account. The scam text is only a lure. The real danger begins if you call the number, click a link, or share codes and account details.
What should I do if I receive this text but did nothing?
Delete it and block the sender. Then verify your accounts the safe way:
Check your bank or card statement in your official banking app
Check your Apple purchase history and subscriptions in Settings If you see no real charge, you are fine.
How can I check if an Apple charge is legitimate?
Use official sources you control:
Your bank or credit card statement
iPhone Settings → your Apple ID → Subscriptions (and purchase history) If you still cannot identify a charge, contact your card issuer using the number on the back of your card.
Should I call the “Apple Support” number in the message?
No. That number belongs to the scammers. Calling it connects you to a fake tech support center trained to pressure you into giving access or money.
What happens if I call the number?
Typically, the scammer claims your Apple ID or device is compromised and tries to:
Get you to share personal info or one-time passcodes
Convince you to install remote access or screen-sharing tools
Push you into sending money or buying gift cards and reading the codes
Will Apple ever ask me to install remote access software or share my screen?
No. If anyone claiming to be Apple asks for remote access, screen sharing, or one-time passcodes, it is a scam.
What if I clicked a link or shared a verification code?
Treat it as a real security incident:
Change your Apple ID password immediately
Secure your email account (change password and enable two-factor authentication)
Review trusted devices on your Apple ID and remove anything unfamiliar
Watch for account login alerts or password reset emails
What if I gave the scammer remote access to my computer or phone?
Act quickly:
Disconnect from the internet (WiFi/cellular) if needed
Uninstall any remote access apps they told you to install
Run a security scan on computers involved
Change passwords from a different, trusted device
Contact your bank if you logged into banking during the call
What if I bought gift cards and gave them the codes?
Contact the gift card issuer immediately and keep all receipts. Sometimes funds can be frozen if the code has not been fully redeemed, but you must act fast.
I did not see a $349 charge on my bank statement. Does that mean I am safe?
It usually means the message was pure bait. The scammers often invent charges to provoke a call. Still, it is smart to monitor your card for the next few days and enable transaction alerts.
Why do scammers pick amounts like $349.99?
Because it feels serious but believable. It is high enough to cause panic, yet not so high that it seems obviously fake. Also, amounts ending in .99 look like real billing.
Can Apple or Pornhub confirm whether a subscription exists?
You do not need to contact Pornhub for this scam text. Check your Apple subscriptions list and your bank statement. If there is no transaction, it is just a scam lure.
How do I report this scam text?
You can:
Mark the message as junk/spam in your messaging app
Block the sender number
Report the scam to your mobile carrier (many accept forwarded spam texts)
Report it to consumer protection agencies in your country
How can I prevent these texts in the future?
The best protection is behavior and basic controls:
Do not call numbers or click links from unexpected billing texts
Use two-factor authentication on Apple ID and email
Keep devices updated
Turn on bank transaction alerts
Consider call filtering and spam blocking features from your carrier
10 Rules to Avoid Online Scams
Here are 10 practical safety rules to help you avoid malware, online shopping scams, crypto scams, and other online fraud. Each tip includes a quick “if you already got hit” action.
Stop and verify before you click, log in, download, or pay.
Most scams win by creating urgency. Verify using a trusted method: type the website address yourself, use the official app, or call a known number (not the one in the message).
If you already clicked: close the page, do not enter passwords, and run a malware scan.
Keep your operating system, browser, and apps updated.
Updates patch security holes used by malware and malicious ads. Turn on automatic updates where possible.
If you saw a scary “update now” pop-up: close it and update only through your device settings or the official app store.
Use layered protection: antivirus plus an ad blocker.
Antivirus helps block malware. An ad blocker reduces scam redirects, phishing pages, and malvertising.
If your browser is acting weird: remove unknown extensions, reset the browser, then run a full scan.
Install apps, software, and extensions only from official sources.
Avoid cracked software, “keygens,” and random downloads. During installs, choose Custom/Advanced and decline bundled offers you do not recognize.
If you already installed something suspicious: uninstall it, restart, and scan again.
Treat links and attachments as untrusted by default.
Phishing often impersonates delivery services, banks, and popular brands. If it is unexpected, do not open attachments or log in through the message.
If you entered credentials: change the password immediately and enable 2FA.
Shop safely: research the store, then pay with protection.
Be cautious with brand-new stores, “closing sale” stories, and prices that make no sense. Prefer credit cards or PayPal for dispute options. Avoid wire transfers, gift cards, and crypto payments.
If you already paid: contact your card issuer or PayPal quickly to dispute the transaction.
Crypto rule: never pay a “fee” to withdraw or recover money.
Common patterns include fake profits, then “tax,” “gas,” or “verification” fees. Another is a “recovery agent” who demands upfront crypto.
If you already sent crypto: stop paying, save evidence (wallet addresses, TXIDs, chats), and report the scam to the platform used.
Secure your accounts with unique passwords and 2FA (start with email).
Use a password manager and unique passwords for every account. Enable 2FA using an authenticator app when possible.
If you suspect an account takeover: change passwords, sign out of all devices, and review recent logins and recovery settings.
Back up important files and keep one backup offline.
Backups protect you from ransomware and device failure. Keep at least one backup on an external drive that is not always connected.
If you suspect infection: do not connect backup drives until the system is clean.
If you think you are a victim: stop losses, document evidence, and escalate fast.
Move quickly. Speed matters for disputes, account recovery, and limiting damage.
Stop payments and contact: do not send more money or respond to the scammer.
Call your bank or card issuer: block transactions, replace the card if needed, and start a dispute or chargeback.
Secure your email first: change the email password, enable 2FA, and remove unfamiliar recovery options.
Secure other accounts: change passwords, enable 2FA, and log out of all sessions.
Scan your device: remove suspicious apps or extensions, then run a full malware scan.
Save evidence: screenshots, emails, order pages, tracking pages, wallet addresses, TXIDs, and chat logs.
Report it: to the payment provider, marketplace, social platform, exchange, or wallet service involved.
These rules are intentionally simple. Most online losses happen when decisions are rushed. Slow down, verify independently, and use payment methods and account controls that give you recourse.
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
