Apple $349 PornHub Subscription Text Scam: The FAKE “Apple Charge” Alert
Written by: Thomas Orsolya
Published on:
A text pops up claiming $349.99 was charged to your Apple account for a Pornhub subscription. It looks urgent, embarrassing, and time-sensitive. Then it gives you a phone number and tells you to call “Apple Support” if you did not authorize the payment.
That message is not from Apple.
It is a smishing scam designed to get you to call a fake support center, where scammers pressure you into handing over access, sensitive information, or money. The porn angle is not random. It is used to trigger panic and shame, so victims act fast and stay quiet.
This article breaks down how the scam works, what the red flags look like, and what to do if you already interacted.
Scam Overview
What this scam is trying to do
The Apple $349 charge text scam is a fake “billing alert” that impersonates Apple and claims a suspicious charge was made on your account. The message usually includes:
A specific amount, often $249.99, $349.99, or $499.99
A provocative purchase description, commonly a porn subscription
A phone number labeled as “Apple Support”
A short instruction that pushes you to call immediately
The objective is simple: get you on the phone. Once you call, you are no longer dealing with a text message. You are dealing with a trained scammer using a script.
From there, the scam typically moves in one of these directions:
They claim your Apple ID, iPhone, or payment method is compromised
They pressure you to “verify” details like your Apple ID, card, or one-time passcodes
They try to get you to install remote access software or enable screen sharing
They attempt to steal money directly or push you into paying with gift cards
The porn-subscription theme is used because it creates an emotional reaction that overrides careful thinking.
Why scammers use a Pornhub subscription as the hook
This scam is engineered around human behavior. A porn subscription accusation triggers a predictable set of reactions:
Shock: “I did not buy that.”
Urgency: “I need to stop this now.”
Embarrassment: “I do not want anyone to see this.”
Silence: “I will handle this myself instead of asking for help.”
Scammers love silence. The less you talk to your bank, Apple, or a friend, the more time scammers have to control the situation.
It also works because it feels personal. A fake charge for “Apple Store” might be ignored by someone who thinks it could be a family purchase. A porn subscription claim feels more urgent and more “wrong,” which pushes people to call.
What the scam text usually looks like
A common version reads like this:
“An amount of USD $349.99 has been charged to your Apple account for a Pornhub subscription. If you did not authorize, contact Apple Support [phone number].”
The language is often slightly off. You may see odd spacing, weird capitalization, or unnatural phrasing such as “An amount of USD” instead of simply “You were charged.”
Scammers do this because they send the same template to thousands of numbers. They are not writing like Apple. They are writing like a bulk scam campaign.
Why the phone number is the biggest red flag
Apple does not send random billing texts that tell you to call a number embedded in the message.
Real companies want you to use official channels you can independently verify, such as:
Your Apple account settings
The Apple Support app
An official Apple support page accessed directly (not via a text link)
Your bank’s fraud department using the number on the back of your card
In this scam, the phone number is not Apple. It routes to a fake call center that pretends to be Apple Support, Apple Security, or a billing team.
If you call, you are walking into the scam’s main stage.
What Apple billing alerts actually look like
Apple typically communicates billing and subscription information through:
Email receipts from Apple (with recognizable formatting and order details)
Your purchase history inside your Apple account
Your subscription list inside Settings
Charges shown by your card issuer as Apple-related billing descriptors
Even then, you should not rely on a message alone. You verify by checking your account directly.
If you ever receive a billing alert, the safest approach is:
Check your Apple subscriptions
Check your Apple purchase history
Check your bank or card statement
Contact your bank using official contact details if something is unauthorized
Do not use phone numbers or links provided in a suspicious text.
How this turns into a tech support scam
The Apple Pornhub subscription alert is often a gateway into a broader “support” scam, the same type used in fake virus pop-ups and fake Microsoft warnings.
Once you call, scammers frequently claim:
Your iPhone has been hacked
Your Apple ID is under attack
Someone is using your Apple Pay or saved cards
Your device is infected with malware
Your financial accounts are at risk
Then they offer a solution that helps them, not you:
“We need to verify your identity.”
“We need to secure your device.”
“We need to reverse the charge.”
“We need remote access to complete the refund.”
Remote access is a major escalation point. It can lead to stolen credentials, bank theft, and account takeovers.
What scammers typically try to steal
Victims can lose money and accounts in multiple ways, including:
Apple ID credentials
One-time passcodes sent by SMS or authenticator apps
Banking logins and account access
Personal information used for identity theft
Gift card funds
Direct transfers via payment apps or bank transfers
This scam is not about a fake Pornhub subscription. That is just the bait. The real target is your money and your access.
Who is most at risk
This scam can hook anyone, but it tends to work especially well on people who:
Use iPhone and Apple services regularly
Have Apple Pay enabled or cards saved in Wallet
Are busy and respond quickly to urgent alerts
Are not familiar with how Apple handles billing disputes
Feel uncomfortable asking for help due to the porn angle
Scammers count on the victim wanting a quick, private resolution.
The biggest tell: payment disputes do not require remote access or gift cards
If the “support agent” you call asks for any of the following, it is a scam:
Remote access or screen sharing “to secure your account”
Your Apple ID password
Your one-time passcodes
Payment via gift cards
Payment via crypto
A bank transfer to “verify” your identity
A request to stay on the phone while you log in to banking
Apple does not handle billing disputes this way. Banks do not handle fraud this way. Legit support does not ask for gift cards.
How The Scam Works
This scam follows a predictable pattern. The exact script varies, but the structure is consistent.
Step 1: The text message creates panic and urgency
The first move is the message itself. It contains three psychological triggers:
A high charge amount like $349.99
A sensitive purchase like a porn subscription
A call-to-action telling you to call “Apple Support”
The goal is to get you to act before you verify anything.
Step 2: You call the number and reach a fake “Apple Support” desk
Once you call, you are connected to a scam call center. The person who answers usually:
Sounds confident and professional
Uses a common name or fake employee ID
Mentions “Apple Security” or “Billing Department”
Quickly confirms the “charge” described in the text
This is not proof the charge is real. They are reading from the same script you are.
Step 3: They build credibility with a fake case number and fake verification steps
To sound legitimate, scammers often do things like:
Assign a “case ID”
Put you on hold briefly to “check your account”
Ask for basic details (name, device type)
Repeat the amount and merchant line
Then they escalate the story with claims like:
“Your Apple ID is compromised.”
“Your account was used from another location.”
“There are multiple attempts, not just one.”
“We need to secure your device immediately.”
They are trying to turn a single fake charge into a full-blown emergency.
Step 4: They push you into “verification,” which is really data collection
Next comes the information grab. They may ask for:
Your Apple ID email address
Your phone number
Your billing ZIP code
The last digits of a card
A verification code sent to your phone
A common trick is asking for the one-time code that Apple or your bank sends. They will claim it is needed “to cancel the charge,” but that code can be used to log in to your account.
If you share one-time passcodes, you can lose control of your Apple ID or financial accounts quickly.
Step 5: They introduce remote access as the “solution”
If the scammer senses you are worried, they may push remote access.
They might say:
“We need to run a security scan.”
“We need to remove unauthorized profiles.”
“We need to process a refund to your account.”
“We must secure your Apple Pay wallet.”
Then they instruct you to install a remote support tool or enable screen sharing.
This is where the scam becomes dangerous. With visibility into your screen, they can:
Watch you type passwords
See bank balances
Direct you to transfer money
Capture personal information
Manipulate what you are seeing and doing
Even if they cannot fully control the device, screen access is often enough.
Step 6: The “refund” narrative appears
Many victims report a pivot into a refund storyline.
The scammer may claim:
The charge was placed by a hacker
They will reverse it immediately
They must “confirm your bank” to complete the refund
At this point, they often steer you toward logging into online banking or payment apps.
This is not to help you. It is to get you to move money.
Step 7: They attempt to extract money directly
Depending on the victim’s responses, scammers commonly attempt:
Unauthorized transfers if they gain access
Persuasion to transfer money to “secure accounts”
Pressure to pay “verification” fees
Requests for gift cards as a “secure payment method”
Gift cards are one of their favorite endgames because once the codes are redeemed, it is hard to recover funds.
Step 8: Gift cards are used as the “fast, private fix”
This is where the Pornhub angle becomes useful to the scammer again.
They may imply that gift cards:
Keep the situation “private”
Are required “because your bank is compromised”
Are needed “to activate a refund token”
Are needed “to validate your identity”
None of this is real.
If any “support agent” asks for gift cards, it is a scam. Full stop.
Step 9: They buy time to cash out
After they get information or money, scammers often try to delay you:
“Refunds take 24 to 48 hours.”
“Do not contact your bank yet, it will interrupt the process.”
“We already secured the account.”
They want you to wait because it gives them time to move money, redeem gift cards, or lock you out of accounts.
Step 10: Follow-up scams can continue
Once you engage, you may see additional attempts, including:
New texts with different charge amounts
Calls from “senior agents”
Emails claiming to confirm your refund
Fake “Apple” notifications to re-hook you
Scammers share and reuse phone numbers that respond. If you called once, you may be targeted again.
The Text Message and Common Variants
Below are examples of the scam text style used in the Apple Pornhub subscription scam. These are provided so readers can recognize and avoid them.
Example based on the common $349 script
An amount of USD $349.99 has been charged to your Apple account for a Pornhub subscription. If you did not authorize, Contact Apple Support at [phone number].
Variant 1: “Apple Security” framing
Apple Security Alert: Your Apple account was charged $349.99 for a Pornhub subscription. If this wasn’t you, call Apple Support now at [phone number].
Variant 2: “Authorization pending” wording
Apple Pay Notice: A payment authorization of $349.99 for Pornhub is pending. To cancel, contact Apple Support: [phone number].
Variant 3: “Account will be locked” pressure tactic
Apple ID Alert: Unusual activity detected. $349.99 Pornhub subscription charged. Call Apple Support immediately to prevent account suspension: [phone number].
Variant 4: “Refund department” angle
Apple Billing Refund Notice: Your Apple account was charged $349.99 for Pornhub. If unauthorized, call the Apple Refund Desk: [phone number].
Variant 5: Link-based companion scam
Apple Support: We detected a $349.99 charge for Pornhub. Verify to cancel: [suspicious link]Support: [phone number]
If you see any version of this, do not call the number. Verify charges through your Apple account and your bank directly.
What To Do If You Have Fallen Victim to This Scam
If you only received the text and did nothing, you can delete it and move on. If you called, clicked, shared details, or installed anything, use the steps below.
Stop contact immediately
Hang up if you are still on the phone.
Do not reply to any follow-up texts.
Block the sender number.
Check whether any real charge exists
Look at your card statement in your bank app.
Check your Apple purchase history and subscriptions.
If there is no matching charge, treat the text as pure bait.
If you called, assume your number is now a target
Expect more scam calls and texts.
Be extra skeptical of any “Apple” or “bank” outreach.
If you shared your Apple ID email or password, change it immediately
Change your Apple ID password.
Use a strong, unique password.
Enable or verify two-factor authentication on your Apple ID
Confirm trusted phone numbers.
Remove any devices you do not recognize.
If you shared any one-time passcodes, act fast
One-time codes can be used to log in and take over accounts.
Change Apple ID password and secure your email account immediately.
Secure your email account
Email is often the key to resetting other passwords.
Change your email password and enable two-factor authentication.
If you installed a remote access or screen-sharing app, remove it
Uninstall anything the caller asked you to install.
Restart your device after uninstalling.
Check for suspicious settings changes
Look for unknown profiles or device management settings.
Review installed apps and browser extensions for anything unfamiliar.
Contact your bank or card issuer using official contact info
Use the number on the back of your card or in the official banking app.
Ask them to review activity, block transactions, and replace cards if needed.
Dispute unauthorized charges immediately
The sooner you report fraud, the better the chance of recovery.
If you purchased gift cards or shared gift card codes
Contact the gift card issuer right away.
Keep receipts and card packaging.
Even if you think it is too late, try immediately.
Monitor your accounts for at least 30 days
Watch for small “test” charges.
Enable transaction alerts in your bank app.
Report the scam
Report the text as spam in your messaging app.
Report the number to your mobile carrier if possible.
Report the incident to your local consumer protection agency.
Do not blame yourself
These scams are designed to create urgency and embarrassment.
Fast, practical steps matter more than replaying the moment.
How to Verify Whether an Apple Charge Is Real
If you are unsure whether a charge is legitimate, use a method you control, not a number from a text.
Check these sources:
Your bank or card statement for the exact merchant descriptor and amount
Your Apple purchase history and subscriptions list in Settings
Email receipts from Apple (then verify by matching to your account history, not by clicking random links)
If you find an unauthorized charge:
Contact your card issuer through official channels
Cancel or dispute the transaction
Replace the card if needed
Secure your Apple ID and email account
Is Your Device Infected? Scan for Malware
If your computer or phone is slow, showing unwanted pop-ups, or acting strangely, malware could be the cause. Running a scan with Malwarebytes Anti-Malware Free is one of the most reliable ways to detect and remove harmful software. The free version can identify and clean common infections such as adware, browser hijackers, trojans, and other unwanted programs.
Malwarebytes works on Windows, Mac, and Android devices. Choose your operating system below and follow the steps to scan your device and remove any malware that might be slowing it down.
Malwarebytes for WindowsMalwarebytes for MacMalwarebytes for Android
Run a Malware Scan with Malwarebytes for Windows
Malwarebytes stands out as one of the leading and widely-used anti-malware solutions for Windows, and for good reason. It effectively eradicates various types of malware that other programs often overlook, all at no cost to you. When it comes to disinfecting an infected device, Malwarebytes has consistently been a free and indispensable tool in the battle against malware. We highly recommend it for maintaining a clean and secure system.
Download Malwarebytes
Download the latest version of Malwarebytes for Windows using the official link below. Malwarebytes will scan your computer and remove adware, browser hijackers, and other malicious software for free.
(The above link will open a new page from where you can download Malwarebytes)
Install Malwarebytes
After the download is complete, locate the MBSetup file, typically found in your Downloads folder. Double-click on the MBSetup file to begin the installation of Malwarebytes on your computer. If a User Account Control pop-up appears, click “Yes” to continue the Malwarebytes installation.
Follow the On-Screen Prompts to Install Malwarebytes
When the Malwarebytes installation begins, the setup wizard will guide you through the process.
You’ll first be prompted to choose the type of computer you’re installing the program on—select either “Personal Computer” or “Work Computer” as appropriate, then click on Next.
Malwarebytes will now begin the installation process on your device.
When the Malwarebytes installation is complete, the program will automatically open to the “Welcome to Malwarebytes” screen.
On the final screen, simply click on the Open Malwarebytes option to start the program.
Enable “Rootkit scanning”.
Malwarebytes Anti-Malware will now start, and you will see the main screen as shown below. To maximize Malwarebytes’ ability to detect malware and unwanted programs, we need to enable rootkit scanning. Click on the “Settings” gear icon located on the left of the screen to access the general settings section.
In the settings menu, enable the “Scan for rootkits” option by clicking the toggle switch until it turns blue.
Now that you have enabled rootkit scanning, click on the “Dashboard” button in the left pane to get back to the main screen.
Perform a Scan with Malwarebytes.
To start a scan, click the Scan button. Malwarebytes will automatically update its antivirus database and begin scanning your computer for malicious programs.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now scan your computer for browser hijackers and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check the status of the scan to see when it is finished.
Quarantine detected malware
Once the Malwarebytes scan is complete, it will display a list of detected malware, adware, and potentially unwanted programs. To effectively remove these threats, click the “Quarantine” button.
Malwarebytes will now delete all of the files and registry keys and add them to the program’s quarantine.
Restart your computer.
When removing files, Malwarebytes may require a reboot to fully eliminate some threats. If you see a message indicating that a reboot is needed, please allow it. Once your computer has restarted and you are logged back in, you can continue with the remaining steps.
Once the scan completes, remove all detected threats. Your Windows computer should now be clean and running smoothly again, free of trojans, adware, and other malware.
If your current antivirus allowed this malicious program on your computer, you may want to consider purchasing Malwarebytes Premium to protect against these types of threats in the future. If you are still having problems with your computer after completing these instructions, then please follow one of the steps:
Malwarebytes for Mac is an on-demand scanner that can destroy many types of malware that other software tends to miss without costing you absolutely anything. When it comes to cleaning up an infected device, Malwarebytes has always been free, and we recommend it as an essential tool in the fight against malware.
Download Malwarebytes for Mac.
You can download Malwarebytes for Mac by clicking the link below.
When Malwarebytes has finished downloading, double-click on the setup file to install Malwarebytes on your computer. In most cases, downloaded files are saved to the Downloads folder.
Follow the on-screen prompts to install Malwarebytes.
When the Malwarebytes installation begins, you will see the Malwarebytes for Mac Installer which will guide you through the installation process. Click “Continue“, then keep following the prompts to continue with the installation process.
When your Malwarebytes installation completes, the program opens to the Welcome to Malwarebytes screen. Click the “Get started” button.
Select “Personal Computer” or “Work Computer”.
The Malwarebytes Welcome screen will first ask you what type of computer are you installing this program, click either Personal Computer or Work Computer.
Click on “Scan”.
To scan your computer with Malwarebytes, click on the “Scan” button. Malwarebytes for Mac will automatically update the antivirus database and start scanning your computer for malware.
Wait for the Malwarebytes scan to complete.
Malwarebytes will scan your computer for adware, browser hijackers, and other malicious programs. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Quarantine”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes has detected. To remove the malware that Malwarebytes has found, click on the “Quarantine” button.
Restart computer.
Malwarebytes will now remove all the malicious files that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your computer.
After scanning, delete any detected threats. Your Mac should now be free from adware, unwanted extensions, and other potentially harmful software.
If your current antivirus allowed a malicious program on your computer, you might want to consider purchasing the full-featured version of Malwarebytes Anti-Malware to protect against these types of threats in the future. If you are still experiencing problems while trying to remove a malicious program from your computer, please ask for help in our Mac Malware Removal Help & Support forum.
Run a Malware Scan with Malwarebytes for Android
Malwarebytes for Android automatically detects and removes dangerous threats like malware and ransomware so you don’t have to worry about your most-used device being compromised. Aggressive detection of adware and potentially unwanted programs keeps your Android phone or tablet running smooth.
Download Malwarebytes for Android.
You can download Malwarebytes for Android by clicking the link below.
In the Google Play Store, tap “Install” to install Malwarebytes for Android on your device.
When the installation process has finished, tap “Open” to begin using Malwarebytes for Android. You can also open Malwarebytes by tapping on its icon in your phone menu or home screen.
Follow the on-screen prompts to complete the setup process
When Malwarebytes will open, you will see the Malwarebytes Setup Wizard which will guide you through a series of permissions and other setup options. This is the first of two screens that explain the difference between the Premium and Free versions. Swipe this screen to continue. Tap on “Got it” to proceed to the next step. Malwarebytes for Android will now ask for a set of permissions that are required to scan your device and protect it from malware. Tap on “Give permission” to continue. Tap on “Allow” to permit Malwarebytes to access the files on your phone.
Update database and run a scan with Malwarebytes for Android
You will now be prompted to update the Malwarebytes database and run a full system scan.
Click on “Update database” to update the Malwarebytes for Android definitions to the latest version, then click on “Run full scan” to perform a system scan.
Wait for the Malwarebytes scan to complete.
Malwarebytes will now start scanning your phone for adware and other malicious apps. This process can take a few minutes, so we suggest you do something else and periodically check on the status of the scan to see when it is finished.
Click on “Remove Selected”.
When the scan has been completed, you will be presented with a screen showing the malware infections that Malwarebytes for Android has detected. To remove the malicious apps that Malwarebytes has found, tap on the “Remove Selected” button.
Restart your phone.
Malwarebytes for Android will now remove all the malicious apps that it has found. To complete the malware removal process, Malwarebytes may ask you to restart your device.
When the scan is finished, remove all detected threats. Your Android phone should now be free of malicious apps, adware, and unwanted browser redirects.
If your current antivirus allowed a malicious app on your phone, you may want to consider purchasing the full-featured version of Malwarebytes to protect against these types of threats in the future. If you are still having problems with your phone after completing these instructions, then please follow one of the steps:
Restore your phone to factory settings by going to Settings > General management > Reset > Factory data reset.
After cleaning your device, it’s important to protect it from future infections and annoying pop-ups. We recommend installing an ad blocker such as AdGuard. AdGuard blocks malicious ads, prevents phishing attempts, and stops dangerous redirects, helping you stay safe while browsing online.
The Bottom Line
The Apple $349 charge text scam uses a fake Pornhub subscription to trigger panic, embarrassment, and urgency. The phone number is the trap. If you call, you are connected to a fake support center that may claim your device is hacked, push remote access, demand one-time codes, and pressure you into sending money or gift card codes.
If you receive this text, do not call the number. Verify any charge using your Apple account and your bank directly. If you already engaged, cut contact, secure your Apple ID and email, contact your bank through official methods, and monitor your accounts closely.
FAQ
Is the “$349.99 Pornhub subscription charged to your Apple account” text real?
No. This is a scam text designed to make you panic and call a fake “Apple Support” number. Apple does not send random SMS alerts demanding you call a number to stop a charge.
Why does the scam mention Pornhub?
Because it triggers urgency and embarrassment. Scammers know many people will act fast, avoid asking for help, and stay on the phone longer when the message feels personal or humiliating.
Can Apple Pay or my Apple account actually be charged by a text message?
No. A text message cannot charge your account. The scam text is only a lure. The real danger begins if you call the number, click a link, or share codes and account details.
What should I do if I receive this text but did nothing?
Delete it and block the sender. Then verify your accounts the safe way:
Check your bank or card statement in your official banking app
Check your Apple purchase history and subscriptions in Settings If you see no real charge, you are fine.
How can I check if an Apple charge is legitimate?
Use official sources you control:
Your bank or credit card statement
iPhone Settings → your Apple ID → Subscriptions (and purchase history) If you still cannot identify a charge, contact your card issuer using the number on the back of your card.
Should I call the “Apple Support” number in the message?
No. That number belongs to the scammers. Calling it connects you to a fake tech support center trained to pressure you into giving access or money.
What happens if I call the number?
Typically, the scammer claims your Apple ID or device is compromised and tries to:
Get you to share personal info or one-time passcodes
Convince you to install remote access or screen-sharing tools
Push you into sending money or buying gift cards and reading the codes
Will Apple ever ask me to install remote access software or share my screen?
No. If anyone claiming to be Apple asks for remote access, screen sharing, or one-time passcodes, it is a scam.
What if I clicked a link or shared a verification code?
Treat it as a real security incident:
Change your Apple ID password immediately
Secure your email account (change password and enable two-factor authentication)
Review trusted devices on your Apple ID and remove anything unfamiliar
Watch for account login alerts or password reset emails
What if I gave the scammer remote access to my computer or phone?
Act quickly:
Disconnect from the internet (WiFi/cellular) if needed
Uninstall any remote access apps they told you to install
Run a security scan on computers involved
Change passwords from a different, trusted device
Contact your bank if you logged into banking during the call
What if I bought gift cards and gave them the codes?
Contact the gift card issuer immediately and keep all receipts. Sometimes funds can be frozen if the code has not been fully redeemed, but you must act fast.
I did not see a $349 charge on my bank statement. Does that mean I am safe?
It usually means the message was pure bait. The scammers often invent charges to provoke a call. Still, it is smart to monitor your card for the next few days and enable transaction alerts.
Why do scammers pick amounts like $349.99?
Because it feels serious but believable. It is high enough to cause panic, yet not so high that it seems obviously fake. Also, amounts ending in .99 look like real billing.
Can Apple or Pornhub confirm whether a subscription exists?
You do not need to contact Pornhub for this scam text. Check your Apple subscriptions list and your bank statement. If there is no transaction, it is just a scam lure.
How do I report this scam text?
You can:
Mark the message as junk/spam in your messaging app
Block the sender number
Report the scam to your mobile carrier (many accept forwarded spam texts)
Report it to consumer protection agencies in your country
How can I prevent these texts in the future?
The best protection is behavior and basic controls:
Do not call numbers or click links from unexpected billing texts
Use two-factor authentication on Apple ID and email
Keep devices updated
Turn on bank transaction alerts
Consider call filtering and spam blocking features from your carrier
10 Rules to Avoid Online Scams
Here are 10 practical safety rules to help you avoid malware, online shopping scams, crypto scams, and other online fraud. Each tip includes a quick “if you already got hit” action.
Stop and verify before you click, log in, download, or pay.
Most scams win by creating urgency. Verify using a trusted method: type the website address yourself, use the official app, or call a known number (not the one in the message).
If you already clicked: close the page, do not enter passwords, and run a malware scan.
Keep your operating system, browser, and apps updated.
Updates patch security holes used by malware and malicious ads. Turn on automatic updates where possible.
If you saw a scary “update now” pop-up: close it and update only through your device settings or the official app store.
Use layered protection: antivirus plus an ad blocker.
Antivirus helps block malware. An ad blocker reduces scam redirects, phishing pages, and malvertising.
If your browser is acting weird: remove unknown extensions, reset the browser, then run a full scan.
Install apps, software, and extensions only from official sources.
Avoid cracked software, “keygens,” and random downloads. During installs, choose Custom/Advanced and decline bundled offers you do not recognize.
If you already installed something suspicious: uninstall it, restart, and scan again.
Treat links and attachments as untrusted by default.
Phishing often impersonates delivery services, banks, and popular brands. If it is unexpected, do not open attachments or log in through the message.
If you entered credentials: change the password immediately and enable 2FA.
Shop safely: research the store, then pay with protection.
Be cautious with brand-new stores, “closing sale” stories, and prices that make no sense. Prefer credit cards or PayPal for dispute options. Avoid wire transfers, gift cards, and crypto payments.
If you already paid: contact your card issuer or PayPal quickly to dispute the transaction.
Crypto rule: never pay a “fee” to withdraw or recover money.
Common patterns include fake profits, then “tax,” “gas,” or “verification” fees. Another is a “recovery agent” who demands upfront crypto.
If you already sent crypto: stop paying, save evidence (wallet addresses, TXIDs, chats), and report the scam to the platform used.
Secure your accounts with unique passwords and 2FA (start with email).
Use a password manager and unique passwords for every account. Enable 2FA using an authenticator app when possible.
If you suspect an account takeover: change passwords, sign out of all devices, and review recent logins and recovery settings.
Back up important files and keep one backup offline.
Backups protect you from ransomware and device failure. Keep at least one backup on an external drive that is not always connected.
If you suspect infection: do not connect backup drives until the system is clean.
If you think you are a victim: stop losses, document evidence, and escalate fast.
Move quickly. Speed matters for disputes, account recovery, and limiting damage.
Stop payments and contact: do not send more money or respond to the scammer.
Call your bank or card issuer: block transactions, replace the card if needed, and start a dispute or chargeback.
Secure your email first: change the email password, enable 2FA, and remove unfamiliar recovery options.
Secure other accounts: change passwords, enable 2FA, and log out of all sessions.
Scan your device: remove suspicious apps or extensions, then run a full malware scan.
Save evidence: screenshots, emails, order pages, tracking pages, wallet addresses, TXIDs, and chat logs.
Report it: to the payment provider, marketplace, social platform, exchange, or wallet service involved.
These rules are intentionally simple. Most online losses happen when decisions are rushed. Slow down, verify independently, and use payment methods and account controls that give you recourse.
Thomas is an expert at uncovering scams and providing in-depth reporting on cyber threats and online fraud. As an editor, he is dedicated to keeping readers informed on the latest developments in cybersecurity and tech.
