Frequently Asked Questions
on Cybersecurity
We’ve curated these questions to address both current threats and timeless risks. Feel free to share this page (or our Secure the Basics starter guide) with anyone who could benefit.
What are the most common online scams targeting small businesses and creators today?
Small businesses and creators are increasingly targeted by scammers who exploit their growth and visibility. Here are the most common scams you should watch out for:
Business Email Compromise
Scammers impersonate trusted contacts—such as suppliers, clients, or even your own team—to request urgent payments or confidential data. Example: A fake invoice email claiming a change in payment details redirects funds to a scammer's account
Social Media Takeover
Hackers use phishing emails or malicious links to compromise accounts, locking you out and demanding ransom. For influencers, this can mean loss of followers and revenue.
Fake Collaboration Requests or Service Provider Scams
Scammers send invitations for partnerships, requesting upfront fees or access to your social media platforms. Occasionally these also take the form of digital marketing firms, SEO experts, etc. who offer services to boost visibility or to fix urgent issues they find with your site.
These scams often target creators, exploiting their desire for growth. Often result in payments for non-existent services or stolen credentials.
Phishing Emails
Emails mimicking official platforms (like your payment gateway or hosting provider) urge you to verify information or reset passwords via fake links. Once you enter details, hackers gain access.
Ransomware Attacks
Small businesses are prime targets for ransomware, where hackers encrypt files and demand payment to unlock them. Regularly back up your data to minimize the impact.
Fake Advertising or Sponsorship Scams
Scammers promise high ROI ads or lucrative sponsorship deals. Payments are taken upfront, but the promised results or services never materialize.
Ensure you've taken these very basic steps to protect yourself
-
Always verify requests for payment or credentials through trusted channels.
-
Use strong passwords and enable two-factor authentication for all accounts.
-
Keep software updated, and invest in security tools like firewalls and antivirus programs.
For comprehensive tips, guides, and tools, check out our PurpleHawk Protect bundle, designed specifically for small businesses and creators.
What are red flags to identify fake tech support calls, emails or pop-ups?
Fake tech support scams are designed to scare you into handing over money or access to your devices. Here’s how to spot them:
-
Did they reach out first? Calls or pop-ups claiming your device has an issue you didn’t report. Legitimate companies like Microsoft or Apple rarely contact users proactively about technical problems.
-
Are they saying it's absolutely urgent? Messages use fear, like “Your device is infected!” or countdown timers, to rush you into action. They may claim your system will stop working or your data is at risk.
-
Remote Access is a big no-no! Scammers ask you to install remote access software like TeamViewer or AnyDesk, giving them control over your system.
-
Beware the moment they say Crypto or Gift Card: Payment requests in gift cards, cryptocurrency, or wire transfers are a major red flag. Legitimate support never asks for these methods.
-
Pay particular attention to design or language: Pop-ups or emails could have typos, bad grammar, or odd visuals.
Ignore and close the message or hang up the call. Avoid clicking any links or downloading files. If you’re worried, contact the company directly through their official website.
Are scammers using AI mimic voices or emails of people I trust?
How do they do it?
Unfortunately, yes. Scammers can now mimic voices and emails with alarming accuracy using advanced technology like AI. This is especially concerning as it allows them to impersonate people you know (friends, family, or even colleagues) and trick you into sharing sensitive information or sending money.
How They Mimic Voices
Using AI tools trained on just a short audio sample (like a voicemail or video), scammers can create a convincing replica of someone’s voice. They use this to call victims, often pretending to be a family member in trouble, asking for urgent help. For instance, in 2024, there were cases where parents were targeted by scammers mimicking their children’s voices to request emergency money.
How They Mimic Emails
Fake emails are crafted to look exactly like legitimate ones from trusted sources, using logos, names, and similar email addresses (e.g., “john.smith@company.com” vs. “john_smith@compamy.com”). With these, they may request payments, login credentials, or click on harmful links.
How to Stay Safe:
- Always verify unusual requests, even if they seem urgent. Call or text the person directly to confirm.
- Double-check email addresses for subtle misspellings.
- Be cautious with any request involving sensitive information or money.
To learn more about spotting these scams and protecting yourself, explore PurpleHawk Protect bundle, which includes detailed guides, examples, and step-by-step protection tips!