Free checklist
Digital Red Flags Checklist
Use this before you click, call, enter a password, approve a login, or send money. It is designed for normal people in a stressful moment — not cybersecurity theatre.
Print / PDF
Before you act, check these six things
- Pause before the action
Why it matters: Scams create urgency so the click, call, payment, or login feels automatic.
Safer move: Stop for one minute. If the page says you must act now, treat that pressure as a warning sign.
- Do not use links or numbers from the message
Why it matters: Fake texts, popups, emails, and chats often route you to the scammer’s page or phone line.
Safer move: Open the official app, saved bookmark, or a contact method you already trusted before the message arrived.
- Check what the page is asking for
Why it matters: Many scams are not about the first screen. They want passwords, card details, bank changes, notification permission, remote access, or gift cards.
Safer move: If the request feels unusual for the situation, close it and verify through an independent channel.
- Never share one-time codes or approve unknown logins
Why it matters: A real support person should not need your 2FA code, banking code, or login approval prompt.
Safer move: Reject unknown approvals, change the password from the official site, and check recent account activity.
- Verify payment changes outside the thread
Why it matters: Invoice and marketplace scams often use a real-looking conversation but swap the payment route.
Safer move: Use a saved phone number or known contact channel. Do not trust bank details sent inside a suspicious message.
- If you already clicked, reduce damage first
Why it matters: The next safe step depends on what you entered or approved, not on the scam name.
Safer move: Close the page, do not download anything, change exposed passwords, block cards if payment details were entered, and preserve evidence.