Wikipedia:Avoid scams

From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

Scams are attempts to gain someone's confidence to win personal information. Wikipedia is a site, and, like any other sites, scammers can attempt to gain confidential information by pretending to be Wikipedia. This page is intended to help you protect yourselves against common scams.

Common scams[edit]

Some common scams for any site include:

  • "You have won x lottery"
  • "You need to reenter your username and password to continue using site x."
  • "Your account has been hacked and you need to verify your identity by clicking on this link."

You have not won the lottery[edit]

You did not win the lottery. Neither Wikipedia nor Wikimedia runs any lotteries. Do not reply back with your personal details.

You can only win the lottery by purchasing a lottery ticket, so do not fall for scams that use the names of lottery companies maliciously.

Verify the link[edit]

One common trick that scammers use is writing out the link as it would appear if the email was legitimate. When you hover your cursor, if the link in the bottom left of your browser does not match the link that your cursor is hovering over, then the email is likely a scam.


Dear Wikipedian,

There is a problem with your acount. It may be suseptible to hacking, so we emailed you. Note that hacked accounts may be blocked indefinitely to prevent disruption. To get back in, then click on this link:

After you get back in, we recomend that you change your pasword to prevent further hacking.


The Wikimedia Foundation

In the above email, there are several misspellings, including account, password, susceptible, and recommend. Also, if you hover your cursor over the link, you will see that the link directs to and not, which is one bad sign. Sometimes, scammers use links that look very identical to actual sites, such as These are very hard to identify since our eyes naturally see, which sounds promising. However, at second glance, you realize that you are being directed to, which is likely a hacking site! If you just straight up clicked on the link, any of the following would happen:

  • A popup may appear that prompts you to "fix your computer". There is no way to close the popup, forcing you to click on it. When you click on it, you voluntarily install adware, viruses, Trojans, or rootkits.
  • The site exploits your browser to install malware.
  • The site appears normal, but when you submit your username and password, hackers compromise your account.

Imagine what all this would mean! Now, they can add any malicious scripts to your userspace, abuse administrator privileges if you are an administrator, or attempt to scam other Wikipedians by abusing the email feature. If you were good about hovering your cursor, then you would have avoided all this trouble!

If you lose control of your Wikipedia account to a hacker or scammer[edit]

Report it to administrators immediately. The longer you wait to report it, the more disruption that can occur on Wikipedia. See this page for more information about user account security.

To report a scam[edit]

You can typically click a flag icon located in the toolbar, or choose "Mark as spam"

Use your government agency's scam report form to alert about common scams.

You can also report email scams to your provider. Follow these steps

  1. Click on the report button under more options or on the email status bar.
  2. Choose from the drop-down what is wrong with the email
  3. Finalize the email report.

See also[edit]