Scams are a common way that cybercriminals compromise accounts
Being alert to scam messages is a great way to protect yourself online. These 'scammers' may try to compromise your business, workplace or university accounts.
Scammers often use email, text messages, phone calls and social media. Their goal is to scam people into paying money or giving away their personal information. They will often pretend to be a person or organisation you trust.
Don’t fall for scams in two steps
First, check if it is a scam
- Know what to look for. View common types of scams such as dating scams, investment scams, phishing emails and text, or invoice fraud.
- Go direct to a source you can trust. Visit the official website, log in to your account, or call their phone number. Don't use the links or contact details in the message or given to you on the phone.
- Check what the official source says about what details they might request from you. Often companies or government agencies will say what they will and will not ask you online or over the phone. For example, the bank may tell you that they will never ask for your password. If someone claiming to be from the bank then asks you for your password, you know it is likely a scam.
Then, if you still think it’s a scam
- Don’t click on links, open any attachments or reply to requests. Scam messages may try and trick you into giving out your personal information. A scammer might ask for your bank account details, passwords or credit card numbers. They may also ask you to download files, software, or allow remote access to your computer.
- Contact your bank. Contact your financial institution if you think your credit cards or bank account may be at risk. They may be able to close your account or stop a transaction.
- Refer to Scamwatch. If you get a scam message or phone call, you should ignore it and report it to ACCC’s Scamwatch.
- Report a cybercrime or security incident on ReportCyber. Your help keeps Australia secure.
Learn the common tricks that scammers use to steal your money or personal details. If it seems fishy, there's a good chance it is.
Case study: The importance of recognising common scams
A young couple's plan to start a family was crushed when they lost their entire life savings to a banking scam.
It all began when James got a text from a ridesharing company asking him to go to a website to update his credit card details. Later, James got a text from his bank saying scammers were trying to take $5500 from his account. The message, which told him to call the bank’s security team, appeared to be from his bank.
But James was unaware that scammers could disguise their number as the number of a real business. He had no reason to think it was a scam since the text was in the same thread as other messages from his bank.
The scammer told him to open a new bank account and move his money there to protect it. James followed the instructions and after three days $90,000 was gone. The couple tried to get their money back, but the bank agreed to pay only $3000 as compensation for the loss.
This case shows why it's important to be aware of common scams.
To protect your accounts, avoid visiting unusual links. If you're asked to transfer a lot of money, or if you notice strange activity on your account like a payment you didn’t make, go straight to a trusted source. For example, you can visit your bank in person.
If you have any doubts about a message or call, contact the organisation or login through their official website. Don’t use the links or contact details in the message. Be aware, scammers can disguise their name so they appear to be someone you have saved in your contacts, like "mum" or "dad".
The Australian Signals Directorate’s Australian Cyber Security Centre is here to help all Australians affected by cyber incidents. Call our hotline 24/7 on 1300 CYBER1 (1300 292 371) if you need help or go to ReportCyber.
Common things scammers do to trick you
Is the message claiming to be from someone official?
Like your bank, a government department, a utility company, your doctor or a solicitor. Criminals pretend to be important people or organisations to trick you into doing what they want.
Are you told you have a limited time to respond?
For example, 'within 24 hours' or 'immediately'. Criminals often threaten you with fines or other negative consequences.
Does the message make you panic, fearful, hopeful or curious?
Scammers use threatening language, make false claims of support, or tease you into wanting to find out more.
Is the message offering something that seems too good to be true?
Like concert tickets, money or a cure for medical conditions? Fear of missing out on a good deal or opportunity can make you respond quickly.
Are you expecting to see a message like this?
To make their scam seem more real, criminals can exploit current news stories and events. For example, some scammers pretend to be from the tax office at tax time to make their scam seem more relevant.
Want more on email scams?
Visit our phishing emails page for more information. You can also read our Detecting Socially Engineered Messages publication to learn about other ways cybercriminals may target you.