Scams are a common way that cybercriminals compromise accounts
Being alert to scam messages is a great way to protect yourself online. These 'scammers' may try to compromise your business, workplace or university accounts.
Scammers often use email, text messages, phone calls and social media. Their goal is to scam people into paying money or giving away their personal information. They will often pretend to be a person or organisation you trust.
Don’t fall for scams in two steps
First, check if it is a scam
- Know what to look for. View common types of scams such as dating scams, investment scams, phishing emails and text, or invoice fraud.
- Go direct to a source you can trust. Visit the official website, log in to your account, or call their phone number. Don't use the links or contact details in the message or given to you on the phone.
- Check what the official source says about what details they might request from you. Often companies or government agencies will say what they will and will not ask you online or over the phone. For example, the bank may tell you that they will never ask for your password. If someone claiming to be from the bank then asks you for your password, you know it is likely a scam.
Then, if you still think it’s a scam
- Don’t click on links, open any attachments or reply to requests. Scam messages may try and trick you into giving out your personal information. A scammer might ask for your bank account details, passwords or credit card numbers. They may also ask you to download files, software, or allow remote access to your computer.
- Contact your bank. Contact your financial institution if you think your credit cards or bank account may be at risk. They may be able to close your account or stop a transaction.
- Refer to Scamwatch. If you get a scam message or phone call, you should ignore it and report it to ACCC’s Scamwatch.
- Report a cybercrime or security incident on ReportCyber. Your help keeps Australia secure.
Common things scammers do to trick you
Is the message claiming to be from someone official?
Like your bank, a government department, a utility company, your doctor or a solicitor. Criminals pretend to be important people or organisations to trick you into doing what they want.
Are you told you have a limited time to respond?
For example, 'within 24 hours' or 'immediately'. Criminals often threaten you with fines or other negative consequences.
Does the message make you panic, fearful, hopeful or curious?
Scammers use threatening language, make false claims of support, or tease you into wanting to find out more.
Is the message offering something that seems too good to be true?
Like concert tickets, money or a cure for medical conditions? Fear of missing out on a good deal or opportunity can make you respond quickly.
Are you expecting to see a message like this?
To make their scam seem more real, criminals can exploit current news stories and events. For example, some scammers pretend to be from the tax office at tax time to make their scam seem more relevant.
Want more on email scams?
Visit our phishing emails page for more information. You can also read our Detecting Socially Engineered Messages publication to learn about other ways cybercriminals may target you.