Scammers have many ways they try to trick you. Know what to look for.

Scams are a common way that cybercriminals compromise accounts. Knowing the common types of scams and ways scammers trick people could save you from becoming a victim.

If you think you are a victim of a scam

If you think you have seen a scam or fallen victim, go visit National Anti-Scam Centre - Scamwatch.

If you have experienced information or financial loss as a result of a scam, report it to ReportCyber.

Invoice fraud

This is when criminals compromise or impersonate a vendor’s email account. They can then change the bank details on the company's invoices. The customer pays the invoice, thinking they are paying the vendor, but instead send that money to criminals’ bank accounts. 

For more information, read our advice on business email compromise.

Phishing emails and texts 

Phishing is a way cybercriminals trick you into giving them personal information. They do this by sending fake emails or text messages that look like they come from a person or organisation you trust. These scams could include a link to a fake login page or attachment. If you fall for it, you could lose money and access to your accounts, or even have your identity stolen. An example of this would be receiving an email with a link to a fake bank website asking for your login details. Giving this away could compromise your accounts.

Remote access scams

Remote access scams are when a malicious actor gain access to your system or device from another location. This could be done with your help, after tricking or convincing you to click on their link or download software to give them access. For example, someone claiming to be a tech specialist may request access to your system to help you with troubleshooting issues that do not exist, in order to access your device.

Identity theft

Identity theft is where a cybercriminal extracts or gains access to your personal documents such as your passport, licence, birth certificate or even a photo of you on your electronic device or emails, to steal your identity. This could allow them to withdraw money from your financial accounts, or apply for a new credit card or bank loans in your name.

Threats and extortion 

These scams use threats to frighten you into giving away money. It can include threats to your life, arrests or deportation. Scammers have been known to target vulnerable people like elderly or migrants. For example, they may pretend to be government officials from the Department of Home Affairs or the Australian Federal Police, and tell you that there are problems with your visa or immigration papers, threatening to deport you unless fees are paid. Another common scam is when cybercriminals pretend to be from the Australian Taxation Office, and ask for payment for outstanding tax debts. They will threaten arrest or legal action if you do not comply.

Dating and romance scams 

Cybercriminals target victims on dating websites and apps pretending to be other people. Scammers start the relationship with their victim on the website or app before moving the conversation to a more 'private' channel. This is to move away from the protections that dating sites put in place. Cybercriminals can easily manipulate their victims on other channels like email or text. They create fake profiles online or take the identities of real people. Cybercriminals try to quickly build a relationship, and then ask for money, gifts or information.

Investment or cryptocurrency scams

Cybercriminals entice victims into investing money in schemes which may offer high and quick returns. This type of scam is typically a time-sensitive offer to pressure you into making a decision fast.    

Other types of scams

For information on other types of scams, visit National Anti-Scam Centre - Scamwatch.

What to do if you think you've been scammed

  • Report the scam via Scamwatch

  • Report the scam account to the social media or other platform which they used to engage with you. 

  • If it looks like a scammer is impersonating an Australian business, contact the fair trading organisation in your state or territory.

  • Immediately report the transaction(s) to your bank or financial institution. 

  • Complete a report through ReportCyber.  

  • Stop all communication with the offender.  

  • Report the scam account to the social media or other platform they used to engage with you. 

  • Change your passwords to secure your online accounts. Visit idcare.org for advice on securing your accounts online.

  • Contact your financial institution to secure your financial accounts. 
  • Contact any other services that use your personal identity documents (i.e. ATO or Services Australia) to secure your accounts. 

  • Report through ReportCyber

  • Change the passwords to any other accounts which you think the scammer may have accessed or to which they now have access. This could include banking, superannuation and email accounts. Look at our checklist to secure online accounts. 

  • Secure your social media and other personal accounts.  

  • Contact a credit reporting agency to see if any attempts to open accounts in your name have been made.  

  • Check idcare.org for advice on securing your accounts online. 

Was this information helpful?

Thanks for your feedback!

Optional

Tell us why this information was helpful and we’ll work on making more pages like it