Tips to avoid getting scammed

Scammers are using the spread of coronavirus to take advantage of people across Australia, and some are targeting retirees in particular. There’s been a surge in scam reports since May 2020, with over $23.5 million lost this year alone by over 65s. The best way to avoid getting scammed is to know what to look out for – so let’s talk about real-life examples so you can keep yourself, your finances and your personal identity safe.

What is a scam?

In short, a scam is an attempt to trick you into handing over personal information. You could be targeted over the phone, by email, by text message, or via social media. A scammer will try to gain your trust and will often impersonate real and trusted organisations or people. They also try to create a sense of urgency and will play on your emotions. There are countless types of scams but we’ll go through three of the most common – phishing, hacking, and remote access scams.

Phishing

Phishing is just what it sounds like, with scammers trying to ‘fish’ for your personal information.

How? Scammers will call, email or send you a text message. They will pretend to be from a reputable organisation or government agency.

Who? Scamwatch, run by the Australian Competition and Consumer Commission (ACCC), has received reports of scammers pretending to be from the Department of Health, MyGov, the Australian Taxation Office and Westpac, to name a few.

What to look out for?

• Scammers will try to trick you into providing personal information, such as your full name, date of birth, postal address, email address, drivers licence number, Medicare number or superannuation details.
• Messages might look and sound legitimate but the communication will contain malicious links or attachments.
• Phishing emails and text messages might seem to offer valuable information. There have been reports of scams offering information about local COVID-19 cases, a tax refund or financial subsidy. Others will ask you to click on a link to update or verify your personal details.

TIP: If in doubt, don’t proceed. Remember, government agencies will never ask you to reply with personal details over email or text message.

Hacking

Scammers use the latest technology to break (or ‘hack’) into your computer or mobile device. With almost 70% of older Australians now owning a smartphone, this is a key scam to look out for.

How? Scammers will email you, send you a social media message, or even target you via a pop-up ad. They will try to convince you to click on a link by offering an interesting news story or free download, movie or video.

What to look out for?

• If you click on a hyperlink, the site might look legitimate with logos, disclaimers and branding, but you’ll be asked to download special software to access the ‘free’ content. Unfortunately, this allows scammers to install software on your computer.
• Once scammers have hacked your computer or mobile device, they can access your files, steal your personal information, change your passwords and even restrict access to your system.

Remote access scams

As well as remaining cautious of emails, texts and social media messages, be aware that some scammers will initially target you via a phone call. 

How? During COVID-19, over 50% of scams have so far originated with a phone call.

NOTE: Scammers can still target you even if your number is on the Do Not Call register.

Who? Scammers will pretend to be from a reputable company like Telstra, the NBN or Microsoft. They will try to convince you that you a have a problem with your computer or internet, and may claim that your computer has been sending error messages, your computer has a virus or there’s a problem with your internet connection or phone line.

What to look out for?

• The scammer will suggest they need to be given remote access to your computer to identify the problem.
• They might suggest you need to buy software or sign up to a service to ‘fix’ the problem, or ask for your personal information or credit card details.
• There have been reports that scammers are targeting vulnerable Australians, pretending to be from a telecommunications company, a government agency such as the Department of Home Affairs, or from a parcel delivery company. They will try to convince you to give up personal information and, if successful, use a legitimate application like Team Viewer to access your device and your bank accounts.

10 tips to avoid getting scammed:

1. If you receive an unsolicited call or message asking for personal or financial details, don’t provide any information, even if they claim to be from a real organisation. A reputable organisation wouldn’t contact you out of the blue looking for personal information so don’t worry about appearing rude – it’s ok to hang up.

2. If you suspect you’ve received a scam message, contact the organisation directly to see if they sent it.

3. Never give personal, credit card or bank details over the phone to an unsolicited caller.

TIP: Look up the number for the company in the phone book or online rather than taking a number from the caller or message. Contact the organisation directly to see if they need information from you.

4. Don’t click on links in emails, texts or social media messages asking you to verify your details, even if it looks genuine and appears to come from a legitimate source.

5. Don’t open attachments in emails or social media messages from strangers.

TIP: Try to hover your mouse over the URL so you can see the full web address before you click. If in doubt, delete the message.

6. Never follow a hyperlink to give personal or financial details. Instead, type the organisation address directly into your browser.

7. Keep your computer security up-to-date with anti-virus and anti-spyware software, as well as a good firewall.

8. Change your passwords often, don’t write them down and don’t choose something that could be easily guessed. Use two-factor authentication for extra security.

9. Never give a stranger remote access to your computer, even if they claim to be from Telstra, the NBN or another trusted organisation.

10. When shopping online, look for https before the URL (rather than http) and a padlock icon in the address bar. This generally indicates a secure connection. However, be mindful that some sophisticated cybercriminals use https too, so this isn’t a failsafe check.

Useful links

Register to receive alerts about recent online threats from the Australian Cyber Security Centre (ACSC).

The ACSC has further ideas for how you can protect yourself from further harm.

If a scammer has accessed your device, report it to ReportCyber and immediately let your bank know the situation, as they may be able to freeze your accounts temporarily.

Test yourself

• Can you spot a scam phishing message? Test your knowledge with this interactive quiz from the ACSC or these real-life examples from Scamwatch. This will help you identify red flags and suspicious signs.
• Have a cuppa and learn more about scams at the same time, over this crossword from Scamwatch.