Check it before
you click it
Always be alert to scams
View Latest Scam Updates here
Stay on top of important scam news and information and tips to protect yourself and your finances.
Background
The National Anti-Scam Centre (NASC) is warning Australians that scammers have been impersonating phone numbers belonging to the Australian Competition and Consumer Commission (ACCC) in an attempt to steal personal information.
The ACCC and the NASC (which operates under the ACCC) are aware of scammers using publicly available ACCC phone numbers, which are listed on the agency’s official website.
Here are 2 reported cases:
- Scammers claimed to be representatives of the ACCC and requested sensitive information over the phone.
- Scammers misused the ACCC acronym to impersonate an unrelated organisation. They spoke in a language other than English.
The ACCC phone numbers have been spoofed, which means that the scammers have disguised their phone number to make it look like they are calling from a trusted organisation, in this case, the ACCC. They then ask for personal information.
How to spot the scam
The scammers call you claiming to be from the ACCC and ask you for personal information like passwords or bank details.
They will make it sound urgent and ask you act immediately.
What you should know
The ACCC and NASC will never:
- make calls from its reception numbers
- charge money for its services
- cold call or email to ask for your personal information like passwords, bank details or answers to security questions
- threaten or pressure you to stay on the line.
Stay protected
- Stop – Don’t give money or personal information to anyone if you’re unsure. Scammers will create a sense of urgency. Don’t rush to act. Say ‘no’, hang up, delete. Do not click on any links or download attachments from messages unless you are sure it is from someone you can trust.
- Check – Ask yourself could the call or text be fake? Scammers pretend to be from organisations you know and trust. Contact the organisation using information you source independently, so that you can verify if the call is real or not.
- Protect – Act quickly if something feels wrong. If you have had money or personal information stolen contact your bank immediately. Help others by reporting scams to Scamwatch.
If you’ve been affected
Don’t be embarrassed about being scammed.
If you’ve had money or personal information stolen contact your bank or card provider immediately.
If you’ve been scammed or have provided personal information call IDCARE on 1800 595 160.
Help others by reporting scams to Scamwatch.
Illawarra Credit Union has become aware to an increase in phishing and impersonation scams.
What are Phishing Scams?
The scammers use a sense of fear and urgency to encourage you to act quickly and use phrases such as ‘account compromised’, ‘unauthorised’, or ‘suspicious transactions’, or ‘you’ve been hacked’ to deceive you into granting scammers access to your account to steal your money.
What are Impersonation Scams?
Impersonation scams are where the scammer may send messages using the technology of ‘spoofing’ to make a message appear to be from a trusted source organisation to add legitimacy to the scam, meaning the scam message would appear with other legitimate messages in the thread.
These messages often include a link or a contact phone number which belongs to the scammer as a way in which to gain access to your personal information and ultimately your account.
Top Tips to Avoid Scams
- STOP. Do not click on any links in emails or text messages, even if they say there has been suspicious activity on your account. We will not include hyperlinks in our correspondence with you and will direct you to our website.
- CHECK. Do not rush to act. If you ever think we are trying to contact you, go to our official website or app and log in there. Alternatively, contact us by phone or email using details you find on our website.
- PROTECT. Set up multi-factor authentication so you receive an email or text message every time someone tries to log in to your accounts. Never share these passcodes with anyone else over the phone. If you are ever unsure if correspondence from us is legitimate regarding transactions on your account that were not made by you, please contact us immediately by the contact information found on our website.
Did you know that many phone providers are now providing services to help identify if a phone call is potentially a scam call? As more and more scams are reported and people are becoming more aware of scams, phone companies are able to gather more data about scammers and assist in the ongoing prevention of scams.
Depending on your phone provider, a potential scam call will display the phone number and a message “Potential Scam Call” or “Warning: Suspicious Calling Pattern”. Other providers will include a service in its customer app, where you can enter a phone number and check if the number is connected to scam calls.
We recommend visiting your phone provider’s website to find out what services they have available to you.
Of course, all of this relies on people being aware of how to spot and report a scam. To report a scam please visit scamwatch.gov.au and view further details on scams on this page.
Working together to keep your money safe .
Financial scams are an unfortunate part of modern life. Sneaky, sophisticated and ever-changing, spotting them isn’t always easy.
We hope you find the information below helpful and encourage you to call us if you have any questions. It is really important that if you think you are at risk of a scam, are unsure about suspicious activity on your account or believe you have received suspicious communication from us to please call us as soon as possible.
Keep reading to learn how, together, we can keep your accounts and money safe.
Like to know even more?
You’ll find a wealth of useful information at Scamwatch – a website managed by the Australian Competition & Consumer Commission (ACCC).
Commons scams to stay safe from.
Phishing is a common tactic used by scammers to trick you into revealing sensitive personal information like passwords, bank account details and credit card numbers. To do it, they use fake (but authentic looking) emails, text messages and social media posts impersonating an individual or organisation you trust like a government agency or financial institution. Some bold scammers will even try to get this information from you directly over the phone. Their ultimate aim is to use your own identity to steal from you, either now or at some stage in the future.
Red flags
- Messages, emails and calls from unknown sources
- Requests for account information from unexpected individuals or businesses
- Text messages or emails asking you to click a link (even an Opt Out link)
Australians spend millions of dollars shopping online every day. To exploit this, scammers set up fake websites that appear to be genuine retail businesses, often using real logos, brands and product photos. When an order is placed and paid for, shoppers may receive a cheap and inferior product to what they were expecting, or nothing at all. Meanwhile, the scammers have their most sensitive personal and banking information. Some online shopping scammers may also try to offer you fake refunds, post fake ads on social media, use fake celebrity endorsements and even write their own reviews to create the illusion their website is real.
Red flags
- Amazing deals and prices that aren’t available anywhere else
- Retailers you’ve never heard of before
- Unusual payment and delivery options
- Unexpected refund offers
Remote access scams use emails, texts, phone calls and pop-up browser windows to spread fake – yet plausible – stories that result in victims voluntarily providing remote access to their computer, tablet or smartphone. Common tactics include impersonating a representative from a trusted business such as a bank, utility or government agency. Once they gain access, scammers are free to steal and misuse all manner of sensitive personal and financial information stored on the device, often without any knowledge of the victim. They can also install ransomware, change passwords and even lock you out of your own device/s.
Red flags
- Any third party request for access to your devices
- Unexpected pop-up messages and emails warning of viruses
- Unusual changes to your device, such as unexplained files or random mouse movements
- Passwords and usernames suddenly not working.
It isn’t a great idea to ignore the Australian Tax Office. Scammers know this and use emails, phone calls and text messages claiming to be from the ATO and other government departments to access sensitive personal and financial information. It might be the promise of an unexpected tax refund or an urgent security update. On the other hand, it might be the threat of penalties from an unpaid tax or HECS debt. The catch is you need to login to your myGov account using the link provided to resolve it. Clicking the link takes you to a fake ATO webpage that then asks for details like your TFN, residential address, credit card and bank account details.
Red flags
- Unexpected tax refunds or debt notices from the ATO
- Emails or text messages containing a link to the ATO or MyGov websites
- Government email addresses that do not end with ‘.gov.au’
Enormous amounts of money are stolen through invoicing scams each year, largely as they’re so simple and easy to fall for. Some scammers find ways to compromise or hack legitimate company email accounts. Others simply impersonate a company with similar (but fake) email addresses and domain names. They then change the bank account details on the company’s invoices before sending them to unsuspecting customers. Believing they are making a genuine payment to a trusted supplier, the customer pays the invoice, but instead sends their money straight into scammer’s fraudulent bank account.
Red flags
- Unexpected invoices from a known supplier
- Changes to a supplier’s banking details from previous invoices
- Changes to the visual design of a supplier’s invoices.
First they steal your heart. Then your money. Romance scams often begin through online dating sites and apps, with scammers using fakes names and images (known as ‘catfishing’) to help build a fake relationship over days, weeks or even months. Once they have gained their victim’s trust, they then seek to emotionally manipulate them. Common tactics include asking for money, gifts or banking and credit card details. They may even create a fake personal emergency to deceive the victim into providing urgent financial assistance.
Red flags
- Reluctance to actually meet and/or last minute cancellations
- Sudden emergencies requiring urgent funds
- Constant requests for money or loans, often of increasing values
Investment scams
Investment scammers pose as stockbrokers, bankers, financial planners and other trusted professionals. From cryptocurrency and real estate to term deposits and shares, they approach their victims with offers of once-in-a-lifetime, high return/low risk investments. Trouble is, it’s rarely authentic. Once they gain your interest and trust, they request payments to ‘secure’ the amazing opportunity – only for that money to never be seen again.
Job scams
These types of scams typically promise very attractive job opportunities with very minimal effort. Scammers impersonate an employer, advertise fake positions on legitimate job sites and can even directly contact individuals through messaging platforms or email. The catch comes when victims are required to make an upfront payment for training or to guarantee their new position. Scammers may also request sensitive personal information as part of the employee onboarding process, such as Tax File Numbers, home addresses and bank account details.
Identity theft
Over a period of time, scammers use a variety of means to build a detailed profile of your most sensitive personal documents and information. Armed with things like your passport, driver’s licence, TFN, birth certificate, banking details and photos, they then recreate your identity. This allows them to access your existing financial accounts, and even apply for new credit cards and loans in your name. They may also try to sell your identity to other cyber criminals.
Toll Scams
Thousands of Australians use toll roads every day and scammers know it. These scams typically use emails and text messages pretending to be from toll road operators requesting you to click on links to pay for tolls, or warning of overdue or unpaid bills. Often, they’ll also use threats of fines, penalties or fees if you do not pay immediately. If you ever think you may have an unpaid toll invoice, check first by logging onto your toll provider’s website or app directly.
Crypto Scams
The meteoric rise of cryptocurrencies, such as Bitcoin, has caught out many unsuspecting investors, with scammers promising amazing ‘guaranteed’ returns that are simply too good to be true. The ACCC warns Australians to avoid making cash transfers into obscure or unverified cryptocurrencies, especially as there is usually very little in the way of paper trail or documentation. Also be very wary of crypto providers who want to withhold investment earnings for ‘tax purposes’ and unusual tokens that appear in your digital wallet that you did not trade yourself.
Threat & Penalty Scams
Rather than subtle deception, these scams are all about aggression and fear. Scammers will contact their victims with highly demanding phone calls (sometimes using recorded messages), emails or text messages impersonating official organisations with threats of penalties, arrest, legal action and even physical harm if they don’t provide immediate information and/or payment. Scammers are even known to victimise victims, targeting people again who have already lost money to other scams by claiming to be money-recovery agents.
Business Email Compromise (BEC) scams
BEC is a form of targeted phishing, sometimes known as ‘spear phishing’. Scammers use official looking emails – and even real compromised email addresses – to impersonate people within an organisation, deceiving their victims into making fake payments, filling bogus orders or revealing sensitive company information. Increasing work-from-home arrangements have seen BEC scams on the rise worldwide since the pandemic.
Malware
Malware refers to malicious viruses and software programs that are used to unknowingly ‘infect’ computers, devices or networks. Scammers use it for many purposes including corporate spying, stealing personal information, sabotage and extorting payment from individuals and businesses. Malware often acts like a Trojan horse, hiding its true purpose behind a seemingly legitimate program or app.
Staying alert. Staying protected .
Each new day brings new scams to watch out for. Whilst the methods may change, there are some basic things we can all do to stay one step ahead. Scammers may come up with fake scenarios in order to access your banking details or to convince you to send funds to an unknown account.
-
Stop. Investigate. Verify.
We will never ask you for your internet banking login details or PIN.
-
Rethink every link.
Links provide doorways to your most personal details. Only click on them if you’re certain they’re authentic.
-
When in doubt, delete.
Trust your instincts. If something doesn’t seem right, it probably isn’t.
-
Take care. Never share.
Always keep your passwords, PINs and usernames to yourself.
-
Change is good.
Get into the habit of changing your passwords regularly. The more random they are, the better.
Empower yourself with these resources .
Scamwatch
Run by the Australian Competition & Consumer Commission (ACCC), Scamwatch is a great place to learn about the very latest scams, and report them.
IDCare
IDCare provides free and confidential support to people who may have had their identity compromised or stolen through a targeted fraud or scam.
Australian Cyber Security Centre
This is the Australian Government’s lead agency for cyber security. Visit their website to report suspicious activity and learn more about staying safe from cybercrime.
We're here to help .
Send us an email
Share screenshots and details of suspicious behaviour by email to [email protected]
