Various Scams
Below are some examples of scams currently circulating.
General tips regarding scams:
- never enter your username / password via a link in an email if you aren’t expecting it. If you get an email asking you to login, instead go directly to the website (like you normally would without clicking on an email link) and login. At least you then know you are on the correct site and not a fake version of it.
- If you ever receive a message warning you of something going wrong, it’s worth double checking that it’s a legitimate warning first before proceeding with the ‘instructions’. In most cases there would be several warnings or related messages before it becomes urgent so you should have time to deal with it cautiously.
- always be especially careful with any ‘unexpected’ contact, especially from a party that you might not have dealt with before.
Blank
"Hi Mum" or "Family Impersonation"
Scamwatch is urging the public to be wary of phone messages from a family member or friend claiming they need help, following a significant rise in “Hi Mum” scams in recent months.
Known as “Hi Mum” or “family impersonation” scams, victims are contacted – most often through WhatsApp – by a scammer posing as a family member or friend.
The scammer will claim they have lost or damaged their phone and are making contact from a new number. Then, once they have developed a rapport with their target, the scammer will ask for personal information such as photos for their social media profile or money to help urgently pay a bill, contractor or replace the phone.
These requests continue the ruse of a lost or broken phone with the justification that the funds are needed because they can’t access their online banking temporarily.
Some messages will simply say “it’s me,” while in other cases the scammers appear to have contact information and use the name of the person they are impersonating.
For more information relating to these scams can be found at
Computer Takeover
Commonly called remote access scams, scammers pretend to be from well-known organisations such as Telstra, eBay, NBN Co, Amazon, banks, government organisations, police, and computer and IT support organisations. They create a sense of urgency to make you give them access to your computer via remote access software.
Scams of this nature will often be an unexpected phone call saying you’ve been billed for a purchase you didn’t make, your device has been compromised, or your account has been hacked. Sometimes they start with an SMS, email or pop up on a screen from a scammer seeking urgent contact to fix a problem.
The scammer will pretend to assist you or ask you to assist them to catch the scammer. They will tell you to download remote control software such as AnyDesk or TeamViewer. Once the scammer has control of your computer or device, they will ask you to log into applications such as emails, internet banking or PayPal accounts, which will allow the scammer to access your banking and personal information to impersonate you or steal their money.
While remote access tools have been around for years to help IT support personnel in their work, scammers are also taking advantage of the ability to remotely access people’s computers or smart phones.
For more information relating to these scams can be found at
https://www.scamwatch.gov.au/news-alerts/computer-takeover-scams-on-the-rise
Domain Name
There appears to be another scam going around particularly to those who own domains. If you receive an email claiming that someone is attempting to register a domain similar to yours except with .com opposed to .com.au then please be cautious. They may ask for a one-off payment in order to register your domain name for 10 years.
For more information relating to these scams can be found at
https://www.domainregistration.com.au/domains/alerts/
https://www.scamwatch.gov.au/news-alerts/beware-of-unsolicited-domain-name-registration-offers
ACCC ScamWatch - Covid-19 Scams
Scamwatch has received over a thousand coronavirus-related scam reports since the outbreak. Common scams include phishing for personal information, online shopping, and superannuation scams.
If you have been scammed or have seen a scam, you can make a report on the Scamwatch website, and find more information about where to get help.
Scamwatch urges everyone to be cautious and remain alert to coronavirus-related scams. Scammers are hoping that you have let your guard down. Do not provide your personal, banking or superannuation details to strangers who have approached you.
Scammers may pretend to have a connection with you. So it’s important to stop and check, even when you are approached by what you think is a trusted organisation.
Visit the Scamwatch news webpage for general warnings and media releases on COVID-19 scams.
Phishing – Government impersonation scams
Scammers are pretending to be government agencies providing information on COVID-19 through text messages and emails ‘phishing’ for your information. These contain malicious links and attachments designed to steal your personal and financial information.
Examples
Fake MyGov texts
Fake government subsidy phishing scam
Fake ATO tax credit scam
Fake economic support payment text
Phishing – Other impersonation scams
Scammers are pretending to be from real and well known businesses such as banks, travel agents, insurance providers and telco companies, and using various excuses around COVID-19 to:
- ask for your personal and financial information
- lure you into opening malicious links or attachments
- gain remote access to your computer
- seek payment for a fake service or something you did not purchase.
Fake bank phishing text
Fake insurance phishing text
Superannuation scams
Scammers are taking advantage of people in financial hardship due to COVID-19 by attempting to steal their superannuation or by offering unnecessary services and charging a fee.
The majority of these scams start with an unexpected call claiming to be from a superannuation or financial service.
The scammers use a variety of excuses to request information about your superannuation accounts, including:
- offering to help you access the money in your superannuation
- ensuring you’re not locked out of your account under new rules.
- checking whether your superannuation account is eligible for various benefits or deals.
Scams targeting businesses
Scammers are using COVID-19 in business email compromise scams by pretending to be a supplier or business you usually deal with.
Scammers are using COVID-19 as an excuse to divert your usual account payments to a different bank account. Your payment goes to the scammer instead of the real business.
Example of a business email compromise scam
False Billing
False billing scams request you or your business to pay fake invoices. Many email-based ransomware scams use fake bills as attachments to infect your computer.
Malware and Ransomware
Malware tricks you into installing software that allows scammers to access your files and track what you are doing, while ransomware demands payment to ‘unlock’ your computer or files.
Whaling and Spear Phishing
Whaling or spear phishing scams target businesses or organisations in an attempt to get confidential information for fraudulent purposes.
Scammers send a personalised email which may look similar (but not identical) to frequently used email addresses. Scammer will try to convince you that the email requires urgent action in order to try and obtain confidential information and financial details.