Below are some examples of scams currently circulating.
General tips regarding scams:
- never enter your username / password via a link in an email if you aren’t expecting it. If you get an email asking you to login, instead go directly to the website (like you normally would without clicking on an email link) and login. At least you then know you are on the correct site and not a fake version of it.
- If you ever receive a message warning you of something going wrong, it’s worth double checking that it’s a legitimate warning first before proceeding with the ‘instructions’. In most cases there would be several warnings or related messages before it becomes urgent so you should have time to deal with it cautiously.
- always be especially careful with any ‘unexpected’ contact, especially from a party that you might not have dealt with before.
There appears to be another scam going around particularly to those who own domains. If you receive an email claiming that someone is attempting to register a domain similar to yours except with .com opposed to .com.au then please be cautious. They may ask for a one-off payment in order to register your domain name for 10 years.
For more information relating to these scams can be found at
ACCC ScamWatch - Covid-19 Scams
Scamwatch has received over a thousand coronavirus-related scam reports since the outbreak. Common scams include phishing for personal information, online shopping, and superannuation scams.
Scamwatch urges everyone to be cautious and remain alert to coronavirus-related scams. Scammers are hoping that you have let your guard down. Do not provide your personal, banking or superannuation details to strangers who have approached you.
Scammers may pretend to have a connection with you. So it’s important to stop and check, even when you are approached by what you think is a trusted organisation.
Visit the Scamwatch news webpage for general warnings and media releases on COVID-19 scams.
Phishing – Government impersonation scams
Scammers are pretending to be government agencies providing information on COVID-19 through text messages and emails ‘phishing’ for your information. These contain malicious links and attachments designed to steal your personal and financial information.
Fake MyGov texts
Fake government subsidy phishing scam
Fake ATO tax credit scam
Fake economic support payment text
Phishing – Other impersonation scams
Scammers are pretending to be from real and well known businesses such as banks, travel agents, insurance providers and telco companies, and using various excuses around COVID-19 to:
- ask for your personal and financial information
- lure you into opening malicious links or attachments
- gain remote access to your computer
- seek payment for a fake service or something you did not purchase.
Fake bank phishing text
Fake insurance phishing text
Scammers are taking advantage of people in financial hardship due to COVID-19 by attempting to steal their superannuation or by offering unnecessary services and charging a fee.
The majority of these scams start with an unexpected call claiming to be from a superannuation or financial service.
The scammers use a variety of excuses to request information about your superannuation accounts, including:
- offering to help you access the money in your superannuation
- ensuring you’re not locked out of your account under new rules.
- checking whether your superannuation account is eligible for various benefits or deals.
Scams targeting businesses
Scammers are using COVID-19 in business email compromise scams by pretending to be a supplier or business you usually deal with.
Scammers are using COVID-19 as an excuse to divert your usual account payments to a different bank account. Your payment goes to the scammer instead of the real business.
Example of a business email compromise scam
False billing scams request you or your business to pay fake invoices. Many email-based ransomware scams use fake bills as attachments to infect your computer.
Malware and Ransomware
Malware tricks you into installing software that allows scammers to access your files and track what you are doing, while ransomware demands payment to ‘unlock’ your computer or files.
Whaling and Spear Phishing
Whaling or spear phishing scams target businesses or organisations in an attempt to get confidential information for fraudulent purposes.
Scammers send a personalised email which may look similar (but not identical) to frequently used email addresses. Scammer will try to convince you that the email requires urgent action in order to try and obtain confidential information and financial details.