Scam methods
Malware & ransomware - malware tricks you into installing software that allows scammers to access your files and track what you are doing, while ransomware demands payment to 'unlock' your computer or files. Exploiting security weaknesses – weaknesses can include reused and easily guessed passwords, out of date anti-virus software, and unsecured WiFi and Bluetooth connections. Payment redirection scams – if you are a business, a scammer posing as one of your regular suppliers will tell you that their banking details have changed. They will provide you with a new bank account number and ask that all future payments are processed accordingly. The scam is often only detected when your regular supplier asks why they have not been paid. Example: John updated supplier details and it ended up costing thousands.
Stronger data protection with updated guidelines on assessing information security controls
Identity theft is a type of fraud that involves using someone else's identity to steal money or gain other benefits.
Secure your networks and devices, and avoid using public computers or WiFi hotspots to access or provide personal information. Choose passwords and PINs that would be difficult for others to guess, and update them regularly. Do not save them on your phone or computer.
Have you been scammed?
If you think you have provided your account details, passport, tax file number, licence, Medicare or other personal identification details to a scammer, contact your bank, financial institution, or other relevant agencies immediately. We encourage you to report scams to the ACCC via the report a scam page. This helps us to warn people about current scams, monitor trends and disrupt scams where possible. We also provide guidance on protecting yourself from scams and where to get help. Spread the word to your friends and family to protect them. Do not open attachments or click on links in emails or social media messages you’ve received from strangers – just press delete. Be wary of free downloads and website access, such as music, games, movies and adult sites. They may install harmful programs without you knowing. Do not use software that auto-completes online forms.
Phishing
A scammer contacts you pretending to be from a legitimate business such a bank, telephone or internet service provider. You may be contacted by email, social media, phone call, or text message. The scammer asks you to provide or confirm your personal details. For example, the scammer may say that the bank or organisation is verifying customer records due to a technical error that wiped out customer data. Or, they may ask you to fill out a customer survey and offer a prize for participating. Alternatively, the scammer may alert you to 'unauthorised or suspicious activity on your account'. You might be told that a large purchase has been made in a foreign country and asked if you authorised the payment. If you reply that you didn't, the scammer will ask you to confirm your credit card or bank details so the 'bank' can investigate. In some cases the scammer may already have your credit card number and ask you to confirm your identity by quoting the 3 or 4 digit security code printed on the card. Phishing messages are designed to look genuine, and often copy the format used by the organisation the scammer is pretending to represent, including their branding and logo. They will take you to a fake website that looks like the real deal, but has a slightly different address. For example, if the legitimate site is 'www.realbank.com.au', the scammer may use an address like 'www.reallbank.com'. If you provide the scammer with your details online or over the phone, they will use them to carry out fraudulent activities, such as using your credit cards and stealing your money.
