Expert tips to avoid the latest scams
Wondering why you’re receiving those misspelled SMS? It’s actually deliberate.
Scammers are bypassing the system that automatically blocks scams with a smattering of bad grammar and spelling. They are getting in front of you and hoping you click too quickly to realise your mistake.
This is just one of the more sophisticated tactics - yes, even bad spelling is sophisticated - scammers are employing to capture even the most cautious among us. Scammers are so successful that, according to the latest reports, Aussies have lost a total of $222,810,200 to scams in 2021. That’s already 26.8 percent higher than 2020, and the year is not yet over.
Sadly, scammers show no signs of backing down and are tipped to be more active as the holidays approach.
Scary, isn’t it?
But never fear. We’re here with some expert tips to avoid falling into their traps. Before we dive into those, we have briefly outlined the latest digital scams so you know the dangers out there.
The latest scams
AFP scam
If you receive a call from a person introducing themselves as the Australian Federal Police (AFP) saying suspicious activity has been linked to your bank account, it’s probably the AFP scam.
If you’re contacted by these scammers it can be really distressing, which makes it very challenging to get your brain to focus on the facts. In your panic, you forget that you’re an honest, hardworking person who hasn’t done anything the AFP would be remotely interested in. How many times have you actually read about the AFP taking action against people? It just doesn’t happen that often. So the chances of this happening to you are almost none. Nada, zip, zilch.
But successful scammers are experts at playing on our fears, which is why this method often works. Firstly, it makes us fearful that someone else has accessed our accounts without our knowledge. Secondly, by saying it’s the police, the scammer makes us think “this must be something serious if the police are already involved”.
Once they sense the fear, the scammer will offer assistance to create another account safely. All you have to do is to withdraw all your money from your existing account and deposit it to the ‘safe’ one they will help you open.
And while they may not catch out everyone, the scammers know they will hook some because they’re scared, and those fearful emotions have gotten the better of their usual common sense.
Other times, they won’t go to that extent. Scammers will simply request ‘verification’ of our personal details, such as our Medicare number, home address, birthdays and so on. But be warned, this can be every bit as damaging — as we’re speaking, they’re already draining money from our bank account.
Sometimes, these ‘AFP’ scammers won’t meddle with our bank accounts. Instead, they will issue an arrest warrant via email or social media, which can only be cancelled if we deposit money into their nominated bank account.
ATO scam
Scammers know that most of us deal with the Australian Taxation Office (ATO) every year to file our taxes and we’re always in a hurry when we do it.
Our scrambled, stressed-out brains are the perfect targets for scammers to hit us with scary statements such as: “Your Tax File Number has been suspended for money laundering. You have to pay X amount of money to avoid being sent to court.”
Another common scheme is to ‘reward’ us with a tax refund — and who doesn’t want one of those? And, indeed, you may even think you’re entitled to one, making it seem even more legitimate. Scammers ask for our personal identifying details and a nominated bank account to receive the refund.
In fact, there are so many tactics scammers use that the ATO had to put up a page dedicated to them. Please take the time to read them.
Australia Post scam
You’ve probably been doing your fair share of online shopping and are therefore waiting for a package to arrive as you’re reading this. Be wary. Scammers jump on whatever is trending right now, so they are leveraging online shopping for their schemes.
Like the ATO scams, this approach is so popular Australia Post’s page on scams is regularly updated.
You may receive an email or SMS saying it’s from Australia Post and telling you that a purchase has been made on your behalf, or that your order has been put on hold, then prompting you to click on the link.
Don’t do it. The link will take you to a fake page that will steal your personal and financial details.
There are other fraudulent yet believable techniques scammers use, which we have written extensively about before. Please have a look.
Business email compromise (BEC)
If you have a website, your hosting service provider or domain registry sends you updates from time to time. As your contact details are available to the domain registration services, this presents another opportunity scammers find lucrative.
Pretending to be from your provider, scammers send you an email, saying you need to pay for something right away or your files will be deleted. It could be a subscription, upgrades, and so on. The emails and letters they send look legitimate as it’s not hard for them to impersonate logos and email addresses.
Crypto scams
Cryptocurrency is well publicised but not very well understood, which makes it an attractive scam.
What’s more, scammers even use social media platforms to lure would-be investors. It’s not uncommon to see crypto business pages with a huge following and high engagement rate to make us think everything is legit.
Crypto scams usually have low-investment, high-return promises. For example, the crypto ‘guru’ will ask you to invest $50 this month. To lure you into investing more, you get back $75 the following month.
You repeat the cycle until you increase your investments, hoping to get something bigger back. But you won’t.
That’s why crypto scams are so successful. They promise, and even fulfil, eye-watering returns in your first few months of investment. But when you’ve decided to invest so much more, the entire investing platform disappears. Our hard-earned money is gone in an instant.
Why don’t you see the bad reviews on social media? They delete all negative feedback.
Flubot scams
This scam involves the installation of malware on your android phone. The link is delivered to your phone via SMS, telling you to either listen to a ‘voicemail’ or reschedule a missed delivery. It’s also known as the voicemail text scam.
Once the malicious app is installed, it will provide fake pages or overlays, as it’s called, on top of the login screens of your banking apps. So the next time you use your banking app, the scammers can capture your banking details.
This gives the scammers access to your bank accounts and, therefore, your money.
Job scams
The perpetrators of this rort are cashing in on the pandemic, where a large number of people have lost their jobs or businesses.
They usually send a text message with a link, introducing themselves as hiring managers of a big company and promising a job and competitive compensation.
The recipients are then asked to fill out a form, asking for personal details, which will be used to hack into their financial accounts.
Online shopping scams
We previously wrote about last year’s online shopping statistics, and since then the numbers have grown dramatically.
Unsurprisingly, so have the scammers’ ploys. One of them is eBay or Amazon scam calls, where a scammer will call to say a purchase has been made using your credit card.
To obtain a refund, the caller will empathetically say they can help you. You just have to give them your payment details and they will process the refund for you.
Your credit card information is now compromised.
Phishing scams
Remember the Nigerian prince who’s willing to give you everything he has because he’s just that generous? Well, he’s back. Sort of.
This time, he’s no longer a prince nor a Nigerian. He could be dying in a few months and needs someone to inherit his wealth. He could even be a she.
Anyway, the point is this type of scam usually employs elaborate stories about someone looking for heirs. It could be you, provided you give him your bank details so he can ‘send’ you the money.
But most of us know how this ends. Instead of receiving your ‘inheritance’, you will see your bank account emptied.
Rental scams
It’s no secret that the competition in the rental market is fierce all over the country. This is why scammers lurk in Facebook groups, advertising their ‘hot rental properties’.
They’re overly friendly and are willing to give you the keys even without an inspection and rental application. You just have to pay a few months’ rent to secure the lease.
The usual story they give you is “I’m interstate now, so I can’t let you inspect the house. But please transfer the money online to secure the lease. I will post the key once I’ve received your payment.”
Those who hit transfer are out of luck, out of cash and out of a place to live.
SIM card scams
SIM swapping accounts for almost 80 percent of SIM card scams. It’s when scammers pretend to be the victim and call a telco agent, telling them to switch the number to a new SIM for some reason.
Of course, the telco agent would believe the caller because the latter has the victim’s relevant identity details, making the switch verifiable. Besides, changing a SIM is not an uncommon request.
Once the number is changed, the scammers can then link the victims’ finance apps to the new number, emptying all linked accounts.
Where do they get the details? Mostly from social media where you have your email address, birthday and address listed. Sometimes they have your details from another scam!
Services Australia has more examples of these scams.
How to spot scams
We’ve said this before, but it’s well worth repeating. Scams usually come with these warning signs:
-
- The messages typically contain grammatical errors, misspellings or incorrect logos. (And you thought they were just bad at spelling.)
- The landing sites are unencrypted. Look for the address to include “https” or the lock icon in the corner. Unencrypted sites usually have a “not secure” warning in this area.
- The messages are urging you to act quickly. What’s the rush? Take a breath and look closer.
- The sender’s email domain does not match the company they claim to be representing. For example, if an email claims to be from PayPal, and the senders address is [email protected], it's actually from scammers. Paypal would never send official emails that don't come from @paypal.com.
- They’re enticing you to “get rich quick while barely lifting your finger”. (If it sounds too good to be true, it usually is, right?)
- The message uses overly casual, hostile or threatening language. Why would any professional organisation bully a customer?
How to avoid getting scammed
Even if you think you know the telltale signs of a fraudulent scheme, it pays to be extra cautious. So here are some expert tips for added security:
1. Practise cyber-mindfulness
To avoid scam emails, always look carefully at the sender’s details. If it’s from an email address you don’t recognise, don’t click on any links in the message. The same is true for unrecognised phone numbers. Do not click on the link.
When you visit a website for the first time, make sure it’s secure before entering bank or credit card details. As mentioned above, the lock icon in the address bar tells you whether a site is secure or not.
When you receive a message via SMS or email, check for inconsistencies, spelling or grammatical errors and small irregularities. Sometimes, scammers change a tiny detail in a logo to trick your eyes.
2. Be sceptical
If the message is from someone you don’t know, always err on the side of caution. As someone once said: “Nothing stands you in better stead to avoid being conned than a healthy sense of scepticism.”
If the deal sounds too good to be true, it’s likely a scam.
3. Protect your digital accounts
Always use multi-factor authentication, if applicable, for your accounts. These days, passwords alone are not enough to secure your details.
If you have a business, set up a verification process for your company. And check out Sender Policy Framework (SPF) and Domain Message Authentication Reporting and Conformance (DMARC). These are controls designed to detect fake emails.
4. Install call blockers
There are plenty of apps to avoid scam calls on both the Play Store and App Store. You can program these apps to block unknown callers so you can avoid scam calls on iPhone and android devices. It can also help you avoid getting spam texts, as most apps can block both.
5. Beware of scare tactics
Scammers usually instil fear into their victims because they know that when fear takes over, our rational brain takes a backseat.
When their messages include threats such as penalties or fines, don’t panic. Slow down, think about the emotional response that has been triggered and ask a friend for advice.
6. Contact the company
If the message you receive allegedly comes from a specific business or company, call them first or even visit their office if it’s not too much hassle. This is the smartest way to verify the request is valid and legal.
To avoid scam jobs, check the company’s website for job openings and apply from there.
Be careful though; scammers can give you fake company contact details to verify. Don’t take their word for it. Do your own research and seek the company details on your own.
7. Lessen your digital footprint
Avoid sharing your email address, home address, birthday and any personal information online, particularly on social media, even if you’re sharing them with friends. Scammers have tools to scrape data online.
Stay away from “checking in” on social networking platforms. Do not always share your location with your ‘friends’. One of your so-called friends could be a scammer in disguise.
8. Ask for an expert’s help
If you’re not sure whether a notification you received is legitimate or not, ask an expert to verify. If the message you received purports to be from the ATO or AFP, for example, call them before taking any action. And check out the pages we mention above for regular updates.
9. Always demand home inspections
To avoid real estate scams, don’t fall for ploys by pretend landlords saying you don’t have to inspect the home and the keys will be posted after payment has been made.
Even if they insist they’re away so no inspection is possible, ask if they can get a friend to show you the property. If they can’t, chances are the property isn’t theirs. Don’t send anyone payment without a proper inspection.
If you have been scammed…
If you think you have fallen for a scammer’s tactics, do the following immediately. While you're unlikely to get your money back, you can avoid further damage and loss. And by reporting the scam, you can prevent others from falling victim.
- Contact your financial institution. They may freeze or close your account so no further damage can be done. If possible, they may also stop any transaction you have initiated.
- Alert the authorities. Scamwatch lists the proper agencies to contact so they can help you take action. Find them on this page.
- Transfer funds. If you disclosed your banking details, suspend access to that account and transfer funds to a new account.
- Change login details. If you think your login details are compromised, change them right away to stop scammers accessing your accounts. And don’t reuse passwords, as this is the best way to prevent scammers from accessing all your logins.
- Reset your phone. If you’re a victim of a malware scam, you must hard reset your phone, as merely uninstalling the app won’t help. Losing any photos or other information stored on there is a small price to pay for your security.
- Warn others. You may feel embarrassed to share what just happened to you, but educating others about this criminal activity is the best revenge. You prevent others from falling into their traps.
Don’t let them win
Scams are everywhere and scammers are employing more sophisticated ways to dupe us.
But there’s good news. Firstly, we can arm ourselves with the knowledge to outsmart them. Knowledge is power, as the saying goes. Putting this knowledge into practice is even more powerful.
Secondly, we have the assurance that the government and private agencies have our back. Reporting to them has become easier and faster, so we can avoid further loss and damage, and even, in some cases, recoup some of our losses.
Like this article? Receive more helpful tips on everyday issues for free. Sign up for our weekly #HMCHotNews newsletter.