From emails out of the blue to suspicious calls and text messages, scammers today are using a wide range of methods to con unsuspecting Australians.
In 2020 alone, Australians lost $851 million to scams according to the Australian Competition and Consumer Commission (ACCC) and the tally will likely rise further in 2021 and 2022.
The good news is, there are a range of measures you can implement to protect yourself and your organisation from cyber-crime. Here we outline some of the common types of scams and what you can do about them.
Phishing scams and FluBots
Phishing scams often look like emails, texts or phone calls from a familiar enterprise such as your bank, utilities provider, a retailer you frequent or even government entities such as the ATO. They may claim there is a problem with your account, ask you to make a payment or claim you are eligible for a prize or refund.
The message usually directs you to a site to verify personal information such as your email address, password, account number or credit card number then steals your information and exposes your computer to attack by scammers.
Another scam that is becoming increasingly common is the FluBot scam, which is named after the malware it is designed to infect your phone with. These scams usually involve a text message alerting you about a missed delivery, voicemail or call.
You can receive a FluBot message whether you have an iPhone or Android phone. The malware not only downloads your personal information, including banking details and passwords but can also send out messages to your phone contacts encouraging others to instal it.
What to do: If you are unsure about a particular communication, ignore it, hit delete and do not click on any links. Also remember that service providers and government entities will not ask for your personal details over the phone or online. If anyone is requesting your information, ask for their details and check their identity before calling back.
Superannuation and investment scams
Australians have more than $3 trillion1 invested in superannuation, so it’s not surprising that super is an attractive target for scammers.
Cyber criminals are currently running a number of super scams with the purpose of stealing your hard-earned savings. Some cold call and offer to help you get early access to your super, set up a Self-Managed Superannuation Fund (SMSF) or participate in an investment offering high returns. Others may pretend to be contacting you from your super fund or investment provider and request personal information.
What to do: Familarise yourself with the rules around super. Unless you are experiencing extreme hardship, you generally can’t access your super until you are aged 55-60. You should also ignore any unsolicited offer of an exclusive investment deal or expert advice. Remember the old adage, “if it seems to good to be true, it probably is”. If you are seeking financial advice, check that the professional is registered on ASIC’s Financial Advisers Register website. The Financial Planning Association also has a register of approved financial advisers in your area.
Online shopping scams
Online shopping scams involve scammers pretending to be legitimate online sellers, either with a fake website or a fake advertisement on social media.
Many of these websites offer luxury items at very low prices but the scammers either send you fake goods or nothing at all.
They will often ask for payment via non-secure methods such as wire or bank transfers, money orders, gift cards or electronic currencies such as Bitcoin, making it very difficult to recover your money.
What to do: To spot a genuine website, look for a URL starting with ‘https’. The ‘s’ indicates that the website is secure and uses encryption to protect it from hackers. Check that the retailer offers information on terms and conditions, dispute resolution and contact details. You should also beware of sellers who do not offer secure payment options, such as PayPal or credit card transactions.
Social media scams
If you are a regular user of Facebook, you have probably seen cute, funny or emotional posts that encourage you to share, like or write ‘Amen’ in the comments field. By engaging with these posts you may think you are simply showing your support for a worthy cause or sharing a laugh with friends.
In reality these posts are designed to accumulate as many followers as possible. The creators then use the post to create scams or spread viruses.
If a page owner has access to Facebook’s developer tools, they can also collect your personal information such as gender, where you live and how old you are which could be used to hack your account.
What to do: Don’t get caught up in liking or sharing photos, videos, quotes and other content that did not come as original material from a friend or family member. The more a post is encouraging you to engage with it with lines such as “keep scrolling if you are heartless”, the more likely it is to be a scam.
Tech support Scams
With this type of scam, you receive a phone call, email or pop-up indicating your computer is infected. The scammer then prompts you to download an application that allows them to control your computer.
Tech support scammers may even run fake websites or online ads claiming to offer legitimate technical support.
What to do: If you get a call from someone you don’t know who says there is a problem with your computer, hang up. Also beware of pop-ups on your computer that ask you to call a number. If you are looking for genuine tech support, only go through a company you know and trust.
Keeping up to date
You can stay up to date on the latest scams and ways to protect your organisation by visiting the Scamwatch website.
If you think you have been the victim of a scam, UFS recommends taking the following steps:
- Act quickly. If you are unsure about a particular communication or request, contact your financial institution as soon as possible. They may be able to stop a transaction or close your account to protect you from further loss.
- Change your online passwords. If you think your computer or device has been hacked or infected with malware, update the passwords on your online accounts and never use the same password twice.
- Get support. Contact iDcare, Australia and New Zealand’s national identity and support service, who can work with you to reduce the harm from the misuse of your identity.
- Report the crime. Scams can be reported to Scamwatch or if you have been a victim of a cybercrime such a fraud, you can report it to police through ReportCyber.
Source: ASFA
By Linda Johnson, Head of Partner Solutions and Support, Uniting Financial Services
Important information: While the information in this communication has been prepared with all reasonable care, UFS accepts no responsibility or liability for any errors, omissions or misstatements however caused. No action has been taken to register or qualify these products or otherwise permit a public offering of these products in any jurisdiction outside Australia. Past performance is not indicative of future performance.
If you have received this communication in error please notify the sender at Uniting Financial Services. If you do not want to receive correspondence from UFS in the future via email, simply click ‘unsubscribe’. You can review the UFS Privacy Policy here.
