Learn to spot a phishing call or phishing text message
Cybercriminals are using the art of phishing to scam you into giving out personal information such as your bank account numbers, passwords and credit card numbers. It may seem hard to spot a phishing message, but you can find out if it's legitimate or not with these hints:
- The scammer would call and ask for your personal details under the guise of being from the government, bank or organisation:
- The scammer may say that the bank or organisation is verifying customer records due to a technical error that corrupted customer data;
- The scammer may call from a legitimate organisation, such as a government agency or utility company, and provide rebate products;
- In some cases, it may be claimed that a police officer or fraud investigator has been called for you to cancel the warranty issued.
- Phishing text message alerts you to "unauthorised or suspicious activity on your account":
- You might be told that you paid for an expensive, large purchase in a foreign country, and asked if you approved the payment;
- Text message alerts that there is a suspicious activity on your account;
- In both cases, if you reply that you didn't authorise, the scammer will ask you to confirm your credit card or bank details so they can steal your card and withdraw the money from the account.
- Phishing text message contains malware: Cybercriminals are sending phishing emails with malware embedded in them. If you click on a link that leads to another site, your computer may become infected with malware which could steal your personal information.
Phishing messages are designed to look genuine, and often copy the format used by the organisation the scammer is pretending to represent, including their branding and logo. They will take you to a fake website that looks just like the real one, but has a slightly different address. For example, if the legitimate site is 'www.commbank.com.au', the scammer may use an address like 'www.commonbank.com'.
The victim is asked to provide personal information and financial details (such as a credit or debit card number). If you provide the scammer with your details online or over the phone, scammer will use them to carry out fraudulent activities, such as using your credit cards and stealing your money.
How to protect yourself from Phishing Attacks
If you believe that you have received a phising scam call or phising scam message, there are a few things you can do:
- Unwanted email links or text messages can contain malware or viruses that can harm your computer, so it's best to delete them immediately;
- Don't ever give your personal, credit card or online account information to an email or website you're not certain is authentic;
- Only check if an offer is genuine by contacting the company using its official contact details to verify if the offer is genuine;
- Take caution when browsing as there may be safety concerns in case of a low-resolution or spelling errors;
What to do if you think you've been successfully phished
If you have paid, keep an eye on your credit card statement for any odd transactions – otherwise you should contact your credit card provider and request them to block the transactions.
If you think you have provided your banking or credit card details to a scammer, contact your bank or financial institution immediately and change your passwords as soon as possible. You could also ask for help and support if you are unsure how to do this yourself.
Go to the police if you believe that you have been a victim of identity fraud. They will be able to provide advice on what action to take next.
List of phishing scams
- Fake purchase phishing scam (Amazon, eBay & PayPal): The scammer will tell you they have noticed a suspicious transaction on your account and that you are required to immediately make contact to dispute the transaction;
- ATO phishing scam: Scammers claim they are an official from the Australian Tax Office (ATO) and that there is an arrest warrant in their name;
- Fake NDIS callers: You are contacted by someone purporting to be from the NDIS asking for personal information over the phone.
- Discount bills: Scammers pretending to be from legitimate businesses are cold-calling people and promising savings of 20-40 per cent on their household bills;
- JB Hi-Fi giveaway scam: Scammers posing as electronics retailer JB Hi-Fi are sending SMS messages claiming there is a ‘giveaway’ that expires soon;
- COVID-19 vaccination scams: Scammers may try to obtain your personal information by claiming it is required for you to get the COVID-19 vaccine;
- COVID-19 banking scams: Due to COVID-19 all Commbank customers are required to review and update personal information and are unable to use their account until this process has been completed;
- False Invoices: Phishing emails are being sent with links to fake invoices, receipts or insurance documents.