Phishing is by far the most common scam technique used at the moment. It is the fraudulent practice of sending emails or SMS claiming to be from a reputable source or from us, in order to induce someone to reveal personal or financial information.
How does it work?
Phishing is designed to convince the person receiving the fraudulent email or SMS to click on a link or download an attachment, which is embedded with computer viruses. These viruses – also known as Malware – automatically download to your computer or phone and allow fraudsters to take control, log keystrokes and access personal files, which could then lead to identity theft.
- Messages that convey a sense of urgency or demand immediate action. Example – “Download the attachment now and follow the steps or you will be penalised.”
- Offers or prizes that sound too good to be true. Example – “Click on the link now to claim this limited offer $250 gift voucher.”
- Impersonation of well-known organisations such as Government, Police, or even your own workplace.
- A reputable company or government department asking you to disclose your personal information, such as a credit card PIN and expiry date, Citi Online password or your OTP (One-Time PIN).
- Poor grammar or spelling mistakes.
Important - No reputable company or government department will ever ask you to disclose a password or PIN.
Scammers are currently targeting and impersonating two key areas with their fraudulent emails and text messages.
1. Australian Government - Scammers are preying on people’s need for information and services from the Australian Government such as updates on COVID-19 or updates on government financial assistance.
Tip: Visit the Department of Health at health.gov.au for the latest news on COVID-19 and the Treasury website at treasury.gov.au/coronavirus/households for the latest information on financial assistance.
2. Your employer - With many of us currently working from home, scammers are impersonating employers in an attempt to gain access to sensitive information.
Tip: Contact your manager to help verify an email or SMS from your employer if it looks suspicious.