Common scams

Four common types of identity scams

Last updated: 09 June 2022

Identity theft is a problem that can happen to anyone. You can help protect yourself from identity theft by knowing some of the most common scams to impact Australians.

1. Phishing scams

Phishing refers to a cyber attack where someone attempts to trick you into giving personal information over email or phone, like your login details or credit card. The email might replicate communication from a reputable body, like a bank or government agency. They might also try to convince recipients that they’ve won a prize or inherited a large sum of money.

Traditionally, phishing scam messages were easy to detect. But identity thieves are clever and these scams are becoming increasingly harder to differentiate from the real thing.

There are still ways you can protect yourself from a phishing scam:

  • Be wary: organisations like the Australian Tax Office, Amazon or PayPal wouldn’t ask you to send them money through a link. If in doubt, contact the organisation through the details listed on their website to check.
  • Check the message for spelling mistakes, jumbled letters and numbers and impersonal greetings like ‘Dear Sir/Madam’ or ‘Customer’.
  • Avoid opening dodgy emails or clicking links in messages you can’t verify.
  • Block the messages, calls and emails and use an email scam filter. A good rule to follow is if it sounds ‘phishy’, it usually is. Check the ACSC website for more tips

2. Fake online profiles and catfishing

Setting up an online profile on Facebook, Instagram or a dating site is a common way for scammers to prey on unsuspecting victims. An identity thief can create a profile with a fake name and photos to trick people into befriending or falling in love with them. This is known as catfishing.

By showering victims with flattery and gifts, scammers can quickly gain trust before asking for money or personal details. If you’re not sure someone is who they say they are online:

  • Search their name to see if any other accounts or images come up that can verify their identity.
  • Take heed of warning signs like excuses for never meeting in person or inconsistent stories.
  • Be mindful of how much information you share with someone you don’t know.
  • Never send money, photos or identity documents, despite what they’re promising you.

3. Malware

In the last few years, you might have noticed an influx of text messages about voicemails, missed deliveries or photo uploads. This is a type of malware called FluBot that tries to access the personal data on your phone by asking you to click on a link.

These messages generally include vague greetings, fake company names and links containing random numbers and letters. If you receive a text that doesn’t look legitimate, delete it and block the sender. Do not click any links within the message – if you do, your device is at risk of being infected.

Malware and ransomware scammers also target devices through other means like fake advertisements, music downloads and emails. Visit Scamwatch to learn the warning signs and how to protect yourself.

4. Remote access scams

Remote access scams are one of the largest growing scam types in the country and they cost Australians millions each year. A remote access scammer will pose as an employee of the police force, IT support or a well-known major organisation and call to tell you that your computer has a virus. By requesting remote access to your device to ‘fix’ the issue, the scammer gains access to your email accounts, bank accounts and passwords.

Do your due diligence if you receive a random request from someone claiming to work for such a company, especially if they don’t know your name and account details. Don’t offer your credit card details over the phone to unknown callers and never give access to your personal devices to someone you don’t know and trust. Learn more about keeping safe online and protecting your credit file with other articles from Credit Savvy.