Online scams cost Australians millions of dollars each year and anyone can be targeted. From dating scams to fake shopping websites and get-rich-quick offers, scammers use many different methods to steal your money or your sensitive information.
On this page
Tip: If it seems too good to be true, it probably is! If something seems unusual or dodgy, ‘ask out loud’ – get a second opinion from a friend, colleage or family member.
Online scams and malicious software aren't always obvious. Scammers' messages can be highly sophisticated, often using trusted brands and logos to make their messages look like the real thing.
If you're not sure, talk through the suspicious message with a friend, family member or colleague, or check its legitimacy by contacting the relevant business or organisation directly.
Talking through your concerns out loud with someone else can reassure you and help to identify messages that may be fake before you click a malicious link or give away any personal information.
If you think you’ve been scammed, don’t feel embarrassed or helpless – there are steps you can take to limit the damage and protect yourself from further harm.
- Contact your bank or financial institution – if you’ve sent money or your personal banking details to a scammer, contact your bank or financial institution immediately. They may be able to help by stopping a money transfer or cheque, investigating a fraudulent credit card transaction, or closing your account if the scammer has your details.
- Recover you identity – if you think you have been the victim of identity theft, act quickly to avoid further damage. Contact iDcare, a free government-funded service who can help. Visit the iDcare website.
- Report the scam to the authorities – If you have been a victim of a crime (such as fraud) report it to your local police. We would also encourage you to report the scam to the ACCC’s SCAMWatch and ACORN (Australian Cybercrime Online Reporting Network).
For additional information on the different kinds of help available, visit SCAMWatch.
There are many different types of scams online, and some common types are described below.
Dating and romance
Criminals attempt to start an online relationship with a victim and then ask for money, gifts or other valuable personal information. These scams may take place on online dating sites, but are also initiated through social media or email.
Scammers usually create fake profiles online or take the identities of real people, such as military personnel or professionals working overseas.
What to look out for
- The person expresses strong emotions for you in a short period of time.
- They try to move communications away from the dating site to a more private channel – such as phone, email or instant messaging.
- They may claim to be from Australia or another Western country, but may use very poor English.
- After they’ve gained your trust, they tell an elaborate story and ask you for money, gifts or bank account details. If you refuse or don’t comply straight away, their demands may become increasingly desperate.
Learn more about safely socialising online.
Fake online shopping sites
Scammers pretend to be legitimate businesses online, either using fake websites or malicious advertisements on legitimate sites in order to scam unsuspecting shoppers. Advertisements for these fake businesses may also appear in your social media feed.
These sites may copy the designs and logos from legitimate businesses in order to appear more genuine. These scammers may simply keep your money after you make a purchase, continue to make further fraudulent charges on your credit card, or may send you substandard goods.
What to look out for
- Unbelievably low prices or other unbelievable benefits. It’s common advice but it bears repeating – if it seems too good to be true, it probably is. Use caution.
- The link from the advertisement appears genuine, but when clicked on goes to a different URL.
- The seller insists on payment using electronic funds transfer, a wire service or another method rather than a credit card or PayPal.
- The website does not provide contact details or enough information about their privacy and returns policies, or their terms and conditions of use.
Learn more about safely selling and shopping online.
Advance fee fraud
There are many types of advance fee fraud scams, but they all ask you to send money or personal financial details up-front before you can receive some greater reward – which could be an unexpected lottery win, an inheritance or a share in profits from a business investment, etc.
What to look out for
- You receive an unsolicited message via email or other medium that promises an extraordinary reward or opportunity (for example, you’ve won a lottery that you don’t remember entering or you are offered an unbelievably good business opportunity).
- You are told that you need to pay an up-front fee and/or provide personal details in order to receive a much greater reward.
For more information of different types of scams, visit SCAMWatch.
Falsifying legitimate brands
Many trusted services and brands are falsely copied by scammers to make the scam more believable. These copies can be sophisticated and hard to spot.
Brands that are frequently falsified now have security pages that identify active scams using their branding. These pages often include examples and pictures of scam messaes to help you tell fake messages from real ones.
Brands that are commonly copied include: state and territory police or law enforcement (fake fine scams); utilities such as power and gas (fake bills and overdue fines); postal services (parcel pick-up scams); banks (fake requests to update your information); telecommunication services (fake bills, fines or requests to confirm your details); and government departments and service providers such as the Australian Tax Office, Centrelink, Medicare and myGov.
What to look out for
To protect your information, most of these services will never contact you out of the blue (unsolicited call, email or SMS etc.) to:
- ask for your username, PIN, password or secret/security questions and answers
- ask you to enter information on a web page that isn't part of their main public website
- ask to confirm personal information such as credit card details or account information
- request payment on the spot (eg. for an undeliverable mail item or overdue fee).
If you are unsure if a message you have received is legitimate, contact the company directly using their main contact information. You can also look for security information on their main public website.
There are a number of different precautions you can take to protect yourself from scams online.
- Understand that scams exist and use caution online. Be careful when shopping and be particularly wary of any uninvited contact – whether it’s from businesses or individuals, via email, social media or other means.
- Use strong passwords, take steps to protect your computer and use safe behaviour when using the web.
- Avoid malicious messages – don’t share your email address online unless you need to, use a spam filter to catch bogus messages before they get to your inbox and delete spam that does get through without opening it.
- Don’t open messages or click on links if you don’t know the sender or if you’re not expecting them. Be especially suspicious of messages that:
- are not addressed to you directly or misspell your name
- ask you to provide your banking details or other personal information
- promise you money
- present hard luck or exotic stories telling you that you can share in hidden millions of dollars.
Don’t accept friend or contact requests on social media from people you don’t know. Criminals may use information they gather about you from social media in order to make their messages more appealing or appear more authentic.
Use the following resources to learn more about scams and how to protect yourself: