How to identify a scam
Phishing is the most common cyber-attack used today. Phishing attacks are used to trick the recipient into revealing sensitive information or data in order to steal from you.
Scam emails will look like they come from a trusted brand, person or other organisation but you’ll find there are often small differences that can help you tell the difference.
You should look out for emails that:
• have spelling errors, broken sentences and words in a foreign language
• come from senders that don’t have the same domain (e.g firstname.lastname@example.org - note the dash between words. This is not an official Bank First email address.)
• have attachments such as zip files or.exe files
• ask for personal information such as your password
• have suspicious URLs.
Sometimes your email can be found by scammers after a data breach happens. You should get into the habit of turning on two-factor authentication on websites that will let you. For example, turning on two-factor authentication on Facebook will mean that every time you log in, you’ll be sent a text message to confirm with a code.
Two-factor authentication allows you to connect another personal device that you have access to, to be used as a secondary confirmation. This will prevent hackers from getting into your accounts.
Scam texts have the same sort of features as phishing emails, they’re just in SMS form. Scam text messages can come from familiar or unknown numbers. Sometimes they will even come from a number that has an “official name” that will show on your phone.
Numbers that come from a brand name that you don’t already have in your phone are not always real either. The use of this method can make you feel like it’s a legitimate business when it’s not.
Always keep an eye out for:
• unexpected SMS messages that ask you for personal details, especially financial details
• SMS and MMS messages that come from a 1900 or similar number (these carry premium charges)
• texts that encourage you to click an external link to download something to your phone
• text messages that claim you’ve won a prize or sum of money
• messages about deliveries or missed calls that have misspellings or are unfamiliar to you
If something doesn’t feel right, then it usually isn’t. Trust your gut or ask someone else for their advice to see if they think it’s real.
What can I do?
Remember to pause, review and ask a friend or family member when you receive such messages.
Here are some tips for suspicious text messages.
• Don’t respond to a suspicious text message from a number you can’t identify, even if it asks you to unsubscribe.
• Don’t call any phone numbers that send you suspicious text messages, and don’t call any phone numbers featured in the text message.
• Report the scam text message to the Australian Communications and Media Authority (ACMA) via scamwatch.gov.au.
Here are some tips for potential phishing emails.
• Don’t click on links or open attachments in emails from organisations or people you don’t know.
• Use a spam filter. It can be found in your email settings, usually under security.
• Never provide personal details over email including financial information.
• Report the scam email via scamwatch.gov.au.
If you receive an email or SMS that looks like it’s from us, but you’re not too sure, remember you can always contact our friendly customer service team to confirm on 1300 654 822.