skip to log on skip to main content
VoiceOver users please use the tab key when navigating expanded menus

Types of scams

Protecting yourself from scams

If it looks too good to be true, it probably is. Scams are attempts by criminals to purposefully and maliciously mislead you in order to get your money. Everyone is a potential target because scammers don’t discriminate, and will target people of any gender, age-group or socio-economic background.

 

The Australian Banking Association (ABA) are encouraging Australians to "hear the alarm bells" to help avoid scams, learn more below.

Hear the alarm bells – the anti-scam campaign from the ABA

Common types of scams and tips to help protect yourself

While this is not an exhaustive list, the following should give you an idea of some common scams to watch out for, some tips on how you can spot them and suggestions for steps you might consider taking.

Festive season scams

Towards the end of the year, scammers often find ways to take advantage of the festive season celebrations and customs. Scammers may impersonate online retailers, charitable organisations, eCard services and parcel delivery services to try and trick you into making a payment or providing personal/financial details to them.

Scammers might do this by:

  • Setting up fake online stores,  leading you to believe you’re purchasing from a legitimate business.
  • Impersonating charitable organisations, tricking you into donating your money to the scammer, rather than for a good cause.
  • Posing as an eCard service, sending you fake eCards that attempt to trick you into clicking on a link that captures your personal information for misuse. These fake eCards may also deliver malware (malicious software) to your device.
  • Leading you to believe you have missed a parcel delivery. If you click on the link in the message to “confirm your delivery”, you may be led to a website that captures your personal information or trigger a download of malware to your device.

Tips to help you protect yourself during the festive season:

  • Avoid clicking links in emails, SMS messages or pop-ups, instead access websites directly through your web browser.
  • Always use an online store or charitable organisation that is reputable and legitimate.
  • Be cautious when opening eCards, even if they’ve come from someone you think you know.
  • Don’t rely on the contact details or website address provided in a suspicious call, email, or SMS. Confirm the legitimacy of messages through verifiable numbers.

End of financial year scams

The end of financial year is a busy time for individuals, organisations and their employees. Cyber criminals may look to take advantage of this period, where we might be more likely to overlook the signs of a scam.

At this time of year, scammers may impersonate the ATO or other government services such as myGov; and threaten individuals and businesses with tax debt or offer rebates. Scammers may contact you by phone call, SMS, email or other alternative messaging platforms.

Services Australia have warned about tax time scams and provided the following examples of what scammers might say:

  • you can get a payment, tax rebate or other type of refund
  • there is a problem with your tax return or myGov account
  • there’s been a change to your myGov account or it has inaccurate information
  • your myGov account is about to be frozen or suspended

© Commonwealth of Australia

If you are unsure about the authenticity of a call or message, contact the ATO or applicable government service to verify.

Top tips to help protect yourself during the end of financial year:

  • If you receive a request via email, phone or SMS message to change or update payment information, always verify by contacting the supplier directly using contact information that you know is genuine, and not contained within the suspicious communications in question.
  • Turn on multi-factor authentication for all essential services such as email, bank, social media accounts and any databases holding personal or customer information.
  • Access websites directly by typing the URL into a web browser, rather than clicking on a link.
  • Remember, if something seems too good to be true, it usually is. Pause and verify before acting.

If you’re a business, a scammer posing as a supplier or vendor may email you to advise their banking details have changed. They will provide you with a new bank account number and ask that all future payments are processed to the new account.  

A business may also receive an invoice from a supplier or vendor whose email account may have been compromised.  The invoice will look legitimate so will not be questioned, with payment made to the criminal’s account.

In other variations of the scam, the cyber-criminal will send an email internally to a company’s accounts team, pretending to be a senior executive such as a Chief Executive Officer (CEO) or Chief Financial Officer (CFO), requesting an urgent transfer of funds in the hope the recipient will respond swiftly without verifying the request. Cyber criminals can also request salary or rental payments be directed to a new account.

Here are some steps that might help protect yourself and your business against email compromise:

  1. Ensure you have a process in place for employees to identify and action suspicious emails, texts or phone calls.  If you receive a suspicious email, share it with staff to ensure they understand what to look for.
  2. Pause before responding. If it doesn’t seem right, or is unexpected, question it – even if it appears to be from someone senior in your business.  Use the contact details on the company’s official website to call and verify vendor or supplier requests.
  3. Install antivirus software on all computers used by yourself or the business and keep it up-to-date.
  4. Activate two-factor authentication (2FA), as well as a strong password to protect the security of your email account.  2FA adds an extra layer of security, and stops criminals getting into your account even if they guess or steal your password.
  5. Ensure you have a secondary authoriser in place for all payments.
  6. If you’re a commercial or private banking customer, consider using ANZ Document Exchange to upload requested documents to your banker as an alternative to using email. The service uses two-factor authentication for an added layer of security.

For more information on BEC scams and other preventative steps you can take please click here.

Read more on an ANZ media release.

Scammers may contact you by phone call, SMS, email, social media or alternative messaging platforms (e.g. WhatsApp) claiming to be a legitimate organisation or loved one in an attempt to trick you into performing an action (such as visiting a website to capture personal details, sharing sensitive information over the phone (e.g. passwords or making a payment to an account). Scam messages may even appear in the same thread of prior messages from the actual person or organisation.

There are numerous impersonation scams circulating, which may be convincing as the impersonator preys on emotions such as trust, fear, panic, or curiosity.

Scammers may impersonate:

  • Banks - A scammer involved in Banker Impersonation might contact an individual posing to be a representative from their bank’s fraud team declaring that their accounts have been compromised. Believing the scammer, the victim may panic and follow the scammers instructions - unwittingly providing personal banking details such as passwords and/or transferring funds to an unknown account.
  • Government agencies (e.g. ATO) – Cyber criminals often take advantage of the trust consumers might place in government agencies. Scammers might pose as the tax office in the form of an email or message declaring that an individual is entitled to a tax refund. Messages often contain a link to a phishing site that then captures sensitive information e.g. Tax File Number and login details.
  • Companies (e.g. insurance or telecommunications) – Individuals might be surprised to receive a phone call claiming to be from their provider, offering a "discount" for their services. To redeem this "discount" the individual is asked to provide sensitive information or a 'one-time pin' usually delivered via SMS, to the scammer.
  • Family and Friends (e.g. "Hi Mum" or "Hey Dad" scam) – Scams of this nature involve SMS messages or messages from alternative messaging platforms (e.g. WhatsApp) from a scammer posing as a family member or friend requiring some form of help. Once rapport has been built, these messages evolve into requests for money or personal details.

If you think you’ve been targeted by an Impersonation Scam, here are some precautions to protect yourself:

  • Stop and think twice before acting on or responding to an urgent request for sensitive information or urgent action
  • Be suspicious of anyone asking you for personal information or a payment. Even if they say they’re from your bank, a known service provider, or claim to be a family member who has recently changed their phone number.
  • Hang up on callers asking for personal information (e.g. passwords, Shield details or one-time-passwords for payments) and contact the organisation directly using the contact details it provides. For instance, at ANZ, you can find contact details on our website www.anz.com.
  • Don’t click on any unexpected links even if it appears to come from a legitimate source
  • Never provide your password, PIN, or one-time password (OTP) for payments, RSA token or ANZ Shield to anyone, even if they claim to work for your bank and have personal information about you.
  • Contact your provider/bank immediately on a listed number if you receive a message from someone saying your account is at risk or if you enter personal details into a link that you suspect is a scam.
  • Beware of scam emails (phishing) and messages (SMS, WhatsApp, Social Media DM’s) even if the message appears to come from someone you know.
  • Don’t transfer money to an unknown account.

Investment scams involve the scammer getting you to send money or provide personal details on the promise of big payouts, quick money, or guaranteed returns. According to Scamwatch, Australians lose more money to investment scams than any other type.

Investment scams can be very convincing. Scammers may look and sound highly professional, and it may be hard to tell if they are genuine investments or not.

There are various forms of investment scams. Common examples include:

Cryptocurrency scams involve using cryptocurrencies or digital currencies as a medium of exchange for an investment opportunity. Cryptocurrencies are highly volatile and can be very hard to track. Scammers may ask the unsuspecting victim to invest in a crypto platform with the promise of high and guaranteed returns. These can be fake trading platforms where the scammer is able to manipulate figures which may lead you to believe that your investment is gaining profit.

Ponzi schemes typically tend to pay existing investors with funds collected from new investors. They may promise to invest your money to generate high profit and guaranteed returns. However, it’s likely the perpetrators do not invest the money and instead they use your money to pay those who invested ahead of you and will repeat the same cycle as new investors join in. 

Imposter bonds are when perpetrators present themselves as legitimate representatives or employees of financial firms offering high yield fixed term deposits or treasury bonds that are non-existent or untrue. You may be directed to pay funds into a bank account, and once you do that, it may be very hard to recover your funds.

Fake public offerings, referred to by the scammer as an IPO or an initial public offering, of shares from a “promising” company or from an industry sector that becomes “hot.” You may be directed to buy unregistered shares in a private company before the initial public is made aware of it, which usually turns out to be a bogus IPO, or such company is not engaging in an IPO.

Superannuation scams may lead to scammers creating superannuation accounts under your name or transferring your money to a fake superfund. They may promise different withdrawal methods, but you may end up losing your money and having your identity compromised.

Romance baiting is when scammers pretend to be potential future partners in a dating app or platform. After building a relationship with you online, the scammer may start asking for your personal information or finances and offer you some investment opportunities and starts asking you for money.

Celebrity endorsement scams may start with an offer of investment opportunity for a product, service, or material being endorsed by a celebrity. Often, these celebrities are linked to those products without their consent.

Gambling and sports betting may be about investing on a software with the promise of a game’s outcome or high returns. It may also be investing money to form a group with a pool of money, where the scammer will claim to bet on behalf of the group and share a percentage of the profits.

Watch out for the red flags

According to the Australian Securities and Investments Commission’s (ASIC) Moneysmart, signs of an investment scam may include:

  • offering high investment returns
  • the absence of an Australian Financial Services (AFS) licence
  • frequent contact pressuring you to make fast decisions
  • providing an investment prospectus that is not registered with the Australian Securities & Investments Commission (ASIC)
  • the use of a reputable organisation’s name to instil credibility

Tips to help you protect yourself

  • Take your time - Don't be pressured to make a quick decision with your money you may regret later.
  • Trust your instincts - if an offer sounds too good to be true, it probably is.
  • Always check any investment opportunity to make sure it's real, especially if approached through social media.
  • Do your research before giving your details to an unsolicited caller or replying to emails offering financial advice or urgent investment opportunities.
  • Check if a financial adviser is registered via the ASIC website and check ASIC’s list of companies you should not deal with. If the company that is asking for your investment is on the list - do not deal with them.

Job scams are an attempt to trick you into handing over your money by offering you a ‘guaranteed’ way to make fast money or a high-paying job for little effort.

Watch out for the red flags

  • A job advertisement posted online or an unsolicited message for a job offer with the promise of money for little effort.
  • You may be asked to pay a fee or purchase items in order to commence work with the promise of reimbursement.
  • You may be asked to use your own bank account to receive money and to on-transfer the funds to another account, in exchange for a commission. This is known as 'money muling'.
  • The job offer may not be personally addressed to you.
  • The message from the employer may not provide a street address, only a post office box or an email address.
  • You receive an immediate job offer before being interviewed.

Tips to help protect yourself from job scams

  • Always remain sceptical of unsolicited job offers.
  • Pause and consider whether the opportunity (and the company) is legitimate before acting on it, especially if it appears too good to be true. Get into the specifics and do some research to confirm.
  • Be wary of job offers that require you to use your own bank account to transfer funds.
  • Never provide sensitive details (such as passwords, PINs, or one-time passcodes for payments) to anyone.

Unexpected winnings

Someone contacts you (via phone, text, email, letter or social media message) to tell you that you have won an online competition or lottery draw. But before you can get your prize money, you’ll have to pay a fee to claim your prize. The prize money doesn’t exist and the funds you’ve sent are lost.

Inheritance scams

Someone claiming to be a lawyer gets in touch with you, letting you know that you’re the last living relative of a wealthy person who’s passed away. You're entitled to inherit their fortune, but in order to receive it you need to pay some legal fees. In reality, there is no inheritance and the money you send goes straight to the scammers.

Classified ads

Sellers post classified ads for items such as pets, cars, bikes and rental properties. These ads look legitimate with detailed information, attractive photos and a great offer of a low price.

If you contact the seller, they may claim to be travelling or say they’ve moved overseas recently. They then may say that an agent give you the goods once they get your payment. You pay them and get sent a professional-looking email receipt, but your goods never arrive and the seller disappears, with you having no way to contact them.

A phishing scam is when you receive a hoax email, text or social media post that looks like it's come from a legitimate company like your bank, mobile phone or internet service provider.

The phishing scammer wants to trick you into giving them your personal information such as your password, bank account or credit card number.

There are many different scams circulating. As examples, scammers may send out communications claiming:

  • A tax return was placed on hold as it requires further information. The individual is prompted to follow the link in order to add information and receive their refund.
  • A new message has been received from the taxation office. The individual is prompted to follow the link in order to view the message.
  • A postal item was unsuccessfully delivered and had to be returned to the depot. The individual is prompted to follow the link to reschedule the delivery.
  • An overdue toll notice is outstanding. The user is prompted to follow the link to resolve the issue.
  • An overdue statement reminder. The individual is prompted to follow the link to review the statement.

Be extra diligent if you receive an email that:  

  • asks you to verify details like your Customer Registration Number, username, password or PIN
  • gets you to fill out your personal details for a survey, in exchange for a prize
  • claims to alert you to suspicious activity on your bank account and asks you to log in using a link in the email
  • is not addressing you by name at the start of the message
  • includes a sense of urgency, claiming that your immediate attention is needed
  • has an email address that doesn’t look quite right
  • asks to click on a links or open an attachments

Pause before responding. If it doesn’t seem right, or is unexpected, question it.  Use the contact details on the company’s official website to call and verify any suspicious or unusual requests.

Remember - ANZ will never send you an email asking for your account details, financial details, or your log in details for ANZ Phone Banking, ANZ Mobile Banking or ANZ Internet Banking.

Typically, the scammer will phone you and pretend to be a staff member from a large telecommunications or technology organisation.  They may claim your internet connection has been hacked or your security has been compromised and your assistance is required with an investigation.

Normally, the real organisations will not make unsolicited calls or ask you to install software in order to access your computer device remotely. These agencies will also not ask you to purchase gift cards or vouchers to pay for debts or transfer funds to offshore accounts for the purposes of assisting with an investigation.

Here are some precautions to reduce your risk of falling victim to a remote access scam:

  1. Never give an unsolicited caller remote access to your computer.
  2. If you receive an unsolicited call about your computer and remote access is requested – hang up – even if they mention they are calling from the ‘security’ division of a well-known telecommunications or technology organisation.
  3. Make sure your computer is protected with regularly updated anti-virus and anti-spyware software, and a good firewall.

An unexpected message or request (through channels such as email, social media platforms, messaging apps, etc.) from someone you don’t know might be the start of a romance scam.

The scammer uses a false identity to capture your interest and builds an emotional connection over a period of time by revealing personal information, sending you gifts or promising to visit you. They may use fictitious names and often claim to be from Australia but working overseas.

Once they’ve gained your trust, they are likely to ask you for money either directly or more subtly, for instance by telling you that they require money for transport to visit you, they require urgent funds to evade prosecution in another country or have a sick relative who needs funds for medical treatment.

The scammer may also claim they have made a sizeable profit from investing in cryptocurrencies, shares or other investment products. They may attempt to persuade you to “invest” your money in a low-risk, high-return opportunity. You may be convinced to transfer money into an investment account quickly so that you do not miss out.

The scammer will typically disappear after the payment has been made or continue seeking opportunities to collect more money.

In other instances, the scammer may ask to use your bank account to receive money and to on-transfer these funds to another account. You may be unknowingly recruited as a money mule.

Watch out for the red flags

  • If the conversation started on a dating site or app, they will try and move it to a more private messaging platform
  • They always have a good excuse for not showing themselves on camera or not meeting you in person
  • They promise to visit you or fly you to where they are only to break that promise later
  • Their online profile and what they tell you about themselves doesn’t seem to add up
  • They ask for money directly or more subtly

Tips to help protect yourself from romance scams

  • Don’t dive in head first, ask questions to verify their identity and claims
  • Do a little digging to check if their profile (or alias) appears in anecdotes from other romance scam survivors
  • Do a Google reverse image search of their photo to check if it has been used by others
  • Don’t be pressured into sending money, especially If it seems too good to be true. Stop and think twice before acting on an urgent request
  • Never share your personal information (like passwords, PINs, one-time passcodes (OTP), ANZ Shield Code, card number/s, etc.)
  • Never provide remote access to your device

Threats and extortion scams can arise where you are threatened, coerced, blackmailed or frightened into complying with the scammers' demands. Demands could include paying money immediately or disclosing personal information to the scammer.

Scammers may impersonate personal contacts (including romantic interests), organisations, government (e.g., the tax office) or the police. You may be threatened with legal action, arrest, reputational damage, deportation, physical harm or even threats to life unless you pay immediately.  

Common examples may include:

  • Being threatened with legal action or arrest for an ‘outstanding’ tax debt
  • Being threatened with deportation due to issues with your visa or immigration papers
  • Being blackmailed by scammers who threaten to share private pictures or videos of you (known as sexual extortion or sextortion)

Supporting resources:

In an online sales scam, the scammer poses as a buyer or seller attempting to trick you into making a payment to them. They may even trick you into sending goods you’re selling to them despite being unpaid for. Scams are often products that are difficult to find or highly popular, such as concert tickets.  

Common examples may include:

  • Scammers may create fake online stores that target buyers with deals that are often too good to be true. You may believe you’re purchasing goods from a reputable and well-known company, however, in these instances you could lose money upon making a “purchase” as the store doesn’t actually exist.

  • Marketplace scams involve scammers listing items for sale on online marketplace platforms (e.g., Gumtree and Facebook). These listings may look legitimate with detailed information and attractive photos, at an appealing price. The seller may insist on sending you the goods once you have paid for the item in full. Once the items have been paid for, a receipt may be received, however, the items don’t arrive, and the seller disappears.

  • In a payment platform scam, the scammer offers to purchase your goods via a payment platform (e.g., PayID or PayPal). The scammer then claims they have paid for the goods but there was an issue with the payment because the buyer doesn’t have a ‘premium’ or ‘business’ account. The scammer claims to have paid for the upgrade on behalf of the seller and requests ‘reimbursement’. They may claim they have accidentally overpaid for the goods and seek ‘reimbursement’. Having the seller's email, the scammer may also send a fake email appearing to originate from ‘PayID’ or ‘PayPal’ as ‘evidence’ of the payment, further pressuring the seller into ‘reimbursing’ them. This is a scam, and the seller does not receive any money to their account.    

Watch out for the red flags

  • Offers that appear too good to be true. These items may be highly discounted than the standard.
  • Websites may lack credentials such as a privacy policy, ABN or ACN, or T&C’s and there may be no contact or escalation details.
  • You receive an invoice for items you’ve never ordered or from a company you do not know.
  • The marketplace seller insists they must send the item to you, instead of offering local pick up.
  • You are asked to pay upfront or by unusual payment methods.
  • Issues with the URLs (mis-spelt or similar names) and unregistered/recently registered websites.
  • Sellers will come up with a story to explain a problem e.g. ‘I can’t show you the goods because they’re at my friend’s house, but I will post/courier it to you’.
  • Sellers will often create a sense of urgency to encourage you to act.
  • The payment to the person or business you think you are paying, doesn’t match the identity of the account holder.

Tips to help you protect yourself

  • Do not make any ‘reimbursement’ payments unless you have confirmed and verified a payment/overpayment received in your account.
  • Do not release any goods to the buyer until payment is confirmed.
  • Pause and consider the legitimacy of offers, particularly those that appear too good to be true.
  • Be wary of stores that are new and selling products at very low prices.
  • Check that a website you want to buy from has an ABN (ABN Lookup), information about privacy, terms and conditions of use, dispute resolution and contact details, plus a secure payment service like PayPal or credit card.
  • Search for the official site of the company. Don’t assume that the first search result that comes up is the real website. Look carefully at the search results and look for unusual spelling in the URL.
  • Where possible, try and view the product before purchasing.
  • Consider using PayID to make sure the name matches the person you think you’re paying. 

A money mule is a person (or company) who is recruited by criminals to transfer illegally obtained money or goods on their behalf. They are typically used to receive and distribute the proceeds of many crimes, including fraud and scams.

Some money mules are unaware they are involved in criminal activities. They may be caught up in a romance scam or may have been approached as part of a job scam – where they enter into an agreement to shift money between accounts for a financial return, unaware or oblivious to the illegal nature of the transfers. They may even believe they’re involved in an investment opportunity.

Scammers can also use compromised identities to open mule accounts by obtaining personal information – acquired through various means, such as data breaches, phishing attacks or purchasing stolen data on the dark web.

Watch out for the red flags

  • A job advertisement posted online or an unsolicited message for a job offer with the promise of money for little effort. There may be no specific job description.
  • You’re offered a sum of money in exchange for receiving funds and subsequently transferring it to another account. Alternatively, you may be asked to transfer funds through a money service business or to purchase gift cards.
  • You’re being asked by an online contact you’ve never met (e.g., romantic interest or friend), to receive funds and send it elsewhere.

Tips to help protect yourself from money mule scams

  • Pause and consider whether the opportunity (and the company) is legitimate before acting on it, especially if it appears too good to be true. Get into the specifics and do some research to confirm.
  • Be suspicious if an online friend/romantic interest that you’ve never met wants to use your bank account to receive and send funds.
  • Be wary of job offers that require you to use your own bank account to transfer funds.
  • Never provide sensitive details (such as passwords, PINs, or one-time passcodes for payments) to anyone.

For more resources

We're working every day to help keep you secure online, however it's also your responsibility to keep yourself secure. With new scams regularly surfacing, it’s important to educate yourself on the most common types of scams so you know what to look out for. To help you, here are some suggestions of simple steps you can take to further improve your level of security:

  • Call out anything suspicious relating to your ANZ banking by reporting it to us and report wider concerns to Scamwatch
  • Learn about the different types of scams, how to protect yourself from them and sign up for alerts from the ACCC’s Scamwatch and Stay Smart Online
  • If an email, call or SMS seems unusual, check it through official contact points (e.g. published phone number) before acting (e.g. clicking on links, opening attachments or following any payment instructions)
  • Type website addresses into your browser’s address bar rather than clicking on any links that you’ve been sent
  • If you’ve changed your number, lost your phone or are planning to travel overseas let us know (Personal Banking or Business) so we can try to tell you about any unusual account activity

Click here to download a flyer on protecting yourself from scams.

Click here to download the ACCC’s Little Black Book of Scams.

Spot the red flags and think twice

  • Do you know the person you’re sending funds to?
  • Have you been asked to send funds for a transaction that you didn’t commence?
  • Have you been asked to receive and send funds on behalf of a third party?
  • Do you understand the reason you are sending funds?

Learn more about scams from the Australian Federal Police

Learn more

The information on this page does not take into account your personal needs and financial circumstances and you should consider whether it is appropriate for you and read the relevant terms and conditionsProduct Disclosure Statement and the ANZ Financial Services Guide (PDF) before acquiring any product. 

Applications for credit subject to approval. Terms and conditions available on application. Fees and charges apply. Australian credit licence number 234527.

Top