As Australians grapple with cost-of-living pressures due to rising inflation, scammers are taking advantage of people’s increased financial vulnerability.
With a major data breach hitting telecom giant, Optus, as recently as last week, the ACCC has issued a warning urging Australians to watch out for scams.
The cyberattack on Optus resulted in millions of customers’ names, dates of birth, phone numbers and email addresses released. For some customers, even their driver’s licence and passport numbers have been accessed by the hackers, meaning individuals could now be at the risk of identity theft.
But it’s not only Optus customers who need to remain cautious and protect themselves from harm.
With day-to-day living costs increasing and the RBA hiking interest rates, scammers are more likely than ever to target those who are struggling.
Below are five common scams to be aware of in 2022.
A scam impersonating myGov–the government website providing access to a range of government services such as the ATO, Medicare and Centrelink–has been on the rise in the last few months as Australians file their tax returns at the end of the financial year.
The scam comes in the form of an email, with the legitimate myGov domain and branding being copied in order for the fraudulent email to go undetected.
“You have an outstanding refund from myGov,” the subject line reads, sent from firstname.lastname@example.org.
The email tells receipts they have an outstanding refund, and then asks users to visit a website which seeks to gain personal information and download attachments.
“If you get an email like this, don’t open any links, download attachments or respond,” Services Australia says.
“We’ll never ask you to open a link or a file attached to an email.”
“Hi Mum” Scams
In August, the Victorian Police issued a warning about the hoax that “pulls on heartstrings” of parents after identifying nearly 25 victims in Victoria alone.
The “Hi Mum” mobile phone scam involves a scammer sending a text from an unknown number to a victim, claiming to be their child with a new phone and number.
As the texts continue, the scammer then makes a request for emergency money as they claim to be locked out of online banking or unable to access their current funds.
It is believed the scam has resulted in more than $2 million stolen from Australians, although the actual figure is expected to be much higher, as it is believed that many more instances of the text message fraud have gone undetected.
The scam is believed to have originated in Europe but dozens of cases have been found in Australia—and many more are believed to have gone unreported.
Flubot is malicious software (malware) that sends text messages to both Androids and iPhones.
The ACCC’s Scamwatch says Australians have been subject to these fraudulent texts since August 2021, with different types of Flubot scams being updated and sent out consistently.
The texts vary, but usually contain a set of random numbers and often ask recipients to download an app to track a delivery, listen to a voicemail message, or view photos of themselves that have been uploaded online.
The content of the text messages varies but they all contain a link containing 5-9 random numbers. They will often ask you to download an app to track or organise a time for a delivery, hear a voicemail message, or view photos that have been uploaded.
Clicking the link will download the malware, which may allow the hackers to access your personal information and passwords, as well as send text messages from your phone.
The scam is more likely to affect Android users as bFlubot cannot be accessed on Apple, however other malicious software would still be downloaded in its place. Scamwatch urges all users to never click on the links in any unknown messages.
“It is best to delete them immediately,” the Scamwatch website recommends.
Catfishing or Dating Scams
Despite the popularity of Netflix series The Tinder Swindler demonstrating the serious financial risks of sending money online to people you met through dating apps, it is still a prevalent scam in 2022.
Last year, there was at least $40 million in losses from dating and romance scams alone, with $16 million already reported in the first half of 2022 and an increase expected in the lead up to the holiday season.
Scammers find users on popular dating sites before striking up an online relationship without ever meeting, and ask for loans from the victims due to financial troubles, family problems or an inability to access funds–in a similar manner to the ‘Hi Mum’ texts.
Scammers will also play on emotional triggers to get victims to provide gifts or personal details, and are not limited to solely dating apps; social media, chatroom and app users are often subject to the scams themselves.
The ACCC is urging people to not send money to someone they have met online.
In June this year, Scamwatch reported a whopping $113 million lost to cryptocurrency scams. This marks the majority of losses for all investment scams this year alone.
Cryptocurrency scams often involve scammers advertising great trading returns on social media, contacting anyone who interacts with the advertisement and offering to make an investment on their behalf.
These scams are a common occurrence on virtual platforms such as Discord and Telegram, where hackers and scammers will look to take advantage of the hype surrounding the unregulated currency.
ACCC Deputy Chair Delia Rickard says that Australians should be very wary of anyone asking them to invest in or transfer money using cryptocurrency–especially if it’s someone they have only met online.
“Many consumers are unfamiliar with the complexities of cryptocurrency and this can make them more vulnerable to scams,” Ms Rickard said.
Amid the rise in these crypto-related crimes, a new division of the Federal Police has been established to combat virtual asset-based money laundering, and the federal government has also moved on its attempts to regulate the cryptocurrency industry.
Savers are also at increased risk of being targeted by scammers in the midst of the cost-of-living crisis, superannuation is often one of Australians’ biggest investments.
Superannuation scammers often pose as financial advisors or claim to work for your superfund, with the goal to access your money or steal your identity.
AustralianSuper, the nation’s largest superfund, was subject to a scam this month.
While the scams can vary–text messages, emails and phone calls–the most recent case from AustralianSuper involved a fake Facebook page.
Using the AustralianSuper branding, the page promised high returns involving cryptocurrency if individuals sent their personal information. AustralianSuper removed the Facebook page, but these types of scams remain commonplace targeting many other major superannuation funds around the nation.
Tips for Avoiding Scams
To avoid being the victim of one of these scams, look out for these key warning signs:
- An offer seems too good to be true. Scammers lure consumers in with promises of cheap deals or high-returns. If something seems too good to be true, Scamwatch warns, it probably is.
- Communications don’t appear genuine. It’s common for scammers to impersonate legitimate organisations such as energy companies or government bodies. If in doubt, get in touch with the company directly to check if the communication is from them.
- You are being pressured to act quickly. One tactic scammers use is putting pressure on their victims to act quickly, with promises of limited-time deals, or warnings of negative consequences if action isn’t taken. If you are being asked to transfer money or provide personal details urgently, you may be the target of a scam.
- You are being asked to use an unusual payment method. If an organisation you have dealt with in the past is asking you to pay in a new way — such as transferring money to an account you don’t recognise, or using a new payment link — the request may not be legitimate.
- You have been asked for personal information. If you receive an email or text message asking you for information such as a PIN or password, do not provide your details. Genuine companies will not ask you to send these details over text or email.
If you are ever in doubt that an email, text or phone call is legitimate, contact the company the message claims to be from directly. Make sure you get in touch using the organisation’s official channels rather than details provided in the suspicious message.
How do I know if my data was leaked by Optus?
If your data was breached due to the recent Optus data leak, you would have likely already been contacted by the service provider outlining details of what you should do.
If you have not received communications from Optus and are concerned about your details, you can contact Optus through the MyOptus app or via phone at 133 937.
Customers are also encouraged to change all account passwords, set up multi-factor authentication and keep a close eye on finances to ensure you are aware of any fraudulent transactions.