What is a phishing scam?
A phishing scam is a type of online fraud in which an attacker uses fraudulent emails, text messages, phone calls, social media, or websites to impersonate a legitimate entity. They do this to trick the victim into sharing sensitive personal information such as passwords, account information, or other personal details. The attacker then uses this information for identity theft or to gain access to the victim’s online accounts.
Phishing attacks have become increasingly sophisticated in recent years, making them harder to detect. They are a serious threat to your personal and financial information, and as such it is crucial to be aware of the different types of indicators so that you can protect yourself from falling victim to one.
Important To Remember
It’s not uncommon to think that more well-established individuals aren’t prone to these sorts of phishing traps. This is not the case. In 2020 the co-founder of a successful Australian hedge fund fell victim to an attack that lost them nearly $1 million in fake invoices, along with plenty of reputational damage.
- Suspicious Sender: Look out for misspelled words and a different domain name from the claimed company. Be wary of emails sent from public email domains as legitimate organisations typically use their own domain name.
- Urgent or Threatening Language: Phishing emails may pressure you to take immediate action or scare you into updating your information. Remember, legitimate companies will never threaten or pressure you.
- Unusual Request for Information: Be wary when being asked to provide sensitive information such as passwords or verification codes. Representatives of Legitimate companies do not typically request such information.
- Unsolicited Contact: Be cautious of unsolicited contact, especially from unknown senders. If you were not expecting an SMS, email, or call, it may be a phishing attempt. Ask the individual to verify themselves.
- Poor Grammar and Spelling: Look out for grammar and spelling mistakes as they indicate the email is not from a legitimate source.
- Suspicious Attachments or Links: Be cautious of unexpected links or attachments, as they may lead to fake websites designed to steal your personal information.
- Too Good to be True: Phishing emails may offer something that seems too good to be true, such as guaranteed profits or job offers, but these are often tactics to lure you into providing personal information.
- Generic greeting: Phishing emails often use generic greetings like “Dear valued customer” instead of addressing you by name. Legitimate emails from companies you do business with will typically use your name to personalise the email.
Important to Remember
Financial institutions, government agencies, and reputable organisations will never contact you requesting access to your device or personal information such as passwords and security codes. Never share these with anyone, regardless of the urgency or claims being made. Always contact the organisation directly through trusted sources such as their website to validate any of these types of requests.
Think twice before you act
Were you expecting this SMS, call, or email? Take a second, breathe, and think. Does this feel right? Trust your instincts, if in doubt, don’t act.
Have you been asked to respond to something urgently such as a request for a verification code or security concern on one of your online accounts? Before actioning, take some time and evaluate the authenticity of the correspondence. For example, read the SMS code you received; was it for a login to your account, or a withdrawal? If you’re unsure, ask someone you can trust.
Always navigate to the organisation’s website or app to log in, rather than clicking on any links.
What you can do if you come across a scam
Let us know
- Please report scams or suspicious activity immediately to Swyftx via emailing [email protected] or entering our Livechat.
- Forward suspicious emails to [email protected].
- You can also report all suspicious activity to the Australian Cyber Security Centre at cyber.gov.au/report.
Further support and awareness
- IDCARE provides free, confidential support and guidance to those impacted by fraud, scams, identity theft or compromise. Call them toll-free on 1800 595 160 or visit idcare.org.
- Keep up to date on scams by subscribing to the government’s scam email alerts from scamwatch.gov.au/subscribe. Check out our latest crypto scams and security alerts at https://swyftx.com/au/security/latest-scams/.
Did You Know?
Meta is being taken to court over allowing the placement of fake ads featuring notable Australian businessmen and figures supposedly promoting a cryptocurrency investment. These ads led to a fake article, encouraging investment in the project. The project has been revealed as a scam, with many victims of this phishing attack losing hundreds of thousands of dollars.