Victorians lost more than $77 million to scams in the in the 2023-2024 financial year. In addition to the financial cost, scams can have a devastating emotional impact on victims. By learning about scams, and sharing information with your friends and family, we can all stay safer.
Be aware – scammers are impersonating government departments and trusted businesses.
Look out for suspicious emails, messages and phone calls.
If you receive a call or email out of the blue, stop and check – “Is this for real?”
Don’t give money or personal details or click on any links if you’re unsure. Say no, hang up, delete.
In these scams, scammers pretend to be from a government agency you know and trust. These scammers may try to get you to:
- give them money
- share your personal information
- download remote access software.
These scammers and their threats can seem genuine and frightening. To make you take action, they may:
- make you feel as if you’ve done something wrong
- create a sense of urgency and say you must do what they say immediately
- make threats that you will receive a fine or fees, service disconnection, visits to your home, court action, arrest or even deportation.
If someone is threatening you or trying to intimidate you, hang up.
Check contact details through and independent source, such as an official website. Ask family or friends for help if you are not sure. Contact the organisation directly to ask if they contacted you. Don’t use the contact details provided by the caller or in the message sent to you.
Protect yourself and your data online
Take care when sharing personal information online, over the phone or by email.
- Don’t open suspicious texts, pop-up windows or click on links or attachments in emails – delete them. These could infect your device with malware.
- Don’t send money or share bank details or personal information with anyone you don’t know or trust.
- Check websites and email recipients before sharing any personal or payment information.
- Use strong and unique passwords.
- Set up multi-factor authentication to protect your online accounts.
- Monitor your accounts and devices for any unusual activity or unexpected communication.
- Never give anyone remote access to your computer if they’ve contacted you out of the blue.
A government agency or business will never ask you to pay them with gift cards, iTunes cards or Bitcoin.
Read more tips on the Office of the Australian Information Commissioner .
If you have lost money or given your personal details to a scammer
If you’ve sent money or shared your banking or credit card details, contact your financial institution immediately. They may be able to stop or reverse a transaction, or close your account.
If you think you have been affected by a data breach, there are steps you can take to protect yourself from fraudulent activity. These include:
- changing your online account passwords to strong, new passwords
- not using the same password for multiple accounts
- avoiding opening unsolicited attachments
- never giving anyone your password or financial details even if they sound plausible.
If you’ve given your personal information to a scammer, or think a scammer has access to your information, free support is available from .
IDCARE is Australia and New Zealand’s not-for-profit national identity and cyber support service. IDCARE can work with you to develop a specific response plan to your situation and support you through the process.
For support:
- visit IDCARE.org
- call iDCARE on 1800 585 160.
Scammers are often based overseas, making it hard for government agencies to track them down and take action. So take the time to warn your friends and family about these scams.
For more information about these scams, where to get help or to report a scam, visit the Scamwatch .
Common scams
-
Australians lose more money to investment scams than any other type of scam. These scams can be hard to spot. They usually make big promises so they can steal your money.
Don't lose your life savings. If a money-making opportunity sounds too good to be true, it is likely a scam.
Investment scammers often impersonate investment and finance companies. They use slick marketing, fake celebrity endorsements and fake data to attract victims. Investment scams often promise big payouts with little or no risk. They use high pressure tactics to make you act fast.
Investment scammers may build your trust by:
- sharing fake data to make you think your investment is growing
- allowing you to make small deposits or withdrawals.
When you try to withdraw all your funds they will come up with reasons not to pay you. You can lose access to your money.
Don't be rushed into a bad decision. Always stop and check before you act.
Get independent legal advice, or financial advice from a financial advisor registered with .
For more advice, visit the Scamwatch .
-
Meeting new friends or romantic partners online is becoming more common these days.
Unfortunately, scammers may use romance, dating or friendship to gain your trust and take your money.
With fake profiles, these scammers use social media, dating or gaming apps to meet people. They work hard to build your trust and make you think the relationship is real. They may call or message a lot to make you feel special. This is sometimes called 'love bombing'. They can spend years building an emotional connection with you.
Once you trust them, they ask for money by:
- telling you about an urgent problem they need your money for
- asking you to set up accounts
- convincing you to use cryptocurrency and invest in a fake scheme they say is real
Never trust that someone you only know online is who they say they are. Take things slowly when you meet new people online, and watch out for things that don’t add up.
Don’t send money to someone you haven’t met. If a new person in your life is asking for money, it is probably a scam.
For more advice and red flags, visit the Scamwatch .
-
Scammers are using sophisticated strategies and hacking to send fake invoices to victims.
These scammers pose as a real business you've recently dealt with. They send fake invoices with changed payment details, so your money ends up with them.
Scam invoices can be hard to spot. They often copy business logos and ABNs, impersonate a business email address and even hack into email systems.
These scams can affect any type of business. Property purchases, car purchases and travel bookings can be targeted by these scams.
Always check payment details directly with a business before paying an emailed invoice.
Call the business directly via contact details you have found yourself to check payment details. Don't use the contact details on the invoice – they may be fake.
For more advice, visit the Scamwatch .
-
QR codes are square black and white barcodes you often see in shops, cafes and advertising. QR codes can be 'read' by a smartphone and prompt you to open a link.
QR codes were frequently used to check-in to locations during the COVID-19 pandemic. These days, QR codes have become a common way to share links, order food and even access prescriptions.
Unfortunately, some scammers use QR codes to get people to click on suspicious links. QR code phishing – also known as ‘quishing’ – is a new way scammers are trying to collect personal information.
They may do this by:
- placing stickers on top of legitimate QR codes in public places
- sending unexpected packages to houses with a QR code to scan
- placing a QR code on a fake flyer for a charity or business.
Before scanning a QR code, check to see if it looks tampered with. After scanning, check the URL for anything unusual - for example, a different business name than you were expecting, typos or spelling mistakes. Sometimes URLs use abbreviations. If you are directed to a website that looks suspicious or asks for too much information, close the link.
For more advice, visit the Crimestoppers Victoria .
-
Scammers may pose as legitimate well-known charities or create their own charity name. They may also pose as individuals needing donations for health or other reasons. Scammers may also play on your emotions by claiming to help children who are ill.
If a charity email, website or phone call sounds suspicious, do not respond.
Be wary of requests for for up-front payment by money order, bank transfer, gift cards or Bitcoin. Real charities don’t solicit donations in this way.
Contact your charity of choice directly to make a donation. To check a charity is legitimate, visit the Australian Charities and Not-for-Profits Commission (ACNC) .
-
Scammers pretending to be from government agencies and businesses may ask for payment in iTunes gift cards or other gift cards.
They may say they are from the Australian Tax Office, Centrelink, Telstra or Microsoft. They demand people pay debts or bills by buying gift cards and sharing gift card codes.
No matter how convincing they sound, only a scammer will ask for iTunes or other gift cards as payment.
For more information, visit the Australian Communications Consumer Action Network (ACCAN) .
-
With this scam, people may receive an email or text that appears to be from a trusted retailer. The email offers the opportunity for you to ‘win’ a gift card or voucher which can be collected in store.
These scams try to get personal information from you, like bank account details, credit card numbers or passwords. This type of scam is a 'phishing' scam. 'Phishing' scams try to get your personal details via email, online and over the phone.
Learn more on the Scamwatch .
-
Computer takeover scams try to access to your computer to get your personal information or money.
Scams of this nature often come out of the blue. They often start with an unexpected call, SMS, email or pop up that says:
- you have been billed for a purchase you didn’t make
- your device has been compromised
- your account has been hacked.
They often try to create a sense of urgency and ask people to download remote control software. Sometimes they will claim your computer has a virus. Once the software is on a device, the scammer asks people to log into secure applications such as emails, internet banking accounts.
With access to these applications or the information, scammers will try to impersonate their victims or steal their money.
As always, if a call, text or email doesn't sound right – hang up or do not reply. Independently source the contact details for the organisation to contact them directly yourself. For more advice, visit the Scamwatch .
-
Have you received a text message or email about online shopping you never ordered? Or a weird text message saying you have a voicemail with a strange looking website link?
‘Flubot’ scams made their way to Australia in 2021 after spreading overseas. These messages ask you to click on a link to download something or to visit a website. The message may say you have a package awaiting delivery, or a voicemail waiting for you, but the message is fake. These messages usually include a link, which almost always has 5-9 random letters at the end. This link directs victims to download malicious software called ‘Flubot’.
If you receive one of these messages – delete it. Do not click on the link.
-
Scammers may send text messages pretending to be a family member or friend who needs help or money. The scammer may claim they have a new phone or phone number. They may even use a photo of a family member or friend to seem more convincing.
The messages may start with a simple "It's me" or "Hi mum". More sophisticated scammers may have more information collected online or illegally.
Scammers can use technology to make their call appear to come from a legitimate phone number.
If you’re contacted by someone claiming to be your family member or friend:
- call them on the number already stored in your phone to check it's no longer in use – if they pick up, you know the text message is a scam
- if you can't make contact, try a secondary contact method to check who you’re speaking to
- if you still can’t contact your family member or friend, consider asking a personal question the scammer won't know the answer to.
Never send money to someone you don't know. For more advice on impersonation scams, visit the Scamwatch .
Reviewed 16 December 2024