How to spot a scammer

It only took one phone call for Georgia to lose access to her emails, PayPal account, and $600. Someone claiming to be a ‘Telstra technician’ said her new NBN service was being used illegally without her knowledge, and required an urgent fix.

She agreed to let the caller remotely access her computer, but when he did her screen turned blank and she couldn’t see what he was doing. Before long she was $600 out of pocket and had lost control of her PayPal and email accounts.

This week, we’re helping customers understand common scams and how to avoid them.

Olive had a similar problem – a ‘Telstra technician’ called her to warn that her internet would be cut off within two hours because her computer had been “hacked”.

Olive also let the caller remotely access her computer. This time, the scammer convinced Olive to hand over her bank account details so she could buy $1600 worth of iTunes cards that he said would help Telstra track the hackers’ movements.

Georgia and Olive were just two of 33,000 people in Australia to report falling victim to a threat-based and impersonation scam in 2017. A combined $4.7 million was lost to this type of scam last year.

The bad news is these scams are on the rise – in 2016 the ACCC’s Scamwatch only received 24,400 reports of threat-based and impersonation scams and $1.6 million in total losses.

But the good news is there are some simple, practical ways to help you stay one step ahead of the bad guys.

Anatomy of a scammer

In 2017, there were almost 33,000 reports of threat-based impersonation scams to Scamwatch.

While scams come in all shapes and sizes, impersonation scams generally have a few common traits.

They usually go something like this: someone calls you up and says they’re a representative of a trusted organisation like a government agency or a telco.

The caller may warn you of a problem and demand payment, generally by iTunes vouchers, wire transfer, or Bitcoin, or ask you for your sensitive personal information.

They might threaten you with some sort of action if you don’t comply – like the disconnection of your internet, a fine, or even a lawsuit.

You may also be asked to give the caller remote access to your computer so they can fix the ‘problem’.

The scammers might offer to send you an email that contains “proof” of an unpaid bill or fine, as an attachment to the email or a URL. This will likely contain malicious software (malware) that will infect your computer.

Real versus fake

Over $4.7m was reported lost to scammers by Australian consumers in 2017.

Luckily there are a few easy ways to tell whether the person on the other end of the line is who they say they are.

Firstly, we will never call you and threaten to cancel your service or take court action if you don’t immediately make a payment or hand over your information.

We will never make an unsolicited call and ask for remote access into your computer, or demand your sensitive personal or financial information.

Our staff should only ever treat you with respect and courtesy.

If you get an unexpected call from someone who says they are a Telstra representative, try to verify the person is who they say they are. Try to verify the caller is legitimate through an independent source (like a phone book or online search), and never use the contact details the caller provided you.

If something doesn’t feel right, trust your gut – take the time to stop and think about it, and if you feel uncomfortable, just hang up.

Call the company on the number listed on their official website, like Don’t use any contact details provided by the caller as they will likely be fake.

What if I’ve fallen victim to a scammer?

Telstra represented 35 per cent of all threat-based impersonation scams reported to Scamwatch in 2017.

If you’ve lost money or given a scammer your personal or financial information, there are a number of things you can do to limit the damage.

The first step is to contact your bank as soon as possible. They might be able to block a transaction or close your account to protect you from further financial loss.

The next thing to do is change your passwords. If you think one of your online accounts has been compromised, change your password immediately to lock out the scammers – and ensure you aren’t sharing passwords across multiple accounts.

You can also contact IDCARE. The not-for-profit national identity and cyber support service can help you respond to your specific situation.

Tell your family and friends. You can help protect other people from falling victim to the same type of scam.

[Older Australians are particularly vulnerable; they submitted more than 5800 reports to Scamwatch last year and lost almost $1 million to scams. Talk to your grandparents and elderly friends and relatives about how they can identify if they’re being scammed.]

Stay alert

The best way to protect yourself is to stay alert to all the different kinds of scams that are out there. You can do this through the ACCC’s Scamwatch website, or our own cyber scams guidance.

Scam checklist:

Common scams may include some or all of these hallmarks:

  • Unsolicited call that contains a threat, like a fine or disconnection of internet service.
  • Pressure to hand over financial or personal information.
  • Demand for immediate payment, generally through unusual methods like iTunes vouchers, wire transfer, or Bitcoin.
  • Request for remote access to your computer to ‘fix a problem’.