It’s the end of the year. You’ve got your feet up. Your out-of-office is on and so is the cricket. But just because you’re taking a bit of time to relax and recharge doesn’t mean scammers are doing the same.

Scammers often take advantage of our “holiday-mode”: the time of year when our guard is most likely down. That’s when they can slip in under the radar and do real damage.

They like to take control of your accounts – including bank, phone, email and social media – at a time when you’re less likely to notice something’s out of the ordinary. They can slip in through a link in an innocuous-looking social media post, or socially engineer you based on the information you’ve posted online about your identity.

First and foremost, before you put your feet up, you should enable basic safeguards to defend yourself such as two-factor authentication. This helps protect your accounts by implementing a second-layer of authentication – such as a temporary access code generated by a secure app or delivered via SMS – before a login is authorised.

Anyone is susceptible to a scam, not just someone who you might perceive as a “larger target”. If you’ve got dollars and cents in your accounts and personal data that can be on-sold, you’re a target! From businesses to kids and everyone in-between, scammers are looking to nab as much data on you as they can.

To keep yourself safe online over the break, we recommend reading our advice from this year’s Scam Awareness Week to keep yourself safe.

In the meantime, always follow our checklist for spotting scams:

  • Listen to your gut. If you encounter something unsolicited, unexpected, too good to be true, or coercive – or anything that asks for personal or financial information – hang up and call the organisation on its official number or searching online for any background information on the sender or offer.
  • Beware of unsolicited requests for sensitive information – don’t give this information up on calls and don’t open attachments or click on embedded links in emails or sites you don’t know or trust.
  • Unsolicited calls that contains a threat, like a fine or disconnection of internet service and also feature:
  • Pressure to hand over financial or personal information.
  • Demand for immediate payment, generally through unusual methods like gift card vouchers (iTunes, Google Play, Netflix or Steam, for example), wire transfer, or Bitcoin.
  • Request for remote access to your computer to ‘fix a problem’.

For more information, visit the Federal Government’s Scam Watch page to learn about and report scams.