Phishing is a method of stealing confidential information by sending fraudulent messages to a victim. It is one of the most prevalent scams reported in Australia.
Can you spot a scam when you see one? Take the quiz now!
Since the start of the COVID-19 pandemic, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has seen an increase in reports related to COVID-19 themed scams, online frauds and phishing campaigns.
Cybercriminals send phishing messages all the time. Crises like the COVID-19 pandemic sadly provide more opportunity for cybercriminals to take advantage of vulnerable people. They do this by imitating trusted, well-known organisations or government agencies people might go to for answers.
The phishing messages we’ve seen use all sorts of lures to trick people into handing over their personal details. For example, we’ve seen fake reports of new local virus cases and safety measures to prevent the spread, as well as emails on how to access government benefits or financial assistance payments. There have also been reports of fake online stores offering to sell non-existent products, including cures or vaccinations for the COVID-19 pandemic, and protective items such as face masks.
Phishing messages can be sent in a number of ways.
- SMS
- Social media
- Instant messaging platforms
- Phone calls.
They can look extremely authentic and convincing, and often look like legitimate messages from trusted senders.
They can feature official-looking logos and disclaimers, and typically include a 'call to action' to trick people into sharing sensitive and personal information, such as passwords and banking details, and much more.
Phishing methods used by cybercriminals can include sending malicious links or attachments, and requesting personal information. This can include things like:
- Usernames
- Passwords
- Credit card numbers
- Banking information
- Name
- Date of birth
Sometimes identifying these messages as fakes can be very difficult. Cybercriminals go to great lengths to make them appear genuine. If you think a message you have received is not legitimate, there are things you can do to verify the message.
How do I stay secure?
Think you can spot a scam when you see one? Put your skills to the test and Take the quiz now!
Scam messages are one of the most common ways cybercriminals try to steal your information online. There are some easy steps you can put in place to protect yourself.
1. Think before you click on a link.
The link itself could contain malicious or nasty software. If you can, hover over the link to see the actual web address it will take you to.
2. Never provide your details via a link in a message.
To visit a website (such as your bank) it's safest to manually type the official web address into your browser. You could also use a search engine to find the official website and log in that way. Look for the first result that is not an advertisement, as cybercriminals sometimes create ads for fraudulent websites.
3. Contact the person or business to check if they sent the message.
Use the contact details you find through a legitimate source. Don’t rely on the contact details in the suspicious message.
4. Think you’ve entered your personal details into a scam (phishing) site?
These scam messages are very convincing and lots of people fall for them. Don’t feel embarrassed if it’s happened to you! Find out what to do if you think you’re the victim of a cybercrime with our ‘Have you been hacked’ online tool.
If you act quickly and get help you can possibly mitigate the damage.
How do I keep up to date?
This website provides important, timely advice and guidance to help Australians take proactive steps to protect themselves and their businesses from COVID-19 related and other cyber security threats.
You can report cybercrime and cyber incidents if you have been affected, and sign up to our free email alert service to stay up-to-date on the latest online threats and how to respond.