Finder makes money from featured partners, but editorial opinions are our own.
How to identify a phishing scam
If you get an email or message from a new or unfamiliar sender, it could be a phishing scam. Here's how to stay safe.
Phishing is a type of scam that aims to trick people into sharing personal details so it can be used for fraud. Phishing messages look like they're from legitimate sources and can come through emails, phone calls, text messages or even social media channels.
Here's a look at the the warning signs and what you can do to stay safe.
How to spot a phishing scam
Generally, scammers will pose as a friend, a bank or another trusted organisation in order to trick or scare you into responding or providing details. But there are often signs that these messages are fraudulent, including:
- Unofficial email addresses. Emails from official institutions are usually sent from that institution's server. For example, a message from the government should come from a ".gov.au" address. So, always check the address the message has been sent from to see if it matches legitimate correspondence that you've had before.
- Suspicious links or attachments. Never follow links to a third-party website from an email or other message. Go straight to the official website or all the organisation involved. Don't download or open attachments unless you're absolutely certain of what they are.
- Urgent demands for payment or information. Scammers will often create a sense of urgency to trick you into doing things you wouldn't normally do. If the email contains threats, demands immediate action or asks for your personal information, don't trust it.
- Poor spelling and grammar. Less sophisticated scams are more likely to have typos and grammatical errors than legitimate correspondence from a bank or other official organisation. But keep in mind that some sophisticated scams won't have obvious errors.
A real example: The 2020 Latitude Finance scam
To help give you some idea of what an email phishing scam might be like, here's one that was directed at customers holding a Latitude Financial Services Mastercard in January 2020.
In this scam, an official-looking email was sent to Latitude Mastercard customers, asking them to update their security details immediately. It included a link to an official-looking website, where they were prompted to enter their card details. Both the page and the email had branding, formatting and language that you might expect from a financial institution.
Here's a breakdown of what made this scam believable and what gave it away.
| Looked legitimate: | Probably a scam: |
|---|---|
| The email address ended in "@latitudefinancial.com.au". This was done using a hacked mail server. | The use of urgent language such as "action required" was designed to rush recipients into making a decision. |
| Official branding, headers and footers that were consistent with real emails were used. | The lack of personal address in the email and the fact that it did not address the recipient by name. |
| Clicking the link directed users to a convincing replica of Latitude's own page, complete with logos and proper branding. | The fake website it redirected to didn't start with "https://", which would indicate that it's a secure destination. |
| Spelling, grammar and phrasing were correct and the email was well-formatted. | There were still some spacing errors in the email itself. |
| Came through to peoples inboxes (instead of being filtered to their junk mail or spam folders). | The email was related to security. Security and protection "upgrades" or "updates" are some of the most common ways to pressure people into providing information. |
As you can see, there's no guaranteed method of spotting a sophisticated scam. And while email spam filters often pick up potential phishing scams, it's important to stay aware.
Remember: Even if a source seems legitimate, it's better to contact the organisation directly regarding any requests for your personal information.
How serious are phishing scams in Australia?
According to data from the Australian Bureau of Statistics (ABS), 13.2 million people were exposed to scams in 2021-22. And most were over phone (48.2%), text message (46.5%) or email (37.1%).
Phishing is one form that these scams can take. If you want to see a list of current scams that include phishing, you can also check the government's active database on the Scamwatch website.
What should I do if I've been scammed?
If you think a scammer has gained access to your bank or credit card details, contact the bank immediately. They can freeze your account and potentially reverse unauthorised transactions.
Depending on the situation, you can also report issues and/or get support from the following organisations:
- Australian Cyber Security Centre
- Scamwatch
- The Australian Taxation Office website, or phone service on 1800 008 540.
- The IDCARE website, or phone service on 1800 595 160
- The police, locally or by phoning 131 444
Tips to avoid being scammed
- Never respond immediately or agree to anything if an email or phone call, or message seems suspicious.
- Contact the organisation that the person claims to be from using official contact details and ask if they have any knowledge of the communication and go from there.
- Never use a link or contact number given to you in a suspicious communication, as this could be part of the scam.
You can also learn more about protecting yourself from fraud and scams with this Finder guide.
More resources on Finder
More guides on Finder
-
Australian credit card statistics
Discover exactly how the average Australian uses their credit card.
-
Firefighters Mutual Bank Credit Cards
Available to firefighters and other emergency service workers, the Firefighters Mutual Bank credit card offers low-cost features.
-
How to pay rent with a credit card in Australia
A limited number of payment platforms give you a way to pay rent with a credit card, but are the costs worth it?
-
Credit Card Surcharges
Compare the surcharges that you can expect when you pay with a credit card and pick up tips to avoid these extra fees.
-
The best credit cards in Australia (seriously, we sorted through 250+)
While there isn't one best credit card, you can find a card that suits your needs by comparing the features, deals and offers that are trending here.
-
Easy credit cards to get approval for
When you apply for a credit card online, you could receive a response within 60 seconds. Find out how you to find a card that you're eligible for and increase your chances of approval.
-
Minimum income requirements for credit cards
Find out how much you need to earn each year to apply for a credit card and compare low income credit cards in this guide.
-
Credit card vs debit card
While a credit card is linked with a line of credit, a debit card is connected to your own money. Compare the differences between the card types in this guide.
-
Credit card repayment calculator
Calculate how much you're paying in interest based on your current credit card repayments and discover how much you should pay each month to meet your financial goal.
-
No Foreign Transaction Fee Credit Cards
Find out how you can keep your overseas spending costs down by comparing credit cards with no foreign transaction fees and no currency conversion fees.
Ask a question