How to identify a phishing scam
Some phishing scam emails look pretty suspicious, but some can look legitimate. The scammers want you to give up personal information or money, or click on dodgy links.
Key takeaways
- Phishing is a type of scam that aims to trick people into sharing personal details by sending them fake messages that often look like legitimate emails, phone calls or text messages.
- Scammers can hack the servers of a company to send fake emails, or use technology to make a message appear legitimate.
- Double check the sender of an email or text and call the sender and be wary of urgent demands or anyone telling you to purchase gift cards.
How to spot a phishing scam
Generally, scammers will pose as a friend, a bank or another trusted organisation in order to trick or scare you into responding or providing details. But there are often signs that these messages are fraudulent, including:
- Unofficial email addresses. Emails from official institutions are usually sent from that institution's server. For example, a message from the government should come from a ".gov.au" address. So, always check the address the message has been sent from to see if it matches legitimate correspondence that you've had before.
- Suspicious links or attachments. Be careful clicking on links to a third-party website from an email or other message if you're not completely sure the message is from the real source. Go straight to the official website or all the organisation involved. Don't download or open attachments unless you're absolutely certain of what they are.
- Urgent demands for payment or information. Scammers will often create a sense of urgency to trick you into doing things you wouldn't normally do. If the email contains threats, demands immediate action or asks for your personal information, don't trust it.
- Poor spelling and grammar. Less sophisticated scams are more likely to have typos and grammatical errors than legitimate correspondence from a bank or other official organisation. But keep in mind that some sophisticated scams won't have obvious errors.
How the 2020 Latitude Finance phishing scam worked
Customers of Latitude Financial Services Mastercard were targeted in a phishing scam in January 2020.
In this scam, an official-looking email was sent to Latitude Mastercard customers, asking them to update their security details immediately. It included a link to an official-looking website, where they were prompted to enter their card details.
Some elements of the email looked very legitimate. But there were still some red flags if you looked carefully.
Why the email look legitimate
- The email address ended in "@latitudefinancial.com.au". This was done using a hacked mail server.
- Official branding, headers and footers that were consistent with real emails were used.
- Clicking the link directed users to a convincing replica of Latitude's own page, complete with logos and proper branding.
- Spelling, grammar and phrasing were correct and the email was well-formatted.
- Came through to peoples inboxes (instead of being filtered to their junk mail or spam folders).
Signs the email was a scam
- The use of urgent language such as "action required" was designed to rush recipients into making a decision.
- The lack of personal address in the email and the fact that it did not address the recipient by name.
- There were still some spacing errors in the email itself.
- The email was related to security. Security and protection "upgrades" or "updates" are some of the most common ways to pressure people into providing information.
As you can see, there's no guaranteed method of spotting a sophisticated scam. And while email spam filters often pick up potential phishing scams, it's important to stay aware.
Remember: Even if a source seems legitimate, it's better to contact the organisation directly regarding any requests for your personal information.
How serious are phishing scams in Australia?
According to data from the Australian Bureau of Statistics, information or phishing request scams had the second highest victimisation rate in 2023-24. 0.7% of Australians aged 15 and over experienced some kind of phishing scam.
Only buying and selling scams had a higher victimisation rate at 1.4% of Australians. 1 in 10 Australians experienced card fraud in the same time period.
Phishing is one form that these scams can take. If you want to see a list of current scams that include phishing, you can also check the government's active database on the Scamwatch website.
What should I do if I've been scammed?
If you think a scammer has gained access to your bank or credit card details, contact the bank immediately. They can freeze your account and potentially reverse unauthorised transactions.
Depending on the situation, you can also report issues and/or get support from the following organisations:
- Australian Cyber Security Centre
- Scamwatch
- The Australian Taxation Office website, or phone service on 1800 008 540.
- The IDCARE website, or phone service on 1800 595 160
- The police, locally or by phoning 131 444
Tips to avoid being scammed
- Never respond immediately or agree to anything if an email or phone call, or message seems suspicious.
- Contact the organisation that the person claims to be from using official contact details and ask if they have any knowledge of the communication and go from there.
- Never use a link or contact number given to you in a suspicious communication, as this could be part of the scam.
You can also learn more about protecting yourself from fraud and scams with this Finder guide.
More resources on Finder
Ask a question
More guides on Finder
-
Virtual credit cards
Virtual credit cards are finally here, with options for everyday use and business spending – so how do they work and how secure are they?
-
Can you get credit card travel insurance if you’re over 65?
Compare credit cards that offer complimentary travel insurance for cardholders aged 65 or over.
-
Credit cards with low cash advance rates
If you need cash quickly there are some credit cards that offer low interest rates on cash advances. Compare your options here and learn about the costs.
-
Store credit cards
Discover the benefits you can get in-store, online and anywhere you shop with a store credit card.
-
Interchange fees: What are they and what do they cost?
For anyone who has paid for a taxi or booked a flight with their credit card and walked away feeling robbed: here's the latest news on credit card interchange fees.
-
A guide to the debt collection process in Australia
If you have debt collectors contacting you about overdue accounts, find out what rights and options you have to work through this process in a way that’s reasonable for you.
-
Credit card skimming: how to protect yourself
Read through this guideline to help protect yourself from any unauthorised transactions from your credit card.
-
How Visa Secure (formerly Verified by Visa) works
If you have a Visa credit card or debit card, find out how Visa Secure (or Verified by Visa) could give you extra protection when you shop online.
-
Credit card repayment calculator
Calculate how much you're paying in interest based on your current credit card repayments and discover how much you should pay each month to meet your financial goal.