Australians lost around $2 billion to scammers last year, despite governments, banks, and other businesses getting better and better at spotting and stopping scam activity.
The best defence against scammers is your constant vigilance. It’s far better to be on alert and double-check than get caught out by assuming something is above board.
GloBird Energy will never send you an email or text message asking you to click on a link that goes to an unrelated domain.
Most of the legitimate businesses you deal with have the same approach.
There are some obvious scams
Here’s a breakdown of some of the information you can find via the Australian Competition and Consumer Commission’s Scamwatch website:
– The three scams reported to have caused the greatest financial harm to Australians were investment scams ($701 million), payment redirection scams ($227 million), and romance scams ($142 million).
– The top scams reported to Scamwatch were investment scams ($177 million), dating and romance scams ($56 million), and false billing scams ($17 million).
– The most common contact methods used by scammers were reported to be a phone (50%), text message (23%), and email (14%).
People are spotting phishing more than ever
Phishing – an attempt to trick you into providing sensitive personal details – was the most reported scam in 2021, with 71,308 cases (compared to 44,079 in 2020 and 25,168 in 2019).
That only 861 of those cases reported a direct financial loss suggests this is now one of the most recognised scams, which is a good thing.
Probably because we all get so many emails or SMS messages asking us to confirm our details or click a link to listen to a voicemail or receive a parcel, our first instinct is that it’s more likely to be a scam than a legitimate communication.
Even so, a total of $4.3 million was reported lost from phishing scams in 2021 – 156% more than in 2020.
No matter how good we think we are at spotting these scams, the scammers are going to keep trying, and it only takes one lapse to cost you dearly.
If they can convince you that you’re clicking on a legitimate link to a legitimate website (or an attachment that you think is authentic), you might not even know that you’ve given the thieves access to everything they can find on your computer or smartphone.
How to spot a phishing email
Almost all phishing emails used to be badly written with numerous spelling errors. Some still are easy to spot, but other phishing emails now appear more genuine.
That means sometimes you have to look quite closely to spot an attempted scam.
The most common warnings signs are:
– poor grammar;
– spelling mistakes;
– multiple people in the “To:” field (or an unusual or unprofessional way of greeting you);
– poor quality images and generally unprofessional looking emails.
One of the biggest clues that it’s not actually from whoever it purports to be from is that the “From” email address and the website link have nothing to do with the company.
Rather than open an email like this on your smartphone, we suggest that you check on a computer where you can hover over these two things without clicking. Usually, by hovering over the “From” field you can see that the email address is more than a little dodgy.
Legitimate emails are different
Because of the prevalence of phishing emails, many organisations no longer send you emails containing any links, for example, a company like PayPal simply suggests that you log in to your account without including a link directing you there. They know that if you have an account, you know how to access it.
Few real businesses – especially banks or companies you have an online account with – will email you to tell you “we have noticed unusual activity on your account”, a favourite ploy of the scammers.
They’re playing on your very real worry that someone could be scamming you to actually scam you!
Another favourite way for a scammer to prompt you to click on a link they have sent you is to offer something, for example, “complete this survey and have a chance to win …”.
Then there’s the warning that something is about to expire, and you urgently need to take action to stop that from happening. If you’re busy and think that’s a real possibility, they’ve got you.
If you are unsure about the legitimacy of a communication, log in to your GloBird “My Account” from our homepage where you can update things like concession card or direct debit details.
If you receive an email that looks “phishy” …
– Check the “From” email address.
– Make sure you hover over the links before you click on them. If they don’t point to the retailer’s domain, DO NOT click on them.
– Make sure the domain they go to doesn’t have a subtle spelling mistake in it. Phishing attacks targeting the banks, for example, registered the domain commbanks.com.au. Anyone not being careful enough wouldn’t notice the extra s – the official CommBank site is: commbank.com.au
– You should report any scams to the ACCC via the Scamwatch website.
While we’re happy to report that GloBird has not been targeted in this way, we accept that this is a new reality, and we hate the idea of anybody falling victim to scammers.
Be careful, take your time to check, and stay safe online. If in doubt, send a message to email@example.com and we can help.