Too Good To Be True?

You may think of scam calls as a pitfall of your great-grandmother or a warning at your local grocery store to be careful when sending gift cards. The hidden danger of scams in the 21st century is that they aren’t always as obvious as a far-off prince who’s having money trouble. With the rise of technology over the past few decades, a multitude of weaknesses have been identified in our online safety.  ​

Phishing is one of the most common kinds of internet scams. Phishers disguise themselves as a representative of your bank, superannuation, or insurance company to lure you into giving them sensitive information, which they can then sell or use to access your accounts.  
Luckily, there are ways to identify scams and avoid falling victim to them.  
 
Step One: Identify  
​
If an email you receive has any combination of the below, it may be a phishing attempt: 

• Strange, plain formatting – often missing punctuation and email signatures, or featuring spelling and grammar mistakes.  

• Comes from an unfamiliar source – especially if the email address does not match the one listed online for the company they claim to be.  

• Discussion of events unrelated to you or which have not occurred, such as log in attempts, troubles with payments for accounts you don’t hold, or invoices for services you never received.  

• A link to make a payment  

• A document you must download to view.  

• Threatens you or places a time pressure to complete something by a certain date.  

Additionally, if a phone call you receive has any or a combination of the below, it may also be a phishing attempt: 

• A strange, unfamiliar phone number. 

• Attempting to rush you to make a payment or take an action.  

• Claiming to be from a company which you aren’t affiliated with.  

• Eliciting an emotional response by causing you to panic or feel frustrated.  

• Offering something that seems too good to be true.  

 
Congratulations, you’ve successfully identified a phishing attempt! Though this list doesn’t encompass all possible phishing scams, it gives you an idea of how they operate to convince you to fork over money or information.  

If you'd like to test your ability to recognise a scam, the Australian Government has a short quiz to test your knowledge.  
 
Step Two: Diving Deeper 
 
Some scams are not overtly suspect. Below are a few examples of scam premises that have risen in popularity over the past decade: 

• Hyper-realistic formatting. The email signature and font impersonate a government body or company. They are convincingly similar to other correspondence you’ve previously received from them.  

• Pretending to be someone you know. These numbers contact you pretending that they’re a friend or relative who has lost their phone or changed their number.  

• Reaching out on social medias such as Instagram, Facebook, and TikTok to promote products and services with unrealistic payouts.  

 
And even when scams aren’t high tech, we can sometimes let confirmation bias steer us toward belief: 

• Receiving a tracking link from a scammer claiming to be AusPost the day you were expecting a delivery.  

• A phone call about your internet after you’ve recently changed providers.  

• “Winning” a large sum of money while in hard financial struggles.  

 
Each of these prey on our situational awareness. They make sense in the context of our lives and can easily let our guard down.  
 
Step Three: Confirmation  
 
If you believe you have found a scam but are not sure, you can go to an official source such as a website or office. Most companies will have a set phone number or email that all correspondence comes through, or a specific domain which is listed in all their email addresses. They may also have a list of information that they will never request from you, such as passwords for accounts or portals.  

A quick google search can help you identify if a number or email is legitimate, but you should also make sure that the source is correct before you rely on any information from it.   

If in doubt, call the official number of the company who supposedly reached out to you and clarify if the correspondence is legitimate. 
​
For example, let’s locate the phone number for Australian Retirement Trust (ART).  

First, I googled “Australian Retirement Trust”. In this case, their website showed up right away, but sometimes the first few results may be sponsored or illegitimate sites, so be sure to look for the official domain name.  

I then navigated to the contact button on the top ribbon.  

Here I can confirm the contact numbers or even start a live chat to ask any questions I might have. 

Most companies will have their information available on their website similar to this. It’s a great way to confirm that a phone call is coming from the official source.  
 
Step Four: Action 
 
If you identify a phishing attempt there are a few ways to resolve it.  
 
Firstly, do not: 

• Respond to the scammer.  

• Reply to emails or texts.  

• Download any attached files.  

• Click any unverified links.  

 
Instead, you should: 

• Contact your bank or financial institution if you believe your accounts have been compromised.  

• Most email services have a reporting function that removes the email from your inbox and flags all other emails from that account as scams.  

• Report it to Scam Watch.  

 
If you suspect that you have accidentally responded to or fallen for a scam, report it to the government hotline.  
 
It’s important to be vigilant when it comes to your cyber security. That’s why it is vital to receive financial advice before accepting offers that seem too good to be true, or that came from questionable sources.  

If you’ve been cold called or emailed about creating an SMSF, investing, or insurances, our office can help identify the benefits and risks of acquiring those products. 

If you’re interested in speaking to one of our advisers, you can do so here.