Keeping your personal information safe

According to Scamwatch (a website run by the Australian Competition and Consumer Commission (ACCC) to help consumers and businesses recognise and report scams), over $320m was lost to scams in 2021 in Australia alone — this is predicted to increase year-on-year.

At Australian Seniors, we take your privacy seriously and work hard to maintain it. But no matter what safeguards we have in place to protect your personal information, awareness will always be the best weapon against the scammers.

What's a scam?

A scam (or online hoax) is designed to trick you in to revealing your personal information. If successful, the scammers can then use that information to commit fraudulent activities, such as making online purchases with your credit card or opening a bank account.

Scams typically fall into the following categories:

1. Buying or selling scams

Buying or selling scams trick you into sending money for fake products and/or services, and include using fake websites that look like the real thing or sending you bills or invoices for something you never ordered.

2. Dating and romance scams

Dating and romance scams take advantage of people looking for romantic partners, creating fake profiles to lure potential victims and then using emotional triggers to convince them to provide money, gifts, or personal details.

3. Fake charity scams

Fake charity scams impersonate genuine charities, asking for donations after natural disasters or other major events such as the 2018/2019 bushfires.

4. Investment scams

Investment scams pretend to offer an easy way to make money, with scammers inventing fake opportunities such as property or business deals, claiming guaranteed high-returns, or gambling systems that prey on their victims’ desire to make a quick buck.

5. Jobs and employment scams

Jobs and employment scams trick you into paying for training or a dream role that bypasses your need to have the necessary qualifications or experience.

6. Threats and extortion scams

Threats and extortion scams threaten to hijack your computer, release sensitive information about you, or even threaten your life if you don’t hand over money or your personal information. These scammers often pretend to be from the police or the government.

7. Unexpected money scams

Unexpected money scams use convincing and seemingly legitimate reasons to give you false hope about offers of money. This can include an inheritance from a distant relative, or request from a stranger who wants to get a large windfall out of their country to avoid high taxation.

8. Remote access scams

Remote access scams convince potential victims that they need to hand over control of their computer or other device to fix a problem, with the scammers often pretending to be from your local council, electricity or gas company, or internet or phone provider.

9. Unexpected win scams

Unexpected win scams trick you into giving money or your personal information in order to receive a prize from a lottery or competition that you never entered.

A scam can be delivered via email, SMS, dating websites, social networking websites, instant messaging, video communication such as Skype or FaceTime, or even a USB drive posted to your address.

Cyber Security Frequently Asked Questions

What to do if you’ve been scammed

Even when armed with the best information, it’s still possible to fall victim to a scam. To help minimise any further damage, follow these three simple steps: 

  1. Don’t panic. Speak with your bank to cancel any affected cards or put your accounts on hold, and immediately change your passwords. 
  2. If you’re concerned that you’ve been scammed or your personal information has been compromised in some way, please contact Australian Seniors on 13 13 43 immediately.
  3. If you’ve suffered financial loss or your personal information has been compromised, you should log an incident with the Australian Cyber Security Centre or call their hotline on 1300 292 371. A list of resources, including recovery and counselling services, can be found on the Scamwatch website.

What is a data breach?

Data breaches occur when information being held by a bank, medical facility, educational institution, government department or commercial business has their online security breached, exposing confidential records and databases to the hacker who breached their defences.

If you are informed that your personal information could be compromised by a data breach, take the following 5 steps:

1. Confirm First things first, you need to make sure there was actually a data breach. When hearing about a possible data breach, either directly or on the news, contact the affected party directly to make sure you haven’t been targeted by a scam. One handy way to learn if any of your accounts, phone numbers or email addresses have been involved in a data breach is to use a tool such as Have I Been Pwned?

2. Scan If your information has been exposed, scan for malware on your computer and any device that you use to make sure they aren’t infected with a virus.

3. Determine Once a breach has been confirmed, you need to work out what sensitive information has been exposed. Depending on the type of breach, this can be narrowed down by contacting the breached party for more information or reading any related news stories. If the breach occurred at your bank, you can safely assume that your financial information (account details, identifying information, etc) is at risk and take steps to secure it.

4. Reset Perhaps the most important step is to change the passwords for all of your online accounts, even those that may not have been involved in the breach. If any account uses your email address, name or other sensitive information to identify you, you need to change the password.

5. Observe After your passwords have been changed and you’ve performed a virus scan on all of your devices, continue to monitor your accounts for any suspicious activity.

Hearing that your personal information has been involved in a data breach can be stressful, but you can minimise any damage by acting quickly and following the steps above.

What if my personal information has been impacted by a data breach?

While not a scam, a data breach can do just as much damage and needs the same strong action if your personal information is compromised by one.

How to protect yourself from online scams

When it comes to your online safety, remember the following:

  • Never share your PIN, security codes or passwords with anyone or leave them where someone else could find them — don’t write your password on a Post-It note and leave it on your computer or the fridge.
  • Never click on any links in unsolicited emails or text messages. Known as phishing, clicking on these fake links gives scammers access to your device, which allows them to steal personal information such as passwords, bank details and credit card numbers. These links often look legitimate, but take you to a fraudulent website. 
  • Be aware that the accounts of your friends or other contacts could be compromised and controlled by a third party to send a malicious link. Before clicking on any link, always move your mouse across the link to see where it directs. If anything looks suspicious, do not make any payments without verifying with the trusted sender through a different communication channel, or contacting them directly.
  • Never reply to an email or SMS (text message) asking for your personal information. 
  • Never give anyone access to your computer remotely, especially if they have contacted you unexpectedly.
  • Secure your devices by using biometric features such as Two-Factor Authentication (thumbprint or facial recognition), and always make sure your anti-virus software is up to date.
  • Never use an obvious password, such as your birth date or the name of your pet, as a scammer can easily work these out. Consider using a password generator such as LastPass to create unique, complex passwords for your devices and accounts. Don’t store your passwords on a browser but instead, use a password manager to store them securely. Change your passwords regularly and try not to reuse the same password on more than one website.
  • Avoid connecting your devices to a public Wi-Fi network. If you must use public Wi-Fi, never conduct any banking or login to websites that require your personal details as it’s much easier for scammers to steal your passwords and other sensitive information from an open network.
  • Never connect a USB drive to your computer or device unless you know where it came from.
  • Be wary of phone calls from numbers you don’t recognise.
  • Be wary of any business that requests an uncommon payment method, such as direct fund transfer, money order, pre-loaded card, wire transfer, gift cards, or cryptocurrency.
  • Be wary of new friends or romantic partners who develop strong feelings quickly, then ask for money or gifts.
  • Be wary about any offer that pressures you into making a decision.
  • If you’ve received an offer that appears too good to be true, it probably is — this could include things like high-end fashion or popular electronic devices at bargain-basement prices, or a once-in-a-lifetime return on investment.
  • Always go directly to our website by typing rather than clicking on links found in emails or elsewhere online or SMS, and please contact us directly if you’re unsure about any correspondence. If we send you an SMS or email it will clearly identify us and provide a contact number.

Education is the key

While it’s almost impossible to protect yourself from falling for a scam, knowing how the scammers work can significantly reduce your risk of becoming a victim.

To help educate yourself, Scamwatch and the Australian Cyber Security Centre (ACSC) have provided comprehensive information on how to spot a scam and protect yourself. Scamwatch also has a number of real-life stories on their website about Australians who’ve been scammed, and how they resolved their issue.