Scams Week

Dating and romance scams often take place through online dating websites, but scammers may also use social media or email to make contact.

These scams are also known as ‘catfishing’. Scammers typically create fake online profiles designed to lure you in. They may use a fictional name, or falsely take on the identities of real, trusted people such as military personnel, aid workers or professionals working abroad.

Once trust is established, the scammer will share elaborate stories and ask for money, for example to cover costs with illness, injury, family crises, or travel.

Red flags

• Quick to fall in love or you develop a fast, close friendship.
• Promises of love, overly flirtatious and complimentary.
• Scammers may send their victim small gifts to “ensure they are genuine”.
• There is always a reason why their webcam isn’t working.
• Promises to meet in person, however, there is always an excuse to delay.
• Scammers will tell you what to say to bank tellers/checkout operators when they ask what you want money/gift cards for.

Prevention advice

• Never send money to someone you haven’t met in person.
• Always consider the possibility that the approach may be a scam. Try to remove the emotion from your decision-making, no matter how caring or persistent the ‘prospective partner’ is.
• Conduct an image search of your admirer to help determine if they really are who they say they are.
• Be alert to things like spelling and grammar mistakes, inconsistencies in their stories and other signs it may be a scam such as their camera never working when you want to video call each other.
• Be cautious when sharing personal pictures or videos with prospective partners, especially if you’ve never met them before. Scammers are known to blackmail their targets using compromising material.

Download our poster

Watch video

Investment scams involve promises of big payouts, quick money, or guaranteed returns, and reportedly claim more money from Australians than any other scam type.

In addition to the traditional way of transferring funds through bank transfer, cryptocurrency is becoming more popular because of the perceived anonymity it offers. Crypto scams often aim to gain private information such as security codes or trick an unsuspecting person into sending cryptocurrency to a compromised digital wallet.

Red flags

• Fake news stories or ads where celebrities endorse schemes for people to make ‘big money’.
• Emails, websites or ads with testimonials and over-the-top promises of big returns.
• An online friend or partner you’ve never met in-person brings up the topic of investing.
• High pressure tactics designed to rush you to act so you don't 'miss out'.
• You are asked to promote the scheme to friends and family to earn commission.
• The 'adviser' who is helping you claims they don't need an Australian financial services (AFS) license.

Prevention advice

• Be wary of advertisements found on social media sites offering investment opportunities. Scammers use these platforms to lure potential victims and direct them to fraudulent websites.
• Always be suspicious of any investment opportunities that promise a high return with little or no risk – if it seems too good to be true, it probably is.
• Never allow anyone access to your device to assist with creating accounts. Remote access apps give scammers full access to your phone, your identity, and your newly created cryptocurrency account.
• Do not send copies of identification such as your driver’s licence, passport or Medicare card to people or businesses that you are unfamiliar with.
• Watch out for poor grammar and spelling. A legitimate company will take great care in having a professional look throughout their site.

Download our poster

Sextortion is a form of online blackmail where a perpetrator threatens to expose sexually compromising images, video footage, or information.

Scammers often manipulate or coerce someone into sending intimate images or videos, and then threaten to share them unless a payment is made.

Sextortion scams have only recently been identified as a trending scam type, and therefore categorising this scam only commenced in January 2023.

Males are the overwhelming victim demographic, averaging 80 per cent of total reports, with men under 25 years mainly targeted. Juvenile victims (12-17) also make up 15 to 19 per cent of reports.

Red flags

• Unsolicited and fast-moving contact often on social media or dating websites.
• Something does not add up. Their online profile doesn’t match what you see and hear when you talk or chat with them.
• Request to use another messaging platform rather than the one they “met” on.
• Requests for explicit content. This often happens after the scammer has sent intimate photos of ‘themselves’ first.
• Reluctance to video chat or meet in person.
• Threats, demands or requests for money.
• Pressure and manipulation. Scammers will attempt to manipulate or coerce their victims into complying with their demands.

Prevention advice

• Refuse friend requests from people you do not know personally.
• Avoid sending intimate images and videos online as you never know where they will end up.
• Refuse demands for payments which may include gift cards and cryptocurrency.
• Younger people should speak to a trusted adult for support, or to engage with family, mental health services or other community support services.
• If the scammer has shared any intimate images online without your consent, report this to the online platform to have them removed.
• Contact the eSafety Commissioner to assist in having images removed if the platform failed to take down the content.

Download our poster

Watch video

Tech support scams often see fraudsters pose as IT support staff for financial gain.

SAPOL is continuing to see an increase of remote access scams, particularly through unsolicited phone calls from scammers pretending to be from well-known businesses.

Scammers request victims to install a program or application on their computer or device which allows them remote access to allegedly ‘fix a technical problem’. They often claim that a victim’s computer has a virus or there is a problem with their internet connection which may be affecting the computer's performance.

Scammers then try to talk people into buying unnecessary software or a service to ‘fix’ their computer, or they may ask for personal information including bank and credit card details. Tech support scams can also transform into a bank impersonation scam.

Red flags

• You receive a phone call out of the blue and the caller claims to be from a large telecommunications or computer company, or a technical support service provider.
• They tell you that your computer is experiencing technical problems, and they need remote access to sort out the problem.
• They ask you to buy software or sign up to a service to fix the computer.
• They ask for your personal details and your bank or credit card details.
• The caller is very persistent and may become abusive.

Prevention advice

• Hang up and contact the organisation on a known, reputable number. Do NOT trust contact details given to you by the caller.
• Be aware of requests for unusual payment methods. Once you have placed money into a crypto ATM it will never be seen again.
• Remember that you can still receive scam calls from a private number. If in doubt, hang up and ring the organisation back on a known reputable number.
• Never download programs or applications at the request of someone over the phone.
• Do not be intimidated by technical language or pushy behaviour.
• Make sure your computer is protected and regularly updated anti-virus and anti-spyware software. Conduct your own research first and only purchase software from a source that you know and trust.
• Never give remote access to your device or computer, no matter how legitimate they appear!

Download our poster

Watch video

Business email compromise (BEC) scams are carried out when a scammer compromises legitimate business or personal email accounts through social engineering or computer intrusion to conduct unauthorised transfers of funds.

Intrusions occur often when an employee clicks on a suspicious link containing malware that can lead to unauthorised access or installation of unauthorised software.

Social engineering occurs when someone is manipulated by a scammer into doing what they want.

The cybercriminal often poses as a trusted figure, then asks for a fake bill to be paid or for sensitive data they can use in another scam.

Victims assume this request is legitimate and will then send invoice payments to a bank account operated by the scammer.

Red flags

• Notification that your account details have changed.
• Invoices have different reference or payment numbers.
• Out-of-the-ordinary emails from within a business.
• Spelling mistakes in emails.
• Requests for money, especially if urgent or overdue.
• Attachments, especially from unknown or suspicious email addresses.
• Requests to check or confirm login details.
• Unexpected or suspicious links.

Prevention advice

• Turn on multi-factor authentication. Having multi-factor authentication increases the security on your email account.
• Remember to use a strong passphrase for your email account.
• Beware of ‘Email spoofing’ that occurs when someone forges the “From:” field of an email to say that it was sent from an email address other than their own. Contact the sender using an alternative method.
• Protect your privacy! Cybercriminals can learn a lot about someone by doing a simple Google search. Be careful posting information online that identifies-
• where you work
• what your position is
• your work email address
• your personal email address
• If your email address can be found on various websites or forums, it may become a target for impersonation.
• Implement policies and procedures. If a staff member receives an email with an unusual or unexpected request, stop and find out if the email is legitimate before actioning the request.
• Have a reporting process to report threatening demands for immediate action.
• Training and awareness. The best defence against email scams is training and awareness for your employees, including how to identify scams or phishing attempts.

Download our poster