Scams in Australia December 2024: current scams and how to stay safe

scammers
(Image credit: Shutterstock / Brazhyk)

Scams are an ever present risk in Australia, be them in your email inbox, your text messages, or through direct phone calls. The threat posed by dishonest individuals aiming to sap money out of bank account shouldn't be discounted, as scams are constantly evolving, and are likely to target you or somebody you love at some point.

Every year, billions of dollars are lost to scams in Australia – but you can prevent money loss by reading up on the current dangers. By being scam aware, you can keep yourself and others safe online from others attempting to steal personal and financial information.

That’s the point of this article. We update this piece every month to give you an update on the current state of online scams, and to give you an idea of when something might be off.

Monthly snapshot – October 2024

Coming out of Black Friday sales in late November, remain particularly vigilant as we go into the festive season. With Christmas and Boxing Day sales around the corner, scammers will likely be out in force, preying on people eager to scoop up a bargain. If you believe you’re being targeted by a scam, report it to Scamwatch immediately.

The ACCC’s Scamwatch warned in late November of card collection scams. This is a type of scam in which criminals will call and impersonate a reputable organisation, such as a bank or a high profile company. With this persona, the scammer will ask for your bank card's PIN, and ask that you leave the card in your letter box so that it can be replaced (or they may ask you to leave cash in the letterbox).

The difficult thing about this scam is that the criminals are using technology to spoof these established institutions. It may appear like the scammer is calling from the company's phone number, or text messages may appear in the same thread as messages to your bank, for example.

"Our Scamwatch reports show these criminals are targeting older and vulnerable Australians who live alone. They are stealing large sums of money. Share this Scam Alert with your friends, family and colleagues - it’s important we all work together to help protect each other from scams," Scamwatch wrote.

To spot this scam, the criminal will ask for your PIN details over the phone or through text messages. A bank or company will never ask for your PIN details over the phone. Additionally, a bank will never ask for you to leave your card out for collection, ask you to withdraw cash from your account, or ask you to transfer cash to another account to keep it safe. If any of these things happen, it's a sure indicator of being a scam.

On November 21, Amazon noted that it had seen an increase in impersonation scams as we head into the holiday season. "These types of scams pose risks to consumers’ online security and personal information," the online retailer said.

Be wary of fake texts that look to impersonate established businesses or authorities. A false sense of urgency may be used against you to encourage you to act quickly. The company also encourages customers to enable push notifications for the Amazon app, so that any official correspondence can be confirmed, and notes that you can track the progress of an order through your Amazon account – do not click a link from someone posing as Amazon in your inbox or text messages. Scams can be reported to Amazon directly here.

Good news on the legislative front, however; the Australian Communications and Media Authority is working towards creating a national, enforceable industry standard for registering SMS scams.

This would require telcos to check whether or not the set name of a sender in your text messages corresponds with the on-file information of a company they may be trying to impersonate (say, for example, a criminal impersonating Telstra). If the name doesn't correspond with the sender's information, such as their phone number, it'll be blocked.

“We’ve all received scam messages on our phones purporting to be from reputable sources – and it’s costing Australians millions of dollars every year. This mandatory Register will enable these messages to be blocked or flagged as a scam – better protecting consumers from being cheated," Australian Minister for Communications Michelle Rowland said in a press release.

It's hoped that this register will be operational from late 2025.

According to the ACCC, Australians lost a total of AU$2.7 billion to scams in 2023. More than 601,000 scam reports were made, with AU$1.3 billion lost to investment scams. People over the age of 65 lost the most during the record period, with text messages being the most commonly reported point of contact for scammers.

Common scams in Australia

Below are several examples of common scams that can happen in Australia. These scams target Aussies over email, the phone, SMS, social media and through legitimate websites like Amazon and eBay, so when you receive a message or see a deal that’s too good to be true, remember to just think about it for a moment.

The ACCC recommends a three-step approach to thwarting scams:

  • Stop: Don’t rush into a deal as scammers will typically create a sense of urgency to entice you into a mistake
  • Think: Scammers typically impersonate businesses or government bodies that you know. Consider if what you’re being told makes sense depending on the sender, and before committing to anything, check with the business or government department directly
  • Protect: If it feels wrong, act quickly to stay safe. Contact your bank immediately if you’ve shared any financial information or transferred money. Get in touch with Scamwatch to report the scam when you get a moment

Online romance scams

“Pig butchering” is a romance investment scam where the scammer forms a relationship with the victim, often making a connection through social media or dating apps, and hints at a lavish lifestyle earned through cryptocurrency. As the scammer earns the victim’s trust, they will direct the victim to put money into what looks like a legitimate investment site or app. These clones are convincing enough that people invest high amounts of money, but soon find out they are unable to withdraw their gains, with the scammer cashing out once the victim refuses to add any more funds into the scheme.

Scams like this have contributed up to AU$3,800 lost every hour in 2023 according to the Australian Federal Police, and it’s an ongoing issue in 2024.

Product and service scams

Woman on the beach looking at her phone and credit card

Fraudsters are attempting to scam keen holiday goers by hacking into messaging systems and impersonating hotels. (Image credit: Getty Images - martin-dm)

A common type of scam takes place when a scammer attempts to impersonate a legitimate website, or listings on a legitimate website, in an effort to syphon money from unsuspecting users without providing the service they think they’re paying for.

By Scamwatch’s definition, this is known as a product and service scam, and it can take place anywhere on the internet – be it a bargain deal on a website like eBay or Amazon, a dodgy listing on Airbnb or Booking.com, or a faked version of a website like Kmart. These scams prey on customers that don’t have great awareness of inauthentic behaviour on the internet, so it pays to do your research to uncover if a listing is from a reputable seller.

Phishing and impersonation scams

Phishing scams are quite common. Bad actors will send people texts or emails, or attempt to call them, to either harvest personal information from them (such as login information or addresses) or to take money from them directly. This is achieved by leading the user on and getting them to give this sensitive information willingly to the scammer, be it through a website, by texting or emailing it back to them. With this, a user’s personal information or bank account may become compromised.

These scams often overlap with impersonation scams, where a scammer will pose as an established business or government authority to seem more legitimate.

Three examples of scams from someone impersonating the government

Scammers impersonating government bodies might claim that you’re entitled to a tax refund or that a payment adjustment needs to be checked through a suspicious link. (Image credit: Future)

Fake job scams

A type of scam that is on the rise in 2023 and 2024 is the fake job scam, where a scammer will pose as an employer of a business eager to hire you, but will require you to send them cash first. Any job that requires you to pay the business upfront before you start should be examined and considered carefully, as you’ll often be offered a position that’s too good to be true. It’s also common for scammers to pose as a recruitment agency to conduct this kind of scam.

Threats and extortion scams

Scammers may attempt to extort money out of you by threatening with a virus, a fee or an unpaid bill. While scammers that are threatening and extorting a person may fall under the impersonation scams category, there’s also space to talk about scammers leveraging world events in an attempt to get money out of your account.

A good example is the CrowdStrike outage, in which millions of computers internationally needed to be manually rebooted, as they were stuck in a constant bluescreen boot loop. Scamwatch reported in July 2024 that scammers were using the outage to request personal information or cash to ensure that their devices or businesses wouldn’t fall victim to the issue.

‘Hi Mum’ impersonation scams

Bad actors may attempt to get in touch with you by impersonating a real person that you know well, such as your son or daughter, and ask for cash directly.

In 2023, these quickly became known as ‘Hi Mum’ scams, where a scammer would attempt to leverage goodwill with somebody they were pretending to be related to in an attempt to get them to send cash. Remember: if somebody you know is asking for cash or sensitive information, get in touch with them directly outside of the communications you’re having with a supposed scammer. It’s also important to not act too hastily, lest you make a mistake.

These scams may not necessarily have any ‘Hi Mum’ identifiers and could, instead, pose you with a scenario – for example, the texter ID could read ‘Dad’ and the message could say that they left their card at home and want money for a transaction. If you don’t know them, don’t follow through with it. If you do know them, but the message isn’t from their usual number, call the number you’re used to and find out directly.

Unpaid tolls

Three examples of scam texts involving unpaid road tolls.

Unpaid toll scams come in a variety of different forms – some claim to be legitimate companies such as Linkt, while others are more vague about where the toll fee has come from. (Image credit: Future)

A common scam that peaks during certain times of the year has to do with unpaid tolls. In this instance, an email or text message is sent claiming that you haven’t paid your toll fees, and urging you to pay it ASAP via a suspicious link. It’s easy to spot if you don’t drive near any toll roads, but if you’re a frequent driver, the scammer is hoping you’ll panic and click through to pay your fake overdue fees before you realise what’s actually happening.

False delivery texts

Three examples of scam texts involving false failed deliveries.

Scammers are impersonating a variety of parcel delivery services, including Australia Post. (Image credit: Future)

Have you received multiple unexpected SMS messages regarding undeliverable parcels? We certainly did – several members of our team provided snapshots of frequent text messages from random mobile numbers claiming that their delivery address needed to be updated. Often, these would be received around the same time, either in the morning, hoping to catch people who have just woken up, or in the evening, multiple times a week, pretending to be from companies like Australia Post. They would include suspicious links to ‘solve’ the delivery issues, which will lead the recipient to dodgy websites that can steal your information – never click on those links.

Subscription renewal/new sign up scams

Woman on the phone looking annoyed

Robocalls are one way scammers are trying to con Aussies into giving up valuable information and money. (Image credit: Getty Images - RapidEye)

There’s a subscription service for just about anything, and scammers have been known to impersonate brands, as well as create fake ones, in order to try and get your money or extract valuable personal information such as passwords. A subscription renewal or new sign up scam typically involves you being contacted unexpectedly via email, text or phone call by a scammer impersonating a brand. For example, the scammer may claim to be a representative from Amazon, and they may create a sense of urgency to renew your membership or subscription through a malicious link.

Facebook Marketplace & PayID scams

PayID homepage alerting users to ongoing scams

PayID has an alert on its webpage warning users about ongoing scams. (Image credit: PayID)

Scams on Facebook Marketplace and similar websites can target both buyers and sellers, and listings themselves can be for products that don’t exist. One particular scam on Facebook Marketplace which targets sellers involves a buyer requesting to make a payment via PayID, which means the seller will have to share their phone number or email. The seller will then receive a fake PayID email or text message, claiming that their PayID account requires a minimum amount and the scammer will offer to pay the extra so long as they get a refund right away. However, the unsuspecting seller is then left out of pocket with no successful sale if they follow through with it.

Fake celebrity endorsements

Screenshot showing a scam on Youtube with PM Anthony Albanese's image being used

Prime Minister Anthony Albanese’s image has been improperly used by scammers trying to trick people into clicking links. (Image credit: Future)

These scams tend to be found as advertisements on websites including Facebook and YouTube (but can really pop up anywhere, including on major news and entertainment websites) where the scammer has paid for a sponsored ad placement. They feature a well-known Australian individual such as a celebrity or politician, who’s being impersonated through video manipulation or photo editing, often with an outrageous claim alongside the image. The ads will often use a salacious ‘clickbait’ style heading, such as claiming to expose a shocking scandal, or tips for getting rich with cryptocurrency.

Current Prime Minister Anthony Albanese, TV personalities David Koch and Richard Wilkinson, entrepreneur Dick Smith, and many other prominent Australian figures have been impersonated online to try and con users into clicking onto sites that could have malware, or attempt to trick you into providing personal information or invest in too-good-to-be-true cryptocurrency schemes.

Unofficial ticket resellers

An example of a ticket resell scam on Facebook.

Facebook Marketplace is not an official ticket reseller, so you should be very cautious about buying concert tickets on it. (Image credit: Facebook)

Unofficial or fraudulent ticket resellers is another form of a buying or selling scam. With big artists often touring Australia, many fans are desperately trying to find tickets to massive sold-out concerts. You should be very careful about buying tickets from unofficial resellers however, as this is a prime opportunity for scammers to take advantage of keen concert goers by selling fake tickets through places including Facebook Marketplace, eBay and Gumtree. We highly recommend you go through official resellers, such as Ticketek Marketplace and Tixel, for each concert, otherwise you might suffer from more than just FOMO.

Fake products

An example of an online shopping scam of a discounted BBQ.

In this example of a fake product, the scammer is hoping a sense of urgency and low price will trick a buyer into parting with their hard-earned money. (Image credit: Scamwatch)

Since the early days of online shopping, consumers have been reporting scams involving false advertising. This is an ongoing issue to this day, with scammers often copying the details from a legitimate product listing and posting it on a fake website or under a fake profile on a genuine one. The scammer poses as a real online seller by promising products they don’t actually have, and instead sending unaware buyers junk knock-offs or nothing at all. Places such as Temu and Wish have been known to have product listings like this, but it’s an issue found far and wide across the web.

Scams in Australia: key information

What is a scam?

A scam is a scheme that attempts to steal either money or personal information from an unsuspecting party (either an individual or a business) through lies, manipulation and false pretences. Scammers are able to reach more people now than ever due to evolving communication technologies – you can be scammed in person, on the phone, through text messages or emails, across social media or simply by visiting a fake website. Each and every year there are new scams popping up, though these typically fall under one of seven major categories.

Example of email showing an unexpected money scam

Some long running scams involve the promise of unexpected wealth. The scammer might claim to be a distant family member, an organisation or rich person looking to share their wealth under a false pretence. (Image credit: Future)

What are the different types of scams?

According to the ACCC’s Scamwatch, there are seven main types of scams:

Romance scams

These scams involve convincing someone into, or promising some kind of relationship, including both romantic and platonic, so the scammer can take advantage of the unsuspecting party’s finances.

Investment scams

In this case, the scammer will try to get you to invest in some scheme – it could involve something like cryptocurrency, NFTs, or some other get-rich-quick opportunity that involves an initial monetary investment from you to get started. Investment scams typically involve the loss of large sums of money, and can be devastating to both individuals and businesses.

Product and service scams

Product scams have been rife since the early days of the internet – we’ve likely all heard the horror story of someone buying a product only for it to be something completely different on arriva, or never show up at all. These scams still exist, and can even take the form of a service rather than a physical object. Basically, with this type of scam, you don’t get what you pay for, and can even put your sensitive information such as payment and contact details at risk.

Threat and extortion scams

Some scammers will threaten to cause some form of harm to you or someone you know if you don’t go along with a request. These types of scams might suggest they have compromising photos, or claim to hijack your PC among other scary situations in order to take advantage of your fear and urgency.

Jobs and employment scams

It can already be a challenge to find a job, and scammers have found ways to use this to their advantage. A job or employment scam might involve some monetary contribution to hold a promised position offered to someone, or it could involve false job advertisements where your information is stolen on application.

Unexpected money

If it’s too good to be true, it likely is. While we’d all like to win the lotto, you need to play it safe if you get a sudden message saying you’ve won a large sum of cash, whether you’ve bought a ticket or not. Scammers will often try to coax you into giving away important information or money before you can claim your winnings in these types of scams.

Impersonation scams

Impersonation takes many forms – you might find someone catfishing on a dating website, or receive an email from someone pretending to be your boss. These scams will attempt to be someone else to get you to do something, like clicking a link or transferring money, that puts your funds or data at risk. This can also involve impersonating well-known figures like celebrities or politicians, or even hit an emotional point by pretending to be a family member in need.

Scams in Australia: how to stay safe

Woman looking at her phone for a two-factor authentication code to enter onto her laptop

Setting up two-factor authentication can help to prevent a scammer from accessing your online accounts. (Image credit: Getty Images - Oscar Wong)

How to protect yourself

Scams can target anyone, but there are some measures you can take to minimise the risk of falling for one.

  • Update your privacy settings for any online accounts, including social media

This can stop scammers from getting access to personal contact information such as emails or phone numbers. Additionally, it can help to prevent bad actors from using your information to scam others, as some scammers will create entire false profiles using information they’ve stolen off social media in an attempt to trick others who might know you.

  • Examine links before you click

Be critical of any suspicious links in emails and texts, or unknown phone numbers which attempt to contact you, especially when the contact is unexpected. In a phishing attempt, scammers will often include malicious links to get you to hand over personal data. Check spelling in the URL, and look out for any out-of-place characters. See if links you’ve been sent match what appears when you Google the organisation's name.

  • Keep your devices up-to-date

Keeping your device's softwares up-to-date can help to filter out unwanted calls, texts or emails thanks to spam filters that can stop potentially harmful communications from coming through. Brands like Microsoft, Apple and Google are constantly adding in new security features, while also reducing support for older software, meaning that an outdated web browser, for example, might be more prone to viruses and malware. Having one of the best antivirus software installed, or one of the best VPNs can also help to secure your PC on the chance that someone clicks a scam link.

  • Have strong and secure passwords

Make sure your passwords are strong and secure, and enable two-factor authentication (2FA) when you can. This will help stop scammers, especially if they’re attempting to access any of your accounts remotely. Best practice is to make sure you have a separate password for each and every account, and there’s password managers available to help stop you from forgetting them. Passphrases are more difficult to guess than passwords, and the Australian Signals Directorate (ASD) has a helpful guide for creating passphrases.

  • Be cautious when shopping online

When making purchases online, you can prevent scams from taking your money by using payment methods with inbuilt security measures. Some methods include using a credit card, or PayPal, which has a buyer protection policy, plus some online marketplaces also have safeguards like eBay’s Money Back Guarantee or Amazon’s A-to-Z Guarantee.

  • Stay in the know

Keeping informed about scams is the best way to stay protected. It’s unlikely that you’ll be able to filter out all possible scams and you’d basically have to go off grid to avoid most of them. Even then, old-fashioned scammers can still target people in person. If you know what to look for, you’ll be ahead of any scammer and also able keep your family and friends aware of any happening right now – they might be in a more vulnerable position to fall for a scam, particularly if they’re not tech-savvy, and scammers prey on vulnerabilities to get what they want.

How to spot a scam

While scammers are constantly finding new ways to mislead someone, there’s a few ways to spot a scam:

  • Look for suspicious URLs that contain spelling errors or incorrect domains. You can use ICANN Lookup to verify if a web address is legitimate or not.
  • Double check any email addresses – phishing emails will often have an error with the email address, such as the domain not matching the sender’s company.
  • Random numbers are often spoofed for scam calls and texts – you can search numbers on the internet to see if they've been used in scams previously.
  • Photos or videos of celebrities and politicians used out of context with some outrageous claim are often scams, and you can use reverse image search engines like TinEye to find the original source.
  • Deepfakes can also be spotted by looking at the details – a video might be really low quality to hide imperfections, or an image might have strange shadows or unrealistic features.

What to do if you get scammed

It’s easy to fall victim to a scam – it’s pretty likely that most of us will at least come close to it at some point in our lives. If you find yourself in this position, there are some things you can do to minimise financial loss and harm:

  • Secure your data and finances

If you’ve lost money in a scam, or the scammer has gained access to any bank accounts (or you just suspect they have), you’ll want to contact your financial institution as soon as possible. If you’ve made a payment through a credit card or via PayPal, there’s safeguards in place to help get your money back. Other methods such as PayID and bank transfers might have a few more hoops to jump through with no guaranteed success, but you should be able to at least lock any accounts to prevent further loss.

You’ll also want to look into securing any compromised accounts. This can be as simple as changing your passwords, and you can check Have I Been Pwned? to see if any emails or passwords have been leaked. You also might want to consider setting up two-factor authentication to prevent any further unwanted sign-ins.

  • Contact the authorities

Immediately after contacting your bank or financial institution, you should get in touch with a governing body that specialises in scams. These places will have resources to help you minimise any potential loss and report it.

If you’ve been targeted by a scammer but you haven’t handed over any money or personal details, report it to Scamwatch. If you’ve lost money or had your personal details stolen by a scammer, report it to ReportCyber. More details for reporting and recovering from scams are available on the Australian Signals Directorate (ASD) website.

Here’s a list of websites with contacts and resources to help support you if you’ve been scammed:

Reporting a scam can also help these institutions to spread awareness about scams, hopefully preventing others from falling victim in the future.

If you’re concerned about your identity being compromised due to a scam, IDCARE is a support service that has resources and the ability to help you make your identity secure again after being scammed.

Additionally, you might want to contact any companies where your accounts have been compromised. Big telcos such as Telstra and Optus have resources to help customers in the event of a scam, including dedicated spaces to keep track of current scams and how to report them. Additionally, Optus also has a dedicated resource for current customers in Optus ScamWise, which offers more in-depth information, such as how many scam texts and calls Optus is blocking on a weekly basis.

If you’ve fallen for a scam at work, such as a phishing email, you’ll want to let your workplace’s IT department know as soon as possible.

  • Seek support from family, friends and professionals

Being scammed can do a number on your wellbeing, so it’s important to lean into your support group while you navigate this situation. If you can, talk to someone you feel comfortable with, and reach out to professionals such as therapists and counsellors who can help you navigate any emotions or feelings you have during this time.

Anti-scam resource kit

Here’s some resources to help spot and prevent scams, as well as places to report any that you might come across. We’ve also tracked down some resources to help reduce any losses if you have fallen for a scam, plus some further reading on scams from trusted sources.

Prevention

Reporting

If there is immediate danger regarding a scam, you can call 000. Otherwise, report directly to the police on your local non-emergency line, and/or through the following resources:

Mitigation

  • Beyond Blue: emotional support online or call 1300 22 4636
  • Have I Been Pwned: check passwords and emails for data breaches
  • IDCare: assistance to help secure your identity
  • Lifeline: online or call 13 11 14 for counselling if you’re feeling distressed
  • Money Smart: tips to help prevent further financial loss

Further information

Zachariah Kelly
Staff Writer

Zac has been in the tech writing game for six years, having previously written for Gizmodo Australia, Canstar Blue, and The Daily Mail Australia (with articles on Nine, Junkee, Kotaku Australia and Lifehacker Australia). He’s a huge nerd with a deep passion for technology. While his main focus at TechRadar Australia is phones, monitors and peripherals, he also has a deep interest in the growing Australian EV landscape. Outside of Techradar, Zac’s a Headspace (a youth mental health organization) volunteer and an avid gamer. 

With contributions from