QUIZ – How much do you know about financial scams?

According to the Australian Competition and Consumer Commission (ACCC), in 2023 financial scams cost Australians around $2.7 billion.

Financial fraudsters deceive, manipulate and exploit victims into making financial transactions or investments, or sharing sensitive information for illegal profit, money laundering, or even funding terrorism activities.

Regardless of who you are, cyber-attack is a daily threat. And as our dependence on connectivity expands across our daily activities, our vulnerability to financial scams also increases.

Could you spot a potential threat? Would you know what to do if you were targeted? How much do you know about financial scams?

Take our quiz to find out.

Q1: I avoid technology so I’m not likely to be scammed.

1. True
2. False

Q2: Financial scams can target you via which of the following? (Multiple responses).

1. Text
2. Dating websites
3. Social media

Q3: An email from a trusted source contains a link. Should you click the link?

1. It’s from a friend, and it’s just a link.
2. You never click links in emails, even from friends.
3. It depends. Were you expecting the email? Is the email legitimate?

Q4: You’ve become close to someone you met online. When they ask you to buy goods to send to them, you…

1. Do your research and if in doubt, break off all communication.
2. Tell them you’ll think about it and continue the relationship.
3. You agree to buy the goods – they’re not asking for money, so there’s no danger in it.

Q5: A friend sends a text to say they have changed their number. What do you do?

1. Enter their new number in your contacts.
2. Block the text.
3. Message the new number with a question only your friend would know.

Q6: You can trust the websites of well-known brands.

1. True
2. False

Q7: What is credential stuffing?

1. When your identification documents are used to create fake websites or passports.
2. When someone fraudulently uses your data after a data breach.
3. When you lose your wallet and the finder keeps your credit cards, driver’s licence etc.

Q8: Think you’ve been scammed? Which of the following should you do? (Multiple responses)

1. Review what happened and consider how you can protect yourself in future.
2. Contact your financial institutions, change passwords, and report the scam to Scamwatch.
3. Don’t tell anyone. You’re angry, embarrassed, and feel very foolish.

ANSWERS

Q1: I avoid technology so I’m not likely to be scammed.

1. True
2. False

If you don’t use the internet, you must still be wary.

Unsolicited door-knockers are known to do the rounds of neighbourhoods, claiming to be collecting donations for charity or offering goods or services for payment. Others may ask you to complete a genuine-looking survey to get your details.

There are ways to protect yourself. For example:

1. Don’t feel pressured to allow strangers into your home.
2. Ask for identification and look up the organisation’s phone number yourself, then call it to confirm the door-knocker’s credentials.
3. Never, ever, evaah! make a payment to a door-to-door salesperson.

However, some door-knockers are legitimate. In recent years, the government has run low-energy light bulb exchange programs where contractors visit homes and offer to install free LED bulbs.

If you’re unsure, ask for the person’s identification and follow the advice in point b above.

Q2: Financial scams can target you via which of the following? (Multiple responses).

1. Phone, Text or SMS
2. Dating websites
3. Social media

If you selected all of the options, you’re correct. Cyber criminals will attempt to swindle you out of your money by any means possible, so the list is even more extensive than this.

According to the government’s Scamwatch website, financial scams can be any of the following:

·   Text/SMS/Phone	·   Romance
·   Email	·   Investment
·   Social media	·   Product/Service
·   Website	·   Threats/Extortion
·   In-person	·   Employment
·   Impersonation	·   Unexpected money

Q3: An email from a trusted source contains a link. Should you click the link?

1. It’s from a friend and it’s just a link.
2. You never click links in emails, even from friends.
3. It depends. Were you expecting the email? Is the email legitimate?

 

There are times when you’re expecting an email containing a link. In these circumstances, and if you’re certain the email is genuine, it’s reasonable to click the link.

Remember, though, that emails, even from trusted sources, can be dodgy. Scammers can hack into email accounts and impersonate businesses, friends and family.

If you weren’t expecting the email, consider the following:

• Does the email look legit?
• Does the sender’s address appear correct?
• Have you been addressed correctly by name in the email?
• Is the email written with correct spelling and grammar?

Finally, hover your mouse over the link. This reveals where the link leads. Does that look right to you?

If you’re uncertain about any of these points, phone the person/company the email purports to come from and confirm that the email is genuine.

Q4: You’ve become close to someone you met online. When they ask you to buy goods to send to them, you…

1. Do your research, and if you are in doubt, break off all communication.
2. Tell them you’ll think about it and continue the relationship.
3. You agree to buy the goods – they’re not asking for money so there’s no danger in it.

Scammers work hard to convince you that their intentions are genuine. They trawl through social media, gaming apps, dating websites etc, and connect with unsuspecting people.

They often create fake profiles with photos and identities stolen from other websites. They may even impersonate famous people.

Once they have built your trust, they ask you to do things for them, such as,

• purchasing goods to send to them,
• opening accounts and depositing money they send you (this could be money laundering potentially incriminating you),
• send money to them,
• pay for them to visit you (after they arrive they disappear).

Protect yourself by:

• asking lots of questions and noting inconsistencies,
• Googling their name and the word ‘scam’ together,
• not sharing information about yourself, friends, family, your job, etc.,
• never sending intimate photos of yourself (they can be used to blackmail you),
• never sharing bank or credit card details, your passport or other identity documents.

Q5: Your friend sends a text to say they have changed their number. What do you do?

1. Enter their new number in your contacts list.
2. Block the text.
3. Message the new number with a question only your friend would know.

A common ruse of fraudsters is copying the phone number and/or sender ID of businesses you know or friends and family and sending messages that appear genuine.

Raise the red flag if the message requests urgent action, e.g., your account has been hacked, there’s a problem with a delivery, a service is about to be stopped because a payment hasn’t been received, etc.

Whether the required action is to send money, click a link, call a provided number, supply passwords or other sensitive information, this should alert you that something is off!

Never click links, call numbers, send information or take any other action the message requests. Instead, reach out to the person or business via a number you have sourced. If the message is a scam, use your phone’s BLOCK and/or REPORT AS SCAM functions.

Q6: You can trust the websites of well-known brands.

1. True
2. False

Scammers regularly create fake websites that look and feel like the real thing. They have been known to impersonate famous people, display shonky banners and pop-ups and even include fake reviews to convince you to trust them.

Before buying from these sites, check the website’s URL. Dodgy websites use domain names that, at a quick glance, look similar to legitimate ones. Check the address bar. There should be a padlock icon on the left and the URL should use ‘https//’, indicating a secure connection.

Further, most Australian websites will end in .com.au, .au or .org.au for a charity or community organisation. When buying from an overseas website, ensure you know the correct format for that country, e.g., British websites end in .co.uk.

Be wary if:

• products are offered at significantly lower prices than usual,
• payment options seem strange. Scammers may request Bitcoin or gift cards and don’t offer more secure payment methods such as PayPal,
• there are no negative reviews,
• advertised items contain words like ‘no risk’,
• you are urged to ‘be quick’ or ‘don’t miss out’.

A final word on websites: fake investment companies set up fancy websites and even create slick brochures to download! They’re very difficult to spot, which is why you should always seek professional advice from a qualified, licensed adviser.

Q7: What is credential stuffing?

1. When your identification documents are used to create fake websites or passports.
2. When someone fraudulently uses your data after a data breach.
3. When you lose your wallet and the finder uses your credit cards, driver’s license etc.

Credential stuffing is a scam that occurs when an organisation suffers a data breach, and the cyber criminals involved use the stolen information to buy goods and services from another business.

There is little you can do to protect yourself from this kind of financial scam. Consequently, the government imposes severe penalties on businesses that fail to protect their customers’ personal data.

Cybercrime carries little risk for scammers who can create a web of dead-end leads, making it difficult for them to be tracked.

Despite companies investing large sums in cyber security, it seems that almost every day we’re learning about another corporate attack.

If you’re notified of a data breach, immediately:

• close accounts, cancel cards etc,
• change passwords,
• set up two-factor authentication where possible,
• stay up-to-date with news and information provided by the company involved.

Q8. Think you’ve been scammed? Which of the following should you do? (Multiple responses)

1. Review what happened and consider how you can protect yourself in future.
2. Contact your financial institutions, change passwords, and report the scam to Scamwatch.
3. Don’t tell anyone. You’re angry and embarrassed and feel very foolish.

It’s understandable that you’ll be angry and embarrassed after being scammed, but ‘a’ and ‘b’ are the correct responses.

Learning from the experience, thinking about what happened and what to look out for in future are important.

More importantly, take action. Contact financial institutions and have cards cancelled, transactions blocked, and accounts frozen. Change passwords on social media, email, all online accounts – don’t forget those streaming services! Set up two-factor authentication wherever possible.

Finally, report the scam to Scamwatch to help prevent the scam from spreading and affecting others.

If you need further support, reach out to iDCare This organisation provides assistance to individuals or businesses that have been targeted by identity theft and cyber-attack.

So, how did you go?

The Australian government has legislated that businesses deemed ‘critical infrastructure’ must develop a risk management program to manage cyber security.

However, like these organisations, the crooks have access to the latest technology. This means we must all stay ahead of the game, whether we’re individuals or businesses.

It’s a constant challenge; even the smallest, most innocuous mistake can be costly.

In summary, stay safe by:

• contacting businesses and/people on phone numbers and websites you have found yourself,
• verifying people and business credentials,
• never providing money to unsolicited visitors, messages, emails, phone calls etc.,
• using a phrase instead of a password, e.g. TimTamsAreMyGoTo@99,
• ensuring your antivirus software is kept up to date,
• never clicking links from unknown or unsecured sources.

Above all, stay vigilant to identify potential threats, recognise scams and minimise risk.

For further information about online security, see the government’s eSafetyCommissioner website.

The information contained in this article is general information only. It is not intended to be a recommendation, offer, advice or invitation to purchase, sell or otherwise deal in securities or other investments. Before making any decision in respect to a financial product, you should seek advice from an appropriately qualified professional.  We believe that the information contained in this document is accurate. However, we are not specifically licensed to provide tax or legal advice and any information that may relate to you should be confirmed with your tax or legal adviser.