Why email scammers target you and how to stay safe

Make sure you're on the front foot when it comes to online fraud.

Scam "phishing" emails pretending to be from service providers in order to steal your credit card details continue to be a thorny issue for Australians.

A current scam email aimed at Telstra customers highlights how convincing these cons can be. The message claims you're due for a refund, and asks for you to confirm your details, including your credit card information. The email includes Telstra's current logo and is "signed" by Telstra executive Gerd Schenkel. The link in the email does not go to a Telstra site, but you'd be hard-pressed to tell that simply by looking at it. The fake site is designed solely to steal your personal data.

A more novel rip-off aimed at Netflix subscribers is being sent via text message, rather than email. This is relatively uncommon, because texting typically costs money for the scammer, unlike email, which can essentially be sent for free. The message asks you to "Update your Netflix Account so you can continue enjoying your Netflix service", and links to a fake login page. If you fall for it, your Netflix login details will be stolen. This scam doesn't ask you for credit card information.

The common denominator here is that Telstra and Netflix are massively successful companies. Telstra has close to 17 million subscribers; about 5 million Australians use Netflix. So any scam message sent to an Australian has a good chance of reaching an actual customer. This logic is why the Big Four banks and the ATO are also often used as bait in phishing emails.

What happens if you do fall for one of these scams and enter your details? The scammers won't necessarily take the obvious route and start running up charges on your credit card, though that's certainly one possibility. They may simply sell their collection of credit card numbers in an online "black market" for someone else to exploit. That means any suspicious charges on your card may come weeks or months after the details have been stolen, and you may not connect the two events.

Banks have sophisticated fraud detection systems, so any attempt at using your card may well be picked up. While that means you're less likely to lose a large amount of money, you'll still have to cancel your card and go through the hassle of recreating any automatic payments made with it.

Scams that don't seek out credit card details, like the Netflix one, can be just as dangerous. The issue? Many people use the same password across multiple services. If you have the same password for Netflix as for your email account, then the scammer can easily access all that information.

So how can you spot a scam? One obvious giveaway is that these messages will typically be addressed to "Dear customer" or not include a salutation at all. Spelling and grammar mistakes are also a clear sign of a scam, as is any request to confirm information the company already knows. After all, if you've already paid by credit card, the provider doesn't need those details to give you a "refund".

Regardless, if you receive an email that says you owe money or you're due a refund, the safest strategy is to ignore it and delete it immediately. If you're unsure, contact the company concerned by phone – and look up the phone number yourself.

 

Angus Kidman is a technology expert and the editor-in-chief for comparison site finder.com.au. This article was originally published by the Sydney Morning Herald on 13 July 2016. It represents the views of the author only and does not necessarily reflect the views of AMP.

Online security

AMP has taken steps to make your online experience with us safe and secure. 

Find out how

News&insights

Want to keep up to date with the latest news?

Subscribe now

Manage your money the smart way

The new AMP Bett3r Account is a smart bank account that helps you manage your money and save for your goals.

Find out more

Want to keep up to date with the latest news?

Sign up now

Recommended articles

Important information

Show more

© AMP Life Limited. This provides general information and hasn’t taken your circumstances into account. It’s important to consider your particular circumstances before deciding what’s right for you. Although the information is from sources considered reliable, AMP does not guarantee that it is accurate or complete. You should not rely upon it and should seek qualified advice before making any investment decision. Except where liability under any statute cannot be excluded, AMP does not accept any liability (whether under contract, tort or otherwise) for any resulting loss or damage of the reader or any other person.