Australian technology news, reviews, and guides to help you
Australian technology news, reviews, and guides to help you
Checking your phone

How easy is it to fall for a scam?

It can affect anyone, regardless of experience level. You could be a beginner or even a pro, and a scam could still get you. Why is it easy to fall for scams, and what tricks are scammers using to ensnare victims?

Scammers are devious and cunning, nefarious and nasty, and they have you in their sights. With hundreds of millions of dollars lost to scams every year in Australia, it’s more important than ever for people to be aware of what scammers are doing to target us, and to try and stop falling for those scams.

Because falling for scams is a problem, and one it seems anyone can be guilty of doing. Whether you don’t know much about scams or are a seasoned pro, scammers can find their way to your inbox or phone message list, and you may find yourself concerned about accidentally clicking.

Just how easy is it for someone to fall for a scam?

It doesn’t take much.

An errant message in your phone’s inbox, a phone call that was cut off faster than you anticipated, or even just a friend’s Facebook feed; scams can appear in so many different ways, they almost require an ever-on sense of vigilance that few are capable of. It might even be a sudden entry in your calendar.

There are so many ways scammers can get you, but there’s one that ultimately hits the top of the list: phishing.

“Phishing is undoubtedly the most common and detrimental trick used by scammers – that is, where consumers are sent fake emails or texts that appear to have come from a credible source, designed to steal personal information,” said Alex Merton-McCann, Online Consumer Safety Advocate and Cybermum for McAfee in Australia and New Zealand.

“Scammers go to great lengths to ensure phishing emails and texts appear as if they’re coming from a big company. And often, they capitalise on consumers’ emotions to pressure them to act quick without careful thought or consideration, for example, by threatening to shut off their internet,” she said.

Phishing is what happens when you receive a scam message designed to look like the real thing, and when the click leads you to a website designed to also look like the real thing, but in turn takes your details. It’s notorious for scammers to use banks and the post as a form of phishing scam, and these typically ask for details you might use at the real place, which can then be used to break into your account and compromise either your financial situation or your identity, or even both.

Phishing is easily the number one approach scammers use to convince us to jump head first into one of their scams, because it can be hard to work out what you’re looking for in an email or message if you don’t pay close attention, and even harder again if you accidentally click.

And it may be worse during the time of pandemic, when we have more than just scamming concerns.

“During uncertain and stressful times like these where we are understandably more distracted than usual, it can be all too easy to fall victim to scams. This is because scammers are always on the prowl – acting fast to adjust their tactics to take advantage of consumers in their most vulnerable state,” she said.

It means that amidst a pandemic of global proportions and during a recession, you can almost completely expect scams to pick up. Remember, scammers are out to get your money, and so changes they can take advantage will be things that can attempt to help them, as they attempt to stem any changes to their financial model, if you can call it that.

How do you stay aware of phishing scams and not get caught

Unfortunately, there’s no way to stop scams from landing in your inbox or phone’s message box, at least not yet.

Mail solutions like Gmail and Outlook can typically sort and class quite a lot of the phishing attempts as spam, and remove it from your inbox, but they’re not completely perfect, and can’t help your phone.

That’s why it comes down to the individual user to read the messages and question them, checking the parts of an email or a phone message to make sure you’re aware of what’s in them before you click. That part of before is important, because once you click, it can be all too easy to get lost in the moment and fill in details.

With emails, remember to check the sender. Scammers can’t use a real email address from someone they’re trying to fake, because the web doesn’t work like that.

To get around this, there are often two email addresses in the “from” field: the first one trying to look like the real thing, and the second which is the actual, real email address they’re sending from. If the second one isn’t legit, you know the email isn’t legit either.

An email address from a phishing email

The same goes for any links coming out, because if you hover over the links, you should be able to see where they’re going. Scammers don’t have the ability to run the real websites, so they typically fake how the real website looks on another website. If you hover over the link on your email account, it may show something similar, but isn’t the same: that’s your indication the message is also fake.

With phishing SMS, the sender is much easier to fake, and can be set up online to read like any major company, an issue we’ve explored in detail before. However phishing scammers have the same problem with the link, so they have to often use outlandish website addresses or very close forgeries, and it becomes dependent on users to read this and work out whether it’s legit before you click.

Once you click, it can be very easy to fall down the rabbit hole and get convinced of how a website looks, so if you can work it out before you get fooled, it’s a better approach.

This SMS is attempting to phish with a site pretending to be Westpac. That’s definitely not Westpac’s website, but it can be easy to see why a cursory glance might have you fooled. 

A good tip for life: be cautious

Ultimately, one last tip may save you: take everything you’re sent with a grain of salt, particularly if you don’t know why it’s coming in.

Most emails and SMS are pretty easy to gauge. You know why you’re getting newsletters you’ve signed up for, and you can probably guess the messages from friends and family.

But if a message comes in from a bank telling you to log in all of a sudden, or from a shop telling you that you’ve won something, it may be best to be cautious, and call them up using a number you find from a search on Google. Find out whether the message is legit by going straight to the source if you’re concerned it’s real, and ask questions, because the only way we stay aware is by asking the questions we’re not afraid to ask.

Read next