Protect yourself from online scams

Technology is inescapable – we use it to pay for our day-to-day needs, maintain our friendships and connections, keep up-to-date with what’s happening in the world, and even track our exercise and sleep. But while it plays a pivotal part in our society, it also poses a significant risk to our privacy and financial security, with the Australian Cyber Security Centre receiving a cybercrime report on average every six minutes.

When we think of cybercrime, many picture a faceless, hoodie-wearing hacker in typing lines of code in a basement – an invisible threat whom, if targeting your accounts, is practically impossible for the layperson to stop. But while hackers are definitely a threat, online scams are also becoming far more commonplace, making the internet a minefield if you don’t know what to look out for. 

According to the National Anti-Scam Centre’s ScamWatch, Australians have lost over $159 million already to scams in 2024, with phishing, false billing, identity theft and online shopping scams the most common scams reported. So as online scams continue to increase in frequency and grow more sophisticated, how can we spot them?

TAFE Queensland ICT teacher Paul Turnbull said scammers thrive on catching their victims off guard, and that the key to identifying and avoiding them is taking time to assess and think about what’s in front of them.

“Scammers have adapted well to the social media environment and are becoming more cunning with their schemes, but they can usually be caught if you remain vigilant,” Paul said.

“Always stop, think, and check before taking any action. Trust your instincts, and if something feels wrong, report it and seek help promptly.”

Paul said there are plenty of resources available to help assess whether something you’ve been sent or have come across is legitimate, with Cyber.gov.au, MoneySmart and the eSafety Commissioner all providing detailed breakdowns on the types of scams out there and how to avoid them. But he gave a few pointers for those looking to protect themselves:

Recognise the signs of phishing: “Phishing attempts often come disguised as legitimate communications,” said Paul. “Be wary if you receive something with a generic greeting like ‘Dear Customer’ instead of your name; if it pressures you with a sense of urgency by using terms like ‘immediate action required’; or if it asks for sensitive or personal information like passwords or credit card details via any means outside the organisation’s official website. Also avoid clicking on links or downloading attachments from unknown sources.”

Verify the source: “Always pay close attention to where the communication is coming from hover over the source’s email address and compare it with past communications you’ve had with that organisation, or look at their profile to see how long they’ve been active, whether they’ve posted anything, and whether their number of followers add up,” Paul recommends.

“It also pays to go to the organisation directly to confirm it’s them. For example, if I get a Facebook message from a business page telling me I won a social media competition I entered, but that I need to provide my details to claim my prize, I should manually search for the business’s verified page and check that it is in fact the same page that messaged me. Alternatively, when it comes to banks, government agencies or service providers, it’s worth contacting them directly via their website or phone to check that they were behind the message.”

Avoid sharing personal information: “Never share sensitive or personal information via any platform outside of the organisation’s official website. Legitimate organisations won’t ask for these details via email, text or messenger as it makes them susceptible to data breaches. Instead, they’ll direct you to their secure website, or will call you directly,” Paul explains. “If you’re ever in doubt, about whether something is a legitimate communication, look up the organisation’s details yourself and call them directly.”

“It’s also important to regularly update your passwords and avoid using passwords that could be easily guessed. This includes names of family members and birthdays, as this information is often easy to find on people’s social media accounts.”

Stay informed: “Keep your operating system updated as this will help patch security vulnerabilities, and keep an eye on your financial statements for any unauthorised transactions,” Paul said. “Scammers don’t always take large sums, as smaller amounts more frequently can appear less suspicious, so try to keep track of where your money is going.”

Report suspicious messages: “If you come across something that’s suspicious, make sure you report it to your email service provider or social media channel, and to ScamWatch – you could help save others from falling for the trap,” Paul said. “And of course, if you fall victim seek assistance. There are organisations, like IDCARE, who specialise in helping scam victims in any way they can – whether it’s preventing further loss of money and protecting vulnerabilities, to helping educate victims on how to protect themselves.”

Paul said that while there are certainly more elaborate online scams out there that are trickier to spot, the average person can significantly improve their online safety by following this advice and paying close attention to who it is they are interacting with.

“Vigilance is key, but don’t be afraid to trust your instincts too. If something feels off or seems too good to be true, take the time to verify it, then report it and seek help promptly,” he said.

But for those who want to educate themselves further, TAFE Queensland offers a free, three-hour micro-credential course online in cyber security.

As for those who are interested in turning an existing interest in technology into a career, TAFE Queensland can also provide you with the skills you need to succeed, with the Certificate IV in Cyber Security (22603VIC) currently available to study for eligible Queenslanders at no cost under the Queensland Government’s Fee Free TAFE funding.

With Database and Systems Administrators, and ICT Security Specialists jobs anticipated to grow by a mammoth 17.9 per cent over the five years from 2021-22 to 2025-26, there has never been a better time to pursue a career in cyber security.