Ten tips to outwit online scammers

Scammers are constantly looking for new ways to part you from your hard earned cash. That’s why it’s so important to stay a few steps ahead when it comes to protecting your money.  

Losing money to fraud can have a big effect on someone’s life – it can be draining for your mental health and wellbeing, as much as your financial circumstances. 

So stay a step ahead of the scammers by being aware of the common tactics that scammers use and taking some simple measures to keep your money safe.

Australians lost more than $2 billion to scams in 2024. While investment scams contributed the lion’s share of that, at $945 million, the good news is that was 27% less than the previous year, so the trend is heading in the right direction*. 

New types of scams emerge regularly

Investment scams may have resulted in significant total losses but other common types of fraudulent activity included romance scams, payment redirection, remote access and phishing – where a scammer sends messages pretending to be from a reputable firm or a government service to obtain personal information. 

Scams involving crypto ATMs, SIM swapping and compromised business email addresses have also been on the rise in recent months. Here’s what to look out for.  

• Crypto ATMs: know where your money is going

There are now more than 1,100 crypto ATMs in Australia^, which allow people to buy or sell cryptocurrencies, such as Bitcoin, using cash or debit cards. 

Reports of crypto ATMs being used to transfer funds to scammers have risen internationally and in Australia in recent years, with older investors three times more likely to be affected.  

In many cases, the scammer impersonates a government or business. The intended victim may be provided with a code to deposit funds to a Bitcoin wallet. However, crypto ATMs don’t offer a way to verify who that wallet belongs to, leaving people vulnerable to making deposits into a fraudulent account. 

Cryptocurrency transactions cannot be reversed, so if you’re using a crypto ATM to buy or deposit cryptocurrency, make sure you use an address or account that you control. 

• SIM swapping: watch for sudden loss of network

SIM swapping may involve a scammer tricking a mobile phone carrier into believing the intended victim has lost their phone. 

If the mobile carrier transfers the personal information associated with that person’s SIM card to a new number, this gives the scammer access to text messages that may enable them to access one time pin codes sent by SMS that are intended to verify the victim’s identity. 

Signs of SIM jacking include a sudden loss of access to the network – for example, when an SOS message appears at the top of your screen, a phone that stops working or receiving a message stating a mobile number is about to be swapped to a new one. 

It may be possible to set up a special PIN with your mobile carrier to avoid unauthorised SIM swapping.

• Business email compromise scams: impersonating real emails

In these scams, criminals impersonate legitimate businesses. They send fraudulent emails to trick victims into transferring funds to scammers’ bank accounts. They may alter email addresses to closely resemble legitimate ones or they may use compromised accounts to make the messages look authentic.

In property and real estate transactions, this may involve inserting false bank details for settlement payments, causing victims to unknowingly transfer money to the wrong account.

Ten ways to guard against fraud

There will always be scammers out there, but just as you might lock your front door when leaving the house, here are some simple measures you can take to help keep their sticky fingers off your finances in 2025.  

1. Update your sensitive passwords regularly

Ensure that the passwords for your MyGov, bank and your email accounts are strong and unique – and change them every three months at least.  

2. Enable multi-factor authentication

Multi-factor authentication strengthens security by requiring you to verify your identity through multiple methods, which may include something you know (like a password), something you have (like a phone or hardware token) and something you are (like a fingerprint or facial recognition). This makes it much harder for scammers to gain access to your money. 

3. Conduct a digital cleanse

Regularly remove old or sensitive files and emails from your computer and email accounts so that information can’t be accessed by an unauthorised user.

4. Install a password manager

A password manager securely stores your passwords and can generate strong, unique passwords for each of your accounts.

5. Install Internet security apps

Protect your mobile and computer with Internet security apps, such as anti-malware and antivirus software, which can detect and block malicious activities.

6. Guard against physical access

Shred any personal documents you no longer need and secure your mailbox with a lock to stop identity thieves from accessing sensitive information in discarded documents or stolen mail.

7. Sign up to a credit bureau

Monitoring your credit profile can help you spot signs of identity theft early. Consider placing a freeze or proactive alert on your profile to prevent fraudsters from opening accounts in your name.

8. Avoid clicking on links

Always manually enter business websites and phone numbers from their official websites to reduce your risk of falling victim to phishing scams.

9. Pause before you act

Take a moment to verify the legitimacy of any urgent requests. Use the Australian Securities and Investment Commission (ASIC) scam register or Scamwatch to check if you could be the target of a known scam. Scammers often use urgency to pressure people into making hasty decisions. 

10. Don’t offer easy access

Public Wi-Fi networks are often insecure, so don’t use them for sensitive transactions and always log out of browser windows on your devices when you are finished.

Following these tips can help you outwit online scammers and provide peace of mind that you’re taking every reasonable step to safeguard your savings and investments. 

* Targeting scams. Report of the National Anti-Scam Centre on scams data and activity 2024. 
^ Monthly Intelligence Report, National Anti-Scam Centre, August 2024.

Source: Colonial First State