News

A real cybercrime story

Australians lost over $3 billion to scams in 2022 alone. With investment scams being the most common, consider these insights so you can better protect yourself from online criminals.

This is a story where scammers created a website and emails that looked legitimate.

What was the scam? An example from Colonial First State (CFS)

A website was set up offering competitive, market-beating fixed interest opportunities. It claimed to partner with banks and fund managers around Australia to offer the best fixed income investments.

It also used reassuring language, saying interest rates were ‘fully insured’ to make the offer sound safe.

Potential investors came across the website simply by looking for investment opportunities through an online search.

The website contained a form for potential investors to get in touch. Through this, cyber criminals captured personal details including name, email address and phone number. They made contact using an email that was dressed up to look like it came from CFS and also via phone.

How did CFS respond?

When the CFS Financial Crime team became aware of this scam, they quickly took a range of actions. The team:

  • acted to get the website shut down and the fraudulent email accounts blocked
  • lodged reports with the Australian Securities and Investments Commission (ASIC), as well as the relevant national anti-scam bodies
  • informed our frontline teams so they were alert to any calls about the false opportunity.

The CFS team also offered their expertise, and that of other trusted service providers, to help people who were affected by the scam.

What can you do to stay safe?

In this case, simple checks did not foil this scheme. For instance, calling the Contact Centre to verify the person on the email worked. So, what can you do?

  • Use Google or another search engine to find more information on the organisation. Look for other websites for the business and review sites (e.g. Google reviews). Check the contact details, including website address, on those sites.
  • Check ASIC for business registration details.
  • For investments, certain disclosure documents should be provided, such as a Financial Services Guide and Product Disclosure Statement. These should be on the website.
  • Use contact details from an official website and ask questions about the specific offer when you call.

Here are some other tips provided by the CFS Financial Crime team:

  • Avoid sharing personal information like date of birth, address, and bank details.
  • Never provide your personal or security details like logins or passwords.
  • Contact your email provider for advice on how to block phishing emails.
  • Don’t click on links, open attachments or reply to requests that may be fake.
  • Contact your bank if you think your credit card or banking details are at risk.
  • Update your privacy settings, microphone and location.

Source: Colonial First State