As scams evolve, so can you… ‘Phishing attacks’

Continuing on from last month cyber and scam awareness article, here we talk about ‘Phishing attacks’ and provide some tips and information to help you stay safe against these type of scams.


‘Phishing’ is the name given to scams which try to steal personal information with fraudulent messages.

Scammers will make contact with their target pretending to be a trustworthy organisation and request personal information. Common ways they do this include asking their target to:

  • verify details for their bank
  • fill out a customer survey
  • confirm credit card details
  • prove your identity.


These messages will often look legitimate, except for a few minor details being incorrect.


Three red flags

  1. Unexpected requests for information: Financial institutions will never ask for security passcodes or passwords in an unsolicited email, SMS, or phone call.
  2. Impersonal greetings: These scams may omit key personal details and not address their target by their proper name.
  3. Suspicious contact details: If the email address, website, or phone numbers included in suspicious messaging don’t match the ones you’ve received in previous conversations, it’s likely a scam.


Phishing emails

Phishing emails often impersonate large, trustworthy organisations or government agencies. They may contain a link asking you to enter your information or to respond quickly to their request via email.

  • Be on the lookout for poor spelling, grammar, urgent requests or other errors in the email that don’t match the organisation’s presentation.
  • Be suspicious of emails with offers that seem too good to be true or that threaten you to take an action they’ve proposed.
  • If you weren’t expecting a message from a person or business, don’t click on the links or open attachments to an email. You can always reach out to the person or business via another communication channel to verify the legitimacy of the message you’ve received.
  • Before you click a link, hover over it to see the actual web address it will take you to. If you don’t recognise or trust the address, you can always search for the article or site via a search engine with relevant key terms the page might use.
  • Utilise a spam filter to block suspicious messages from reaching your inbox.
  • Remember, we’ll never ask you for your passwords, secure codes, bank account details, or card details via email or SMS.


Security tip

Before giving out any personal details, take a moment to pause and independently verify that the person you’re dealing with is legitimate. It’s extremely unlikely that your bank or a legitimate financial institution will ask for these details in a way that surprises you, so taking a brief pause before acting can help you reset and weigh up the likelihood you’re being scammed.


Takeaways… three simple steps to protect yourself:





Look for red flags:

  • Unexpected requests for information.
  • Grammar and spelling errors.
  • Unusual contact details.
  • Urgent requests or threats.


  • Always think twice.
  • Were you expecting this call, email or SMS?
  • Take a second, breathe, and think.



  • If you’re unsure, ask someone you trust.
  • Always navigate to the organisation’s website yourself to log in.
  • Never give out your online banking password or security passcode to anyone or to any organisations.


Source: Macquarie – security and fraud guide