Personal information theft scams
Personal information theft scams come in many forms, hoping to trick you into sharing your personal information. Your personal information is a commodity, enabling scammers to open bank accounts and apply for credit cards using your identity.
One common form of this scam is hacking into your computer, mobile device or network to find personal banking and identity information. Malware is used to trick you into installing software that allows scammers to access your files and track your computer or phone activity. Ransomware is another form of software that can lock your computer files or change your passwords. The scammer then demands payment for unlocking your data. Personal online banking information can also be stolen or used to empty your bank accounts.
One of the lesser-known methods of personal information theft is scammers accessing your unlocked physical mailbox or even going through your rubbish for discarded personal documents such as power and water bills, insurance renewals or health care records.
One of the most common forms of this scam is something called ‘phishing’. Phishing scams are attempts by scammers to trick you into giving out personal information such as your bank account numbers, passwords and credit card numbers. They email or call you and pretend to be from your bank or other legitimate organisations and ask you for your verification details, including passwords and personal information.
Phishing attempts can look very convincing, using authentic logos and colours identical to the agency they are trying to mimic. They often use fake websites with web addresses that appear to be similar, with only slight variations.
‘Pharming’ is yet another technique that scammers use. An email will direct you to a fake version of a legitimate website you are trying to visit. This is done by infecting your computer with malware, which causes you to be redirected automatically, even if you type the real address or click on your bookmarked link.
Remote access scams try to convince you that you have a computer or internet problem and that you need to buy new software to fix the problem or pay the caller to solve the issue. Scammers often pretend they are from Telstra, the NBN, Microsoft or some other service provider or tele-communications company.
The caller will request remote access to your computer to find out what the problem is. The scammer might try to convince you to buy unnecessary software or a service to ‘fix’ the computer, or they might ask you for your personal details and your bank or credit card details.
Scam callers might sound knowledgeable, however, they can be very persistent and can become abusive if you don't do what they ask. Never let anyone access any of your devices remotely unless it’s from a prearranged user help supplier.
Report all scams to the Australian Competition and Consumer Commission’s ScamWatch website.
If you have incurred a financial loss, report it to your local Police. Please also let NT Consumer Affairs know about the scam. Call 08 8999 1999 or 1800 019 319 or email firstname.lastname@example.org so we can warn others.
Always be wary of these warning signs:
- You may not be able to log into your laptop or other computer and phone accounts.
- The speed of your devices may be reduced.
- Your files have been deleted or moved.
- There are unexpected pop-ups on your computer or mobile device asking if you want software to run.
- Money may mysteriously go missing from your bank accounts.
- You receive bills, invoices or receipts addressed to you for goods or services you didn’t purchase yourself.
- You are refused a financial service or an application for a loan or your credit card has been declined.
- You receive an email, text or phone call claiming to be from a bank, tele-communications provider or other business you regularly deal with, asking you to update or verify your details.
- The website address does not look like the address you usually use and is requesting details the legitimate site does not normally require.
- The email or text message does not address you by your proper name, and could contain typing errors and grammatical mistakes.
- You receive a phone call out of the blue and the caller claims to be from a large telecommunications or computer company, or a technical support service provider. They tell you that your computer is experiencing technical problems and they need remote access to sort out the problem. They ask for your personal details and your bank or credit card details.
How to protect yourself
Personal information theft can have an immediate and long lasting impact on you and your financial future. Always remember the following points to ensure you can protect your greatest resource, your own identity.
- Always keep your devices up to date with quality security software. You can now purchase security software that can be download across multiple devices and device types. Remember – if it connects to the internet, protect it!
- Always keep your computer operating system up to date and set all programs to update automatically.
- Download new phone updates as soon as possible. Like computer updates, these updates include critical security updates that will keep your device safe from scammers.
- Do not open suspicious texts or emails from unknown numbers. Simply delete them.
- When making online payments, only pay for items using a secure payment service—look for a URL starting with ‘https’ and a closed padlock symbol, or a payment provider such as PayPal.
- Put a lock on your physical mailbox and shred any paper documents containing personal information before disposing of them.
- Choose complex passwords and update them regularly. Never use the same password for each of your accounts. Never share passwords with anyone, including family and friends.
- Never send money or give credit card details, online account details or copies of personal documents to anyone you don’t know or trust.
- Consider using multi-factor or two-step authentication to access your devices.
- Do not click on any links or open attachments from emails claiming to be from your bank or another trusted organisation. Do not reply, simply delete.
- Do not update or verify your details if asked to do so via email or text from your bank or another trusted organisation. Do not reply, simply delete.
- Look for the secure symbol. Secure websites can be identified by the use of 'https:' rather than 'http:' at the start of the internet address, or a closed padlock or unbroken key icon at the bottom right corner of your browser window. Legitimate websites that ask you to enter confidential information are generally encrypted to protect your details.
- If you receive a phone call out of the blue about your computer and remote access is requested simply hang up. Telecommunication companies such as Telstra do not request credit card details over the phone to fix computer problems, nor do their contractors.
- Be very wary of entering online competitions that require your contact details. These can be a front to gain a list of active email accounts and other contact details.
- Never provide your personal, credit card or online account details if you receive a call claiming to be from your bank or any other organisation. Instead, ask for their name and contact number. Check their legitimate website for their contact details and return call using the legitimate number found. Do not use any number they give you.
- Never give an unsolicited caller remote access to your computer.
- Never give your personal, credit card or online account details over the phone unless you made the call and the phone number came from a trusted source.
- If you have fallen victim to a scam or you receive a lot of unsolicited emails and phone calls consider changing your email address and phone numbers. Successful scam attempts can mean that your contact details are usually sold on to other scam groups to be used again.