AUS Privacy Kit
security-guide

The Complete Australian Scams Guide: How to Spot and Avoid the Top 15 Scams in 2025

β€’20 min readβ€’

Comprehensive guide to identifying and avoiding the 15 most common scams targeting Australians in 2025, including Hi Mum scams, ATO fraud, and bank impersonation.

Affiliate Disclosure

AUS Privacy Kit is reader-supported. This article contains affiliate links, which means we may earn a commission if you make a purchase through our links, at no additional cost to you. We only recommend products we've independently tested and believe provide genuine value to Australians. Our reviews remain unbiased regardless of affiliate relationships.

Australians lost $2.0 billion to scams in 2024β€”a record high. That's $2,000,000,000 taken from everyday people through text messages, phone calls, emails, and fake websites.

The worst part? Most scams are completely avoidable if you know what to look for.

This guide covers the 15 most common scams targeting Australians in 2025, with:

  • Real examples of each scam
  • Specific red flags to watch for
  • Verification steps you can take immediately
  • What to do if you've been scammed

Let's make sure you're not part of next year's statistics.

Table of Contents

  1. Hi Mum/Hi Dad Scams
  2. Fake ATO Messages
  3. Bank Impersonation Scams
  4. myGov Phishing
  5. Fake MyPost/Australia Post Scams
  6. Marketplace Scams (Facebook, Gumtree)
  7. Romance Scams
  8. Investment Scams
  9. NBN/Telstra Tech Support Scams
  10. Energy Bill Relief Scams
  11. Medicare/Centrelink Phishing
  12. Remote Access Scams
  13. Fake Charity Scams
  14. Job/Employment Scams
  15. Rental Scams

1. Hi Mum/Hi Dad Scams

What It Looks Like

You receive a text from an unknown number:

"Hi mum, I've lost my phone. This is my new number. Can you message me on WhatsApp?"

Once you reply, the scammer (pretending to be your child) urgently needs money for a phone repair, overdue rent, or emergency bill.

Real Example

Unknown: "Hi mum it's me, dropped my phone in the toilet 😭
using my friend's phone. Can you save this number?"

You: "Sarah? Is that you?"

Unknown: "Yes! I need your help. I have to pay a tradie today
but my banking app isn't working on this phone. Can you transfer
$2,800 to this account? BSB: 123-456 Acc: 12345678.
I'll pay you back tomorrow!"

Red Flags

  • βœ— Message comes from an unknown number
  • βœ— Urgent payment request
  • βœ— BSB/account details provided immediately
  • βœ— Claims they can't call you (broken phone, friend's phone, etc.)
  • βœ— Unusual grammar or phrasing for your child

How to Verify

Call your child's original number before sending any money. If they don't answer:

  • Call another family member or friend who can reach them
  • Ask a question only your real child would know
  • Suggest a video call (scammers will refuse)
  • Say you'll drop by in person (scammers will panic)

Never send money based solely on a text message.

If You've Been Scammed

  1. Contact your bank immediately (within minutes, they may be able to stop the transfer)
  2. Report to ReportCyber (ACSC)
  3. Report to Scamwatch
  4. Keep all text messages as evidence

2. Fake ATO Messages

What It Looks Like

You receive an email, text, or automated call claiming to be from the Australian Taxation Office:

  • "You have a tax refund of $847.50 waiting"
  • "Your tax return has been flagged for review"
  • "You owe $3,200 in unpaid taxesβ€”pay now to avoid legal action"

Real Example (Email)

From: no-reply@ato-gov-au.com.au
Subject: Tax Refund Notification - $847.50

Dear Taxpayer,

Your 2024 tax return has been processed. You are entitled to a
refund of $847.50.

Click here to claim your refund: [LINK]

You must claim within 7 days or the refund will be forfeited.

Australian Taxation Office

Red Flags

  • βœ— Asks you to click a link to claim a refund
  • βœ— Threatens legal action or jail time
  • βœ— Demands immediate payment via gift cards, cryptocurrency, or wire transfer
  • βœ— Uses urgent language ("within 24 hours or...")
  • βœ— Email address doesn't end in @ato.gov.au (watch for tricks like ato-gov.com.au)
  • βœ— Generic greeting ("Dear Taxpayer" instead of your name)

How to Verify

The ATO will NEVER:

  • Email or text you with a link to claim a refund
  • Threaten you with immediate arrest
  • Ask for payment via gift cards, Bitcoin, or iTunes cards
  • Demand bank account details over the phone

If you're unsure:

  1. Log in to myGov directly (don't click email links)
  2. Check your ATO inbox for official messages
  3. Call the ATO directly: 13 28 61

If You've Been Scammed

  1. If you provided bank details: Contact your bank immediately
  2. If you clicked a link: Change your myGov password and enable 2FA
  3. Report to ReportCyber
  4. Check your myGov account for any unauthorized tax returns lodged

3. Bank Impersonation Scams

What It Looks Like

You receive a call, text, or email appearing to be from your bank (CommBank, NAB, Westpac, ANZ):

  • "Suspicious activity detected on your account"
  • "Your card has been blocked for security reasons"
  • "Click here to verify your identity"

Real Example (Phone Call)

Scammer: "Hi, this is John from CommBank fraud prevention.
We've detected suspicious transactions on your account.
Have you made purchases at Kmart this morning for $1,200?"

You: "No, I haven't!"

Scammer: "Okay, we need to secure your account immediately.
I'm going to send you a code via SMS. Can you read it back
to me so I can cancel these fraudulent transactions?"

[The "code" is actually your NetBank password reset code]

Red Flags

  • βœ— Caller asks for full passwords, PINs, or SMS codes
  • βœ— Caller claims your account will be "frozen" unless you act now
  • βœ— Email or text contains a link to "verify your account"
  • βœ— Caller ID shows your bank's name (can be spoofed)
  • βœ— Asks you to move money to a "safe account"

How to Verify

Your bank will NEVER:

  • Ask for your full password or PIN
  • Ask for SMS/2FA codes
  • Send you links to click in emails or texts
  • Tell you to move money to a "safe account"

If you receive a suspicious call:

  1. Hang up immediately
  2. Call your bank's official number from their website or your card
  3. Wait 5 minutes before calling (scammers can keep the line open)

If You've Been Scammed

  1. Call your bank immediately on their official number
  2. Check your account for unauthorized transactions
  3. Cancel your cards and request new ones
  4. Change your online banking password
  5. Report to ReportCyber

4. myGov Phishing Scams

What It Looks Like

You receive an email or text claiming to be from myGov:

  • "Your myGov account has been suspended"
  • "You have a new message from Services Australia"
  • "Update your details to continue accessing Centrelink"

Real Example

From: myGov@services-gov-au.com.au
Subject: myGov Account - Action Required

Your myGov account requires immediate verification.

Click here to verify: [LINK]

Failure to verify within 48 hours will result in account suspension.

Services Australia

Red Flags

  • βœ— Email asks you to click a link
  • βœ— URL doesn't start with https://my.gov.au
  • βœ— Email address doesn't end in @servicesaustralia.gov.au
  • βœ— Threatens account suspension
  • βœ— Generic greeting (not your name)

How to Verify

myGov will NEVER:

  • Send you a link to log in
  • Ask for your password via email
  • Threaten to suspend your account via email

Always:

  1. Go to my.gov.au directly by typing it in your browser
  2. Check your myGov inbox for official messages
  3. Ignore any emails with links

If You've Been Scammed

  1. Change your myGov password immediately
  2. Enable two-factor authentication
  3. Check your linked services (Centrelink, ATO, Medicare) for changes
  4. Report to ReportCyber

5. Fake MyPost/Australia Post Scams

What It Looks Like

You receive an SMS or email about a parcel delivery:

  • "Your parcel is awaiting delivery. Pay $2.50 to reschedule"
  • "Australia Post: Track your package here [LINK]"

Real Example

SMS: "Australia Post: Your package is pending delivery.
Confirm delivery details: auspost-delivery.com/track/AU91847"

Red Flags

  • βœ— URL doesn't match auspost.com.au exactly
  • βœ— Asks for payment for a parcel you didn't know was coming
  • βœ— Requests credit card details for a small "redelivery fee"
  • βœ— Look-alike domains: auspost-delivery.com, australiapost.net, etc.

How to Verify

Australia Post will NEVER:

  • Send you an SMS with a link to pay for delivery
  • Ask for credit card details via text message

If you're expecting a package:

  1. Go to auspost.com.au directly
  2. Use the tracking number from the sender (not the text)
  3. Check your email for official Australia Post notifications

If You've Been Scammed

  1. Contact your bank if you entered card details
  2. Report the fake website to ReportCyber
  3. Check your bank statements for unauthorized charges

6. Marketplace Scams (Facebook, Gumtree)

What It Looks Like

As a seller:

  • Buyer offers to pay via PayPal, sends fake email saying "payment is pending until you provide tracking"
  • Buyer wants to "overpay" and have you refund the difference
  • Buyer asks you to click a link to receive payment

As a buyer:

  • Seller demands payment via bank transfer before viewing item
  • "Car is located interstate, send deposit to secure"
  • Item is suspiciously cheap

Red Flags

  • βœ— Buyer/seller refuses to meet in person
  • βœ— Payment involves gift cards, cryptocurrency, or wire transfers
  • βœ— Seller has a brand new account with no history
  • βœ— Price is too good to be true
  • βœ— Requests personal information (license, passport)

How to Verify

Safe buying/selling practices:

  • Meet in person at a public place (police station, shopping center)
  • Use cash or bank transfer (with buyer protection)
  • Never send deposits for items you haven't seen
  • Check seller's profile history and reviews
  • If buying a car: Get a PPSR check ($2 from ppsr.gov.au)

7. Romance Scams

What It Looks Like

You match with someone on a dating app (Tinder, Bumble, Hinge, RSVP). They quickly move to WhatsApp or email. After building a relationship over weeks/months, they need money for:

  • Medical emergency
  • Flight to visit you
  • Debt repayment
  • Business investment

Real Example Timeline

Week 1-2: Intense emotional connection, daily messages
Week 3-4: "I've never felt this way before. You're so special."
Week 5: "My mother is sick and I need $5,000 for surgery..."
Week 6: "I'll pay you back when I see you next month..."
[Money never returned, person disappears]

Red Flags

  • βœ— Profile photos look like model/stock photos (reverse image search them)
  • βœ— Claims to work overseas (military, oil rig, doctor, engineer)
  • βœ— Refuses to video call (always an excuse)
  • βœ— Moves relationship very fast ("love you" within days)
  • βœ— Can never meet in person (always a last-minute excuse)
  • βœ— Asks for money, gift cards, or cryptocurrency

How to Verify

Protect yourself:

  • Reverse image search their photos (drag into Google Images)
  • Insist on a video call before any financial discussion
  • Never send money to someone you haven't met in person
  • Tell a friend/family member if someone asks for money

If You've Been Scammed

  1. Don't send more money (even if they promise to pay you back)
  2. Report to Scamwatch
  3. Report the profile to the dating app/website
  4. Contact your bank if you've sent money

You are not alone. Romance scams are designed by professionals to exploit emotions. It's not your fault.

8. Investment Scams (Crypto, Shares)

What It Looks Like

You see an ad on Facebook/Instagram featuring a celebrity (Gina Rinehart, Andrew Forrest, Dick Smith) promoting a "guaranteed return" investment in:

  • Cryptocurrency
  • Bitcoin trading platform
  • Stock market algorithm
  • Forex trading

Real Example

"Dick Smith reveals $47 billion Bitcoin loophole that makes
Australians $8,350/day from home"

[Article looks like news.com.au but URL is news-daily.com.au]

"I was skeptical too, but after investing $250, I now make
$8,000 per week working from home!"

Red Flags

  • βœ— Celebrity endorsement (always fakeβ€”celebrities are suing over this)
  • βœ— Guaranteed returns or "risk-free" profits
  • βœ— Pressure to invest immediately ("limited spots")
  • βœ— Asks you to download remote access software (AnyDesk, TeamViewer)
  • βœ— Website looks like a news site but URL is slightly different
  • βœ— "Broker" calls you and helps you "trade" on their platform

How to Verify

Investment scam checks:

  1. Check if the company is licensed: ASIC Connect Register
  2. Search company name + "scam" on Google
  3. If celebrity is featured: Search "[celebrity name] investment scam"β€”you'll find they never endorsed it

Remember:

  • If it sounds too good to be true, it is
  • Legitimate investments don't guarantee returns
  • No algorithm makes $8,350/day from home

If You've Been Scammed

  1. Stop all contact with the scammer
  2. Do not send more money (even to "withdraw profits")
  3. If you downloaded AnyDesk/TeamViewer: Uninstall and change all passwords
  4. Report to your bank
  5. Report to ASIC

9. NBN/Telstra Tech Support Scams

What It Looks Like

You receive a call from someone claiming to be from:

  • NBN Co
  • Telstra Technical Support
  • Your internet provider

They claim:

  • Your internet has been hacked
  • Your router is infected with a virus
  • Your connection will be disconnected unless you act now

Real Example

Scammer: "Hello, I'm calling from NBN technical support.
We've detected malicious activity on your internet connection.
If we don't fix it now, your service will be disconnected
in 24 hours."

[They ask you to:]
- Download remote access software (AnyDesk, TeamViewer)
- Run commands on your computer
- "Verify" your identity with bank details

Red Flags

  • βœ— Unsolicited call about internet problems you didn't report
  • βœ— Claims your internet will be "disconnected" immediately
  • βœ— Asks you to download remote access software
  • βœ— Asks for payment via gift cards or cryptocurrency
  • βœ— Heavy accent claiming to be from "Windows" or "NBN"

How to Verify

NBN/Telstra will NEVER:

  • Call you unsolicited about viruses
  • Ask you to download remote access software
  • Request payment via gift cards

If you get this call:

  1. Hang up immediately
  2. If concerned, call your ISP directly using the number on your bill

If You've Been Scammed

  1. Uninstall any software they had you download
  2. Run a full antivirus scan
  3. Change all passwords (email, banking, everything)
  4. Check bank statements for unauthorized transactions
  5. Consider factory resetting your computer if they had access

10. Energy Bill Relief Scams

What It Looks Like

With the current cost of living crisis, scammers are targeting Australians with fake energy rebates:

  • "You're eligible for $1,400 energy rebate"
  • "Click here to claim your government energy assistance"

Real Example (SMS)

"Australian Energy Regulator: You qualify for $1,400 energy
relief payment. Claim now: energy-rebate-gov.com.au/claim"

Red Flags

  • βœ— Asks you to click a link to claim
  • βœ— Requests bank account or credit card details
  • βœ— URL doesn't match official government website
  • βœ— Threatens you'll "miss out" if you don't claim immediately

How to Verify

Energy rebates are:

  • Applied automatically by your energy provider
  • Never require you to click a link or provide details
  • Announced by your state government, not via text

If you're eligible for energy assistance:

  1. Check your state government website directly
  2. Contact your energy provider
  3. Go to Services Australia

11. Medicare/Centrelink Phishing

What It Looks Like

You receive a call or text about:

  • Medicare card suspension
  • Centrelink payment issue
  • Medicare rebate waiting

Real Example

SMS: "Medicare: Your card has been suspended due to unusual
activity. Reactivate: medicare-services-gov.com.au"

Red Flags

  • βœ— Medicare/Centrelink don't suspend cards via text
  • βœ— URL doesn't match official .gov.au addresses
  • βœ— Requests personal details via SMS

How to Verify

Always:

  • Log in to myGov directly at my.gov.au
  • Call Medicare on 132 011
  • Call Centrelink on 132 850

12. Remote Access Scams

What It Looks Like

Any scam that involves downloading software so someone can "help" you:

  • AnyDesk
  • TeamViewer
  • QuickSupport

Once installed, scammers can:

  • See everything on your screen (including passwords)
  • Install malware
  • Access your online banking

Red Flags

  • βœ— Anyone asking you to download remote access software
  • βœ— Claims they need to "fix" something on your computer
  • βœ— "Helper" who needs access to solve a problem

How to Verify

Legitimate tech support:

  • Will never call you unsolicited
  • Won't ask for remote access unless YOU initiated the support request
  • Will be verified through official channels (your ISP, your bank, etc.)

13. Fake Charity Scams

What It Looks Like

After natural disasters (bushfires, floods), fake charities appear asking for donations.

How to Verify

Before donating:

  1. Check if the charity is registered: ACNC Charity Register
  2. Donate directly through the charity's official website
  3. Never donate via gift cards, cryptocurrency, or wire transfers
  4. Be wary of high-pressure tactics or limited-time offers

14. Job/Employment Scams

What It Looks Like

You apply for a job on SEEK, Indeed, or LinkedIn. The "employer":

  • Offers a job without an interview
  • Asks you to pay for training, equipment, or background checks
  • Sends you a check and asks you to buy equipment (check bounces)
  • Asks for bank details "for payroll setup" before you start

Red Flags

  • βœ— Job offer without interview or meeting
  • βœ— Asks for money upfront
  • βœ— Salary is unusually high for simple work
  • βœ— Vague job description
  • βœ— Email from Gmail/Outlook instead of company domain

How to Verify

Before accepting a job:

  1. Search company name + "scam"
  2. Verify company exists (Google Maps, ABN Lookup)
  3. Never pay for a job
  4. Research typical salary for the role

15. Rental Scams

What It Looks Like

You find a rental property on realestate.com.au or Domain. The "landlord":

  • Is overseas and can't show the property
  • Asks for bond/deposit before viewing
  • Offers rent far below market rate
  • Uses generic email (Gmail) instead of agency

Real Example

Email: "I'm currently working overseas. The property is available
immediately. Transfer $2,800 bond and I'll mail you the keys."

Red Flags

  • βœ— Can't inspect the property in person
  • βœ— Rent is significantly below market rate
  • βœ— Landlord is "overseas" or "interstate"
  • βœ— Asks for payment before signing lease or viewing property
  • βœ— Payment via wire transfer or cryptocurrency

How to Verify

Safe rental practices:

  • Always inspect property in person
  • Deal with licensed real estate agents
  • Pay deposits via official channels (not personal bank accounts)
  • Verify agent license: [Check your state's agency register]
  • Never pay before viewing and signing a lease

General Scam Red Flags

If any message includes these, it's likely a scam:

🚩 Urgent threats (account suspension, arrest, disconnection) 🚩 Too good to be true (guaranteed returns, massive discounts) 🚩 Requests unusual payment (gift cards, crypto, wire transfer) 🚩 Asks for personal information (passwords, PINs, Medicare number) 🚩 Contains a link to click (especially in SMS) 🚩 Poor spelling/grammar from a "professional" organization 🚩 Caller ID spoofing (looks like your bank, but isn't) 🚩 Generic greetings ("Dear Customer" instead of your name)

What to Do If You've Been Scammed

Immediate Actions (First 24 Hours)

  1. Stop all contact with the scammer

    • Block their number/email
    • Don't send more money (even if they threaten you)

  2. Contact your bank immediately

    • Call the number on your card
    • Report unauthorized transactions
    • Request new cards if you shared details

  3. Change all passwords

    • Banking
    • Email
    • myGov
    • Any account the scammer may have accessed

  4. Enable two-factor authentication (2FA)

    • On email, banking, myGov

  5. Report the scam

Document Everything

  • Screenshots of messages
  • Phone numbers/email addresses
  • Bank transaction records
  • Timeline of events

This evidence helps authorities track down scammers and may help with insurance/bank reimbursement claims.

How to Protect Yourself

1. Slow Down

Scammers create urgency to bypass your critical thinking. If someone demands immediate action, it's probably a scam.

Take 5 minutes to:

  • Hang up and call the organization directly
  • Search "[company name] + scam"
  • Ask a friend or family member

2. Never Click Links in SMS/Email

Type the website address directly into your browser:

  • myGov: my.gov.au
  • ATO: ato.gov.au
  • Your bank: Type from memory or use a bookmark

3. Verify Through Official Channels

| If contact claims to be from... | Call this number instead | |---|---| | ATO | 13 28 61 | | Centrelink | 132 850 | | Medicare | 132 011 | | Your bank | Number on the back of your card | | NBN | Your ISP's official number |

4. Use Strong, Unique Passwords

Use a password manager (1Password, Bitwarden) to generate and store unique passwords for every account.

5. Enable Two-Factor Authentication (2FA)

On these accounts at minimum:

  • Email
  • myGov
  • Banking apps
  • Social media

6. Freeze Your Credit

Consider a credit ban with Equifax, Experian, and illion if you're concerned about identity theft.

Free Resources

Government Resources:

ACCC's Little Black Book of Scams: Download the free PDF guide: ACCC Scams Guide

Get Our Free Scam Quick Reference Card

We've created a printable 2-page guide covering the top 10 Australian scams with verification steps you can keep in your wallet or on your fridge.

Download Free Scam Checklist β†’

Want Complete Protection?

This guide covers scam identificationβ€”but what about breach response, MyGov security, bank app settings, and password management?

Our Australian Financial Security Toolkit ($149) includes:

  • Interactive security audit spreadsheet
  • 12+ step-by-step checklists
  • Video walkthroughs for MyGov, bank apps, and more
  • Quarterly updates with new scams and security changes

Learn More About the Toolkit β†’

Conclusion

$2.0 billion was stolen from Australians in 2024. Most of those scams could have been prevented with one simple action: pausing and verifying.

The next time you get a text about a parcel, a call from the "ATO," or a message from "your child" asking for money:

  1. Stop
  2. Don't click any links
  3. Verify through official channels

Save this guide, share it with family, and help make sure the people you care about don't become the next statistic.

Stay safe out there.

Have you spotted a new scam not covered here? Email us at hello@ausprivacykit.com and we'll add it to the guide.

About This Review: Last updated 15 January 2025. We test privacy tools monthly from Sydney and Melbourne. Our reviews remain independent regardless of affiliate relationships.
scamsfraudsecurityaustraliaatobankingfinancial-security

Stay Informed About Privacy

Get monthly privacy updates, tool reviews, and Australian data breach alerts delivered to your inbox.

No spam, unsubscribe anytime. Read our privacy policy.