Laura Elliott, DLA Piper Secondee
With the outbreak of COVID-19, more people than ever are coming into contact with government services, many for the first time and many after having lost their source of income. The combination of urgency, vulnerability and unfamiliarity creates an environment in which scammers thrive. The government scam watchdog Scamwatch has received over 3400 scam reports mentioning the coronavirus with over $1 790 000 in reported losses since the outbreak.
There are many different types of scams targeting individuals during COVID-19, from phishing scams impersonating government departments to gain access personal information, to scammers charging for fake goods or services. Some common types of scams are set out below, drawing on the factsheet I prepared for EJA, ‘COVID-19 Scams’.
A full list of current COVID-19 scams is available on the Scamwatch website.
Phishing is a type of fraud used by criminals to deceive victims by impersonating well-known and trusted organisations or people. Scams impersonating myGov, Services Australia, Centrelink, the Australian Taxation Office and the Department of Health are especially common.
Scammers send emails or text messages designed to look like they are genuinely from the Government by copying the format used by the organisation and including their branding and logo. They may also reference real government policies or initiatives – for example, Economic Support Payments or COVID-19 testing centres. The messages draw the recipient in with the promise of essential information or financial support.
Known COVID-19 phishing scams include fake messages pretending to be from:
- Australian Government
- Australia Post
- Department of Health
- Australian Taxation Office
- Services Australia or Centrelink
- World Health Organisation and other international health sector organisations
- Banks, supermarkets or travel agents
- Insurance and telecommunications companies
- Microsoft or IT help desks
The scammers send fake messages, either through email or SMS, pretending to be from these well-known organisations or departments. These messages may ask a person to:
- enter their personal information on a fake website;
- open malicious links or attachments that will damage their computer records;
- repay a fake debt, such as a tax debt, or an overdue account; and/or
- repay a fake service or something they did not purchase.
People interacting with government services for the first time and during a period of rapid change are especially vulnerable to these messages. Scams also disproportionately impact those with lower digital or English language literacy, making clear government messaging to these groups essential.
Scammers have taken specific advantage of the Government’s COVID-19 superannuation release scheme, which allows those eligible to access up to $10,000 of their super early. This process is done by the individual themselves through the MyGov website – however, scammers have been posing as third parties offering to ‘help’ with accessing the scheme. These scams usually begin with someone calling the target and claiming to be from a superannuation fund or a financial services company. The scammer may try to get information about the person’s superannuation by offering to:
- check whether they are eligible to access their superannuation early during COVID-19;
- help them access the money in their super’ account;
- check that they have not been locked out of their super account or telling them that their inactive super’ account will be locked if they do not merge it with another super account; and/or
- check whether their super’ account is eligible for various benefits or deals.
The scammer will then ask for their personal details and log in details. The scammer may also ask for payment in return for their help. Scammers are also sending text messages claiming to be from the National Superannuation Review offering to review a person’s superannuation.
Once scammers have access to this information, they can set up a fake MyGov account and apply to access a person’s superannuation under the early access scheme.
Best practices for avoiding scams
There are several steps individuals can take to protect themselves from scammers. Spreading awareness of these practices among vulnerable communities and providing clear communication about government services is crucial to curbing further financial losses to scams. Key tips include:
- Not providing personal, banking or superannuation details to strangers or unverified website
- Not responding to unexpected messages or calls that ask for personal or financial details
- Not clicking on hyperlinks in text/social media messages or emails from people you don’t know, even if they appear to be from a trusted source – always go directly to the website of a government service or financial institution
- Regularly checking superannuation account balances to make sure they have not changed
- Protecting password information and regularly changing passwords
- Contacting an organisation or service if they have received a communication from them that does not seem legitimate
- Monitoring the Scamwatch news webpage for general warnings and media releases on COVID-19 scams
- Talking to family and friends about the risk of scams, especially if they are particularly vulnerable
Reporting instances of scams is key to helping stop their spread. If someone has been scammed or seen a scam, they can make a report on the Scamwatch website and report it to ReportCyber.
For more information, see the following websites:
- Australian Cyber Security Centre, including its detailed report on COVID-19 scams
- To stay up-to-date on the latest online threats and how to respond, sign up to the Stay Smart Online Alert Service
For more information, read the EJA factsheet, COVID-19 Scams