We’ll never ask you to provide us with your personal information or password by email. If you receive an email and it seems to be from a legitimate company but it’s not, this is called ‘phishing’.
Here are some ways on how you can spot a phishing email:
1. Double check the ‘from’ address that has been used, including the domain
If you don’t recognise the email address or have any suspicion, contact the legitimate company using the contact details provided on their official website.
2. Check for any bad spelling mistakes or poor grammar
Scammers are improving their writing style, but a lack of punctuation or different font sizes throughout the email are signs that the email isn’t genuine.
3. Is the email asking you to enter personal information through a hyperlink?
It’s best not to click on these links as these could be harmful to your device, as they might contain viruses. To protect yourself, log in to your account through the legitimate website and visit your message centre. From here, you’ll be able to check whether the same message is there. If it’s not, this is an indication that the email isn’t genuine.
4. Does the email prompt you to take action straight away?
You may feel a sense of pressure to act quickly and action what the email says. This is a scammer’s tactic to make you act without thoroughly thinking your actions through.
For more information on how to spot a phishing email or phone scam, check out our .
If you’d like tailored advice from experts, contact IDCARE, Australia's national identity and cyber support service, on 1300 432 273. Alternatively, you can visit their .