Members Portal Become a member
Scams: A Real-Life Story and How to Protect Yourself Scams: A Real-Life Story and How to Protect Yourself Scams: A Real-Life Story and How to Protect Yourself

Amplify Your Shareholder Voice with ASA

Joining ASA is more than just accessing resources – it’s becoming part of a unified voice that champions shareholder interests across Australia. As a member, you’ll have access to invaluable educational materials and expert webinars and be part of a community driving change and setting standards in the investment landscape.

Join Today

Feel supported on your investment journey within our connected investor community

Connect with a community of passionate like-minded investors to share knowledge, advice and build fulfilling friendships.

idea (3)

Enrich your investor knowledge with a variety of learning resources

Take control of your learning journey with access to our podcasts, webinars, newsletters, monthly magazine Equity and online courses, curated for all levels and investing experience.

language

Let your voice be heard, as we advocate for your rights

We are the largest not-for-profit association that is dedicated to championing for the interests and rights of individual shareholders.

Get exclusive details to upcoming events, meetings & conferences

Broaden your knowledge & passion by attending our events tailored to bringing together retail investors with experienced finance leaders.

ASA Insights How To Invest Scams: A Real-Life Story and How to Protect Yourself
Website - Insights (88)

By Caity Somers, Marketing and Education Manager, Australian Shareholders’ Association

Every day, more Australians are falling victim to scams, losing hundreds, sometimes thousands of dollars. As AI advances and scammers become increasingly sophisticated, it’s becoming harder to distinguish genuine emails from cleverly disguised fakes.

Recently, I found myself in the middle of a scam attempt, one so convincing it initially fooled me. I wanted to share my story to highlight how easily these scams occur, and what you can do to protect yourself and your assets.

My close call with a scam

Earlier this month, I received an email from my accountant about my quarterly BAS statement for my business. It included the exact amounts I owed, details only he and the Australian Tax Office (ATO) would know. The email address matched his, complete with his email signature. We exchanged emails for a while, and nothing seemed unusual.

Then came the red flag. He instructed me to pay the amount through his office because there were “additional things” they needed to provide. This didn’t sit right with me. I’ve always paid the ATO directly, never through my accountant. I forwarded the email to my husband and said: “this doesn’t look legitimate to me. What do you think?”

Within 30 minutes, the scammer replied from my husband’s email address, using his exact email signature, saying:

“I just got off the phone with [accountant’s name], and it’s legit. He explained everything to me. I can fill you in later. You’re all good to make payment.”

Luckily, I was on the phone with my husband at the time. He confirmed he hadn’t sent the email. I immediately blocked the sender, called my accountant, and reported the incident.

How did this happen?

This was a classic case of email spoofing. A scammer sends an email that appears to be from someone you know or trust.

Here’s how it works:

  • The scammer forges the sender’s address, so it looks genuine.
  • The email often includes urgent requests, such as payments or sensitive details.
  • The goal is to trick you into acting, such as clicking a link, downloading an attachment, or transferring money.
  • Sometimes scammers receive these details through data breaches or by hacking into your contacts’ email accounts.

For example, you might receive an email that looks like it has been sent by your bank or boss, asking for a quick transfer. But it’s really a scammer trying to steal your money or information.

How to protect yourself

Here are five simple steps to avoid falling victim to email spoofing and other scams:

  1. Always verify the sender’s email address. Check carefully for subtle misspellings or odd domain names (e.g. yourcompany.com vs. yourcompany.co). If something looks suspicious, don’t trust it – even if the name looks familiar.
  2. Never click on suspicious links or attachments. If you receive an email with an urgent request like “click here” or “open this now,” pause. Hover over the link to check the actual URL, and only open attachments from trusted contacts.
  3. If you are in doubt, contact the sender directly. If an email feels suspicious – even if it looks legitimate – pick up the phone or send a separate email to the contact (using an address you already know, not by replying to the suspicious email) to confirm it’s really from them.
  4. Regularly update and strengthen your passwords. Use unique, strong passwords (at least 12 characters, with a mix of upper/lowercase, numbers, and symbols) and avoid reusing passwords across different accounts. Update them periodically, especially if you suspect any compromise.
  5. Enable two-factor authentication (2FA). This adds an extra layer of security by requiring a code to be sent to your phone or an authenticator app in addition to your password. Even if someone steals your password, they still can’t access your account without this code.

How to set up 2FA

If you’re unsure how to set up 2FA, the Australian Government Cyber Security website has a helpful step-by-step guide here.

Many banks, email providers, and online services also offer customer support to help you get started. Simply contact their helplines or visit their websites for guidance on enabling 2FA. If you’re feeling uncertain, don’t hesitate to ask a family member or friend for help. Setting up 2FA is one of the best ways to secure your accounts against scams.

If you’ve been targeted or experienced a scam attempt, report it immediately at www.scamwatch.gov.au or www.cyber.gov.au, or call the Australian Cyber Security hotline on 1300 292 371.

Scams can happen to anyone, even the most cautious among us. By staying vigilant, double-checking senders, and using tools like 2FA, you can greatly reduce your risk. Remember: it’s always better to take a minute to verify than to lose your hard-earned savings to a scammer.

Share
Back to Insights

Related Articles

See All Articles