Category Archives: Scams

New Partnership with Westpac – Scam Email

MyGov and Westpac customers should be wary of a MyGov phishing email doing the rounds claiming you can earn a 30% discount on your next “tax payment” and a $300 bonus deposited in your account.

The email has the subject of New partnership with Westpac. New Rewards.

The scam email contains the Australian Government logo and the MyGov logo to give itself some credibility. The scammers have also spoofed the sender email to make it appear as though it has come from MyGov.

The email then goes on to say that ATO has signed a strategic partnership with Westpac, and that if you add your Westpac account to MyGov, you will receive a welcome bonus of $300.

The offer of a bonus is a tactic used by scammers to get you to lower your guard and to take the bait.

Upon clicking the click you are directed to a phishing website used to harvest MyGov Credentials.

This would allow the scammer to access your MyGov records and everything attached to it. If you make the habit of reusing passwords the scammer could then use your password to log into your other accounts, such as your bank account, or email.

Phishing emails can be reported to allow the corporations being impersonated to take action by alerting customers to the scam, or by assisting authorities in taking down the scam.

ATO themed scams can be reported here: https://www.ato.gov.au/General/Online-services/Identity-security/Verify-or-report-a-scam/

Westpac themed scams can be reported here: https://www.westpac.com.au/security/how-to-report/

Google also allow you to report phishing pages which they can then block directly in Google Chrome. You can do that here: https://safebrowsing.google.com/safebrowsing/report_phish/?hl=en

Always be wary of emails offering a reward by doing very little. Phishing emails can be very well put together and anyone can fall victim. If something sounds too good to be true, it most likely is.

Feel free to share this article with friends and family to help keep them safe and secure online. And don’t forget to check out our previous Tech Tips articles.

My Facebook has been Hacked!

“My Facebook has been Hacked!” is something I hear several times a week.

9 times out of 10 I find that there hasn’t actually been an account compromise, but instead an unknown person has created a duplicate account and has started adding all the original accounts Facebook friends.

Why would someone do this? Well, if they can pretend to be you, they can potentially scam one of your unsuspecting Facebook friends. There is a good chance your Facebook friends trust and respect you, so if they receive a message that appears to come from you, they are probably more likely to take the bait.

Scams vary; the scammer may send through a link to a malicious website designed to collect personal details, the link could contain malware, or they could straight out ask the victim to transfer some money.

Picking the victim

The scammer doesn’t just pick anyone to impersonate online. They will usually opt for accounts that are publicly visible, have a profile picture, and have a publicly visible friends list.

A publicly visible Facebook profile is easier for a scammer to come across. Once they do, the scammer will then download your profile picture. Create a new Facebook account, and then add all your friends from your publicly visible friends list.

If you have never changed any of your Facebook privacy settings, there is a good chance your profile fits into the category of someone they would like to impersonate.

How to avoid this happening to you

Facebook default settings are someone questionable in respect to privacy. I will show you know how to lock down your Facebook account and change it from the very open defaults.

First of all click the menu button and come down to settings.

Click Privacy in the left hand Windows and change the settings to match the settings below.

Click on the image to see full screen

At a bare minimum ensure that Who can see your friends list? is set to Only me and Do you want search engines outside of Facebook to link to your profile? should be set to No.

These are the main two settings that are going to lower the odds of someone trying to impersonate you.

For privacy, I highly recommend changing Who can look you up using the email/phone number you provided to Only me.

More settings can be found on Timeline and Tagging.

Click on Timeline and Tagging and then change the settings to match the settings below.

Click on the image to see full screen

These settings will help to keep your Facebook profile a little more private and hopefully make your account a little less easy to impersonate.

To avoid someone compromising your account ensure you use a strong unique password for every account online and also enable two-factor authentication.

Don’t forget to check out our other Tech-tips articles!

Nigerian Scam

Scams come in many varieties. Often though, we are used to receiving Nigerian Scams via email. I had a client this week drop in a letter she received in the mail. This is a reminder that scammers will change their tactics, and use old tactics to try and keep ahead of the curve.

More information regards Nigerians scams can be found on the Scam Watch website.