August 8, 2019
IDCARE has received many reports about phishing text messages appearing to come from Australia Post. These messages are likely to appear in the same message stream as your legitimate Australia Post messages as scammers can ‘spoof’ phone numbers. If you have responded to the message, please follow the relevant steps below. Australia Post has also posted the following details in relation to the issue: Scam Alert.
IDCARE measures risk of future identity misuse based on the nature of the credentials compromised. Items such as name, address, date of birth and email address are credentials that alone would be considered low risk of direct future misuse. In most cases what is of real value to identity thieves are passports, driver licences, credit cards and banking username and login details.
This type of technology allows a caller to masquerade as someone else by falsifying the number that appears on the recipient’s caller ID display or in text messages. Caller ID Spoofing does not utilise the real phone number of the service provider, it is technology that disguises the number to make it look as though it comes from a trusted source.
Financial Institution: If you have entered any of your debit/credit card details into the linked website, IDCARE recommends you contact your financial institution/s to let them know that your card and account information may be at risk. Talk to your institution(s) about what additional controls can be put in place (such as security questions, two-factor authentication, and new PINs). It is also recommended to change your passwords,ensuring they are strong and individual using a different device to the one used to respond to the text message or doing so by calling your bank or visiting a branch and doing it in person.
Apple device: You may wish to speak with Apple on 1300-321-456 and please change your apple ID password.
Android device: Run anti-virus software then update Google Play/Gmail password.
If you still have concerns after following the device recommendations above, please consider completing a factory reset on your device. Ensure you remove/save or update any photos or data you do not want to lose before completing the reset.
Scammers can easily convince their prospective victims of working for Government or big business when they have just a little bit of information about each of us. You may receive more phone calls and text messages. Be on the lookout for more phishing messages that appears to come from well-known organisations such as myGov, ATO or your bank that appear on the same message stream. Or calls designed to heighten you into providing more information.
Scammers love to share contact information once a person’s identity is confirmed as linking to a number. They do this because it increases their chance of success to get your high risk credentials the next time they call (passport, driver licence, remote access to your computer, tax file number, banking / credit card details etc.).
Knowing a little about someone can make the difference for a scammer in pursuing follow-on engagement (even pretending to be another organisation).
If you think a caller may be legitimate, the best way to manage this would be to ask for the organisation name and end the call. Then do your own research and find and confirm their legitimate contact details and make the contact yourself to confirm if needed.
Going forward it is recommended:
Credit Reporting Agencies (CRAs):
As a general precautionary measure, you may contact the three credit reporting agencies in Australia and order free credit reports. A credit report contains your credit history, and includes information such as existing loans, outstanding debt, enquiries from credit providers, telcos and utility companies, etc. A credit report will enable you to see whether there have been any fraudulent applications for lines of credit in your name. This is unlikely if the scammer has not had access to high risk documents such as driver licence etc. However, we recommend consumers order a free report every 12 months to ensure their details are accurate. For more information, please see our Fact Sheets on : Credit Reports.
If you feel concerned you can also apply for credit bans(freezes) if you feel you want to have more safeguards in place. It means that the CRAs are not able to disclose any personal information from your consumer credit report to any credit providers where fraudulent applications may have been submitted. A ban does not impact your current credit line or credit payments. For a step-by-step guide on how to apply, please go our Fact Sheet on Credit Bans.
Tips for Keeping your Mobile Phone Number Secure: Occasionally criminals will attempt to gain access to a person’s mobile phone number. The reason a mobile number is so attractive to scammers is the two-step verification codes (also know as two-factor verification) most people have setup for online accounts that are used when resetting a password or making a bank transfer. For more details about the risks around a mobile number please go to our Fact Sheet on Mobile Phone Porting.
For more information on how to protect yourself from identity theft, scams and cyber crime, visit IDCARE’s Learning Centre.
The Managing Director of IDCARE, David Lacey, gave this keynote presentation to the Identity Conference 2019.Read more...
Our analysts predict what scammers are scheming for 2021.Read more...
IDCARE as a registered charity does not ask individuals to donate or pay for our front line services. We are not a charity that can receive tax deductible donations.
We rely on organisations that care enough about you to care about us to keep our charitable service going. Proudly these organisations are displayed above and on our Subscriber Organisations page.
If you are asked for payment from someone claiming to be from IDCARE, please report this to us using our Report Phishing email.
IDCARE has access to the Department of Social Services’ Free Interpreting Service, delivered by the Translating and Interpreting Service (TIS National). Access to the Free Interpreting Service is provided to assist you to communicate with non-English speaking people who hold a Medicare card. Please note that the service does not extend to New Zealand citizens or residents who do not hold an Australian Medicare card, or to tourists, overseas students or people on temporary work visas.
New Zealand Relay provides services to help Deaf, hearing impaired, speech impaired, Deafblind and standard phone users communicate with their peers.
A TTY user connects to New Zealand Relay via a toll-free number and types their conversation to a Relay Assistant (RA) who then reads out the typed message to a standard phone user (hearing person).
The RA relays the hearing person's spoken words by typing them back to the Textphone (TTY) User.
The National Relay Service (NRS) is an Australian government initiative that allows people who are deaf, hard of hearing and/or have a speech impairment to make and receive phone calls.
The NRS is available 24 hours a day, every day and relays more than a million calls each year throughout Australia.
ABN 84 164 038 966