Published on:

November 6, 2019

When links are followed it is common that recipients are asked to complete their personal particulars, including:

  • Full name
  • Address
  • Date of Birth
  • Email Address
  • Debit / Credit Card Details
  • Bank Account Details
  • Tax File Number
  • Photo of Driver Licence
  • Photo of Passport
  • Medicare and/or Centrelink Reference Numbers
  • Account Passwords (such as telecommunications carrier customer account)

Around one in five clients that reported to IDCARE said that they completed the details and experienced further crimes. The most common misuse risks relating to the provision of this information captured by these clients involved:

  • Unauthorised transactions on debit / credit cards
  • Establishment of new transaction account
  • Unauthorised Individual Tax Return submission
  • Establishment of new email account
  • Unauthorised Mobile Phone Porting/SIM Swap
  • Unauthorised Access of Email Account
  • Mobile Number Spoofed
  • New Credit Card Application
  • New Personal Loan Application
  • Welfare Claim
  • Mail Redirection
  • Fraudulent Access of Superannuation Account

IDCARE advises that if you have not opened the link or followed any other instructions received on the SMS text message then the risks in relation to identity theft and misuse are very low. If you are using an Android device it is recommended that you install anti-virus. Apple products rely upon operating system updates to maintain their security.

If you have clicked a link and completed the required fields we recommend you take the following immediate actions (where appropriate to your situation):

  1. Contact your financial institution immediately and explore what additional controls you can place on your accounts and cards;
  2. If licence or passport information was sent, request credit bans from each of Australia’s three credit reporting bureaus and apply for copies of your credit reports (see IDCARE’s Learning Centre, Credit Ban Fact Sheet & Credit Report Fact Sheet). For passports you may wish to explore cancelling the passport and having a new one re-issued with a different number – note there will be fees for this;
  3. If a Tax File Number was provided, contact the ATO and ask for additional security measures to be placed on your account (call 1800 467 033 M-F 8am to 6pm AEDT);
  4. Update your passwords to your online accounts that has used the same email address (if provided) as their username;
  5. Contact the Department of Human Services if you believe your Medicare or Centrelink Reference Number has been exposed (call 1800 941 126 M-F 8am-5pm AEST);
  6. Contact your Superannuation Fund and explore what additional controls they can put in place, such as updating passwords, implementing second-factor authentication, or implementing additional “account change” authorisation procedures (such as confirming using alternate communication channels that requests to roll-over or access funds are legitimate);
  7. Contact your telecommunications and email provider about implementing second-factor authentication on your accounts or other security setting upgrades.

Brands impacted include major financial institutions,Commonwealth government agencies, social media, large retailers and telecommunication carriers.

If you require further assistance or have had other identity or account information compromised please complete an IDCARE Get Help Form. We will endeavour to respond to your requirements within two-business days but this will be influenced by demand. Note that we are a charity and not all organisations who refer their customers to IDCARE to address their needs support our charity financially. We appreciate your patience.


Other News

IDCARE is always active in the media from radio to TV, social media and news articles. Keep up to date with what's happening at IDCARE and in the media.

Identity Conference 2019: The Future Shape of Identity

Identity Conference 2019: The Future Shape of Identity

more info

October 14, 2019

iappANZ Annual Summit – Melbourne 2018

Australian Information and Privacy Commissioner discusses latest quarterly report on the Notifiable Data Breaches scheme.

more info

November 1, 2018

Looking for love online? There is a lot more to worry about than a broken heart

IDCARE Managing Director, Professor David Lacey says romance scams have increased by 40% in recent months during the coronavirus pandemic.

more info

October 6, 2020


IDCARE is here to provide you with specialist support and guidance when faced with a cyber and identity related issue. Contact one of our Identity & Cyber Security Case Managers to learn more about our Support Services and how we can help you.   
Call Centre Icon


1800 595 160

Mon - Fri: 8am - 5pm AEST

QLD: 07 3555 5900
ACT & NSW: 02 8999 3356
VIC: 03 7018 2366
NT, SA & WA08 7078 7741

Call Centre Icon

call our NEW ZEALAND

0800 121 068

Mon - Fri: 10am - 7pm NZST

AKL: 09 884 4440