Latest News & Alerts:Cyber Month 2025: Don’t Leave Cyber Resilience in the “Tomorrow Basket” 

Looks Real. Sounds Real. Isn’t.

The Cyber Sushi


(serving up the cold facts, with some phish bytes)

 

Welcome back! Here's what we are covering in this issue:

  • Looks Real. Sounds Real. Isn’t.
  • IDCARE Wins Community Education Program of the Year!
  • Behind the Mask: New and Trending Scams
  • Ask Dr Lacey: "Can I get a virus from clicking a link?"

Looks Real. Sounds Real. Isn’t.

Deepfake technology — realistic but fake videos, voices, and images — is changing the way scammers operate.

These tools let offenders convincingly imitate real people, using familiar faces or voices to gain trust, cause harm, or steal money and information.

How deepfakes are being used
Business scams
Criminals clone the voice or image of company leaders to request payments or sensitive information. These scams can bypass even experienced staff who think they’re speaking to someone they know.

Investment scams
Deepfake videos of well-known figures are being used to promote fake investment platforms. This gives false credibility to scams that can lead to significant losses.

Relationship and extortion scams
Offenders create deepfake photos or videos to build trust or pressure someone emotionally, then use that material to demand money or silence.

“Hi Mum” scams – evolving with technology
The long-running “Hi Mum” text scam has taken on a new layer.
Some reports now involve voice cloning, where scammers copy a loved one’s voice to make the story sound genuine — for example, saying they’ve lost their phone and need urgent help.

"There was a lot of normal chit chat too, I even queried the account name it was being paid into, and he gave me a believable answer!
It sounded so like my son."


Why this matters
Deepfakes make scams far more convincing because they look and sound real. They target relationships, trust, and authority — not carelessness.
As the technology becomes cheaper and easier to use, spotting what’s genuine is becoming increasingly difficult.

How to protect yourself
To protect yourself from deepfake scams, always verify any unexpected or unusual requests using a trusted method — such as calling a known number or asking a personal question only your real contact would know. Be cautious about what you share online, as scammers can use publicly available videos or voice recordings to create convincing fakes. If someone contacts you urgently asking for money or personal information, take a moment to pause and confirm their identity before responding. Consider setting up a secret family code or password that only your close contacts know, so you can quickly verify genuine communications. If you’re worried about possible deepfake misuse or other scams, contact IDCARE for free and confidential advice and support.

 

IDCARE Wins Community Education Program of the Year!

We’re excited to share that IDCARE has won the Community Education Program of the Year at the 2025 Australian Information Security Association (AISA) Cyber Security Awards!

This award recognises the incredible impact of our Cyber Resilience Outreach Clinics (CROC) over the past four years — delivering more than 250 clinics across every state and territory and engaging with over 18,000 individuals to help communities, councils, and small businesses strengthen their cyber resilience.

A huge thank you to our amazing sponsors, and the many community groups, councils, police stations, local radio stations, and MPs who have partnered with us along the way.

This recognition is a proud moment for everyone who’s helped make CROC a success and strengthened cyber safety across Australia.

Behind the mask: The Guide to New and Trending Scams

Facebook Marketplace Scams
It’s not uncommon to see an increase in online shopping scams during busy periods such as Halloween, Black Friday, Christmas, or major sporting events. Scammers take advantage of these times, knowing that more people will be purchasing tickets or goods online.

Facebook Marketplace continues to be a hotspot for these types of scams, with scammers using manipulation tactics to gain funds. Common techniques include:

  • Requesting a deposit to “secure” an item due to supposed high interest from other buyers.
  • Sending images of a driver licence or other identity documents to appear genuine.
  • Claiming there was an error with payment or that their bank account has an issue and asking for the payment to be resent to another account.


Our Tips:

  1. Use secure payment options like PayPal or credit cards with buyer protection.
  2. Avoid paying deposits before seeing the item in person.
  3. Be cautious of bargains that seem too good to be true — they often are.
  4. Check seller profiles for signs of legitimacy, such as account history and reviews.

Ask Dr Lacey: "Can I get a virus from clicking a link?"


Have a Scam, Identity, or Cyber-Related Question? Ask Dr. David Lacey!
 
Having dealt with countless cases of scams, identity theft, and cybercrime, Dr. David Lacey is one of Australia’s most respected experts in the field. He is highly sought after by both government and industry for his unique insights into the online criminal environment. In this edition of The Cyber Sushi, Dr. Lacey is inviting you to submit your questions – and we (the Cyber Sushi team) will answer them. Send your questions to [email protected].

Our question today comes from James

Hi Dr Lacey,

Can I get a virus from clicking a link?


Answer:

Hi James,

Thanks for asking— that’s a question we hear often! The short answer is yes, it’s possible, but it depends on what happens after you click. Not every link is dangerous, but some can lead you to websites or downloads designed to infect your device or steal your information.

Here’s what to keep in mind:
Malicious websites – Some links take you to fake sites that try to install harmful software or deceive you into giving away your details. Just visiting the wrong site can sometimes trigger a download in the background.

Attachments and downloads – Links in emails or messages that lead you to download a ‘document’, ‘invoice’, or ‘update’ are often traps. These files can contain malware, ransomware, or spyware.

Pop-ups and fake alerts – If you click a link and see sudden pop-ups warning that your device is ‘infected’ or asking you to call a number for support, close the page immediately. These are scams designed to scare you into acting quickly.

Safe clicking habits

  • Hover over links before clicking to preview where they lead.
  • Avoid links from unknown senders or suspicious-looking messages.
  • Keep your antivirus and software up to date — it can help block unsafe sites.
  • When in doubt, go directly to the website by typing the address yourself.


So yes, a single click can lead to trouble, but cautious habits and good security tools go a long way in keeping you safe online.

Kind regards,
The Cyber Sushi Team

SUBSCRIBE TO OUR NEWSLETTER
BACK TO NEWSLETTERS

Join the global list of organisations making a real difference in people’s lives by supporting our service.

SBS Bank
HSBC
ANZ
Department of home affairs
Queensland Government
Curtin University
Suncorp
Powercor Australia
ING
Regional Australia Bank
SA Power Networks
Culture Amp
AMP
Mercy Health
Queensland Country Bank
Sportsbet
NGM Group
City of Goldcoast
ConnectID
TPG
Western Sydney University
BOQ
Department of Premiere and Cabinet off of Digital Government
ABC
Coles
REA Group
Equip Super
Return to Work SA
Urban Utilities
BUMA
Transurban
Westpac
Internal Affairs
Allianz
Commonwealth Bank
Bupa
Services Australia
Qantas
NAB
Australia Post
Victoria State Government
NBN
NDIS
BNZ
Kiwi Bank
Tasmanian Government
Telstra
Coastline
Woolworths Group
Beyond Bank
Origin
UTS
Makesure
Australian Super
Australia Post
Urban Utilities
Vocus
Brisbane City Council

Contact

1800 595 160‍
Get help
Follow us
FacebookXLinkedInYouTube
X

Copyright © 2025, IDCARE. All Rights Reserved.

ABN 84 164 038 966