Beware of scammers this holiday season

Technology Insights

Beware of Christmas Scammer

The run up to Christmas is a lucrative period for retailers, as people look to stock up with promotional offers that coincide with Black Friday and Cyber Monday. AUD $28.09 bn of goods were purchased in 2019. All that money changing hands now puts the scammers back on the horizon, where theyChristmas Scam target online shoppers with fraudulent emails and fake sites.

Scamwatch has received over 12,000 reports of online shopping scams so far this year (increased by 42% YoY) with almost $7m in reported losses.

How to protect yourself while still taking advantage of online deals

1-numbered.pngNever click on a suspicious link or file as the scammers impersonate legitimate retailers to trick you into installing malware or stealing credentials. Go directly to the retailer’s website to verify the deal, especially those which are too good to be true!

2-numbered-blue-40.pngLook for the padlock on the website URL which appears typically to the left in the address bar. No lock is a major red flag, as attackers can steal information from insecure websites.

3-numbered.pngNever share your credentials or personal details with untrusted sources, such as mother’s maiden name, make or model of your first car. This can be later used to guess your password and steal your identity or money.

4-numbered-blue-40.pngAvoid online shopping on public Wi-Fi as these can be intercepted by the attackers to monitor your transactions or worse steal your banking credentials.

5-numbered.pngBeware of unusual QR codes as cyber criminals can create malicious QR codes to redirect users to fake websites, steal personal data or to install malware on personal devices. Use QR code payments only if you fully trust the vendor. Never scan random QR codes and steer clear from QR code websites that ask for sensitive information.

6-numbered-blue-40.pngCheck your bank statements regularly and set-up alerts to spot scams. Use credit cards for purchases, as you can dispute fraudulent or suspicious transactions.

7-numbered.pngEnable two-factor authentication to approve payments from your bank account.


What to do if you are scammed

  1. Contact your bank and dispute the transaction
  2. Reset your banking, email account and other impacted online passwords
  3. Report the scam using the relevant resources:

Reporting of child cyberbullying, image-based abuse and illegal or harmful online content

Reporting of cybercrime or identity theft

Reporting a scam

Help with identity theft and related issues or call 1800 595 160

Help with financial and investment scams

For scams and identity theft linked to myGov accounts (Centrelink, Medicare, Child Support)

Call the Services Australia - Scams and Identity Theft Helpdesk on 1800 941 126

Or visit

Report fraud and theft to the Police Assistance Line

Call 131 444

Verify or report a scam to the Australian Tax Office

Please feel free to share these tips with your family members and friends to keep them safe on the internet.

If you have queries about this article, please contact your local RSM adviser.


Darren Booth
National Head of Cyber Security and Privacy Risk Services

Subscribe to Risk Insider to stay up to date with the latest in Technology, Fraud and Security.