Email spam and phishing

What is Spam?

Spam is electronic junk mail – unsolicited messages sent by email, text message or instant message without the recipient’s consent. Spam messages often contain offers of free goods or ‘prizes’, cheap products, promises of wealth or other similar offers. You might be asked to pay a joining fee, to buy something to ‘win’ a prize or to call or text a 190 telephone number (calls made to these numbers are charged at premium rates).

Do not respond to spam messages. If you receive a spam email, the best thing to do is delete it. Do not respond, attempt to unsubscribe, or call any telephone number listed in the email. Most importantly, do not send any money, credit card details or other personal details to the scammers. You should also report the spam message to the ACORN.

Sending spam emails for commercial purposes is an offence under Australian law. There are significant fines attached to this offence, of up to a maximum of $1.1 million for offending businesses. The Australian Communications and Media Authority (ACMA) enforces Australia’s anti-spam laws, and provides advice for businesses to avoid breaching these laws.

More information about unexpected prize or money scams (which are often contained in spam emails), can be found in Online scams or fraud.

Case study

Stephanie is a university student living in Cairns. She receives an email from an airline saying that she has won a $999 credit towards her next holiday. To redeem the credit, the email requests that Stephanie respond within the next 12 hours with her credit card details. She responds straight away, including her full name and credit card details. The next day, Stephanie notices that $1000 has been taken from her bank account.

Stephanie should immediately notify her bank, and should also report this to the ACORN.

What is Phishing?

Phishing is a way that criminals trick people into giving out their personal or financial details. Phishing messages often pretend to come from legitimate businesses, such as banks or telecommunications providers.

Do not respond to phishing messages. If you receive a phishing message the best thing to do is delete it. You should also report the phishing message to the ACORN.

Case study

Mark is 42 years old and lives in Adelaide. He receives an email from his bank which says his internet banking password needs to be changed. He clicks the link in the email and resets his password. The next day, he realises that the email was not actually from his bank. He checks his account and finds $1000 is missing.

In this case, Mark should immediately notify his bank. He should also report this to the ACORN.