Impersonation scams have become a growing concern in our digital age. They can target anyone, any time of the day—and you’ll often never see them coming.
I’ve been reporting and commenting on consumer technology for over 15 years and in that time, I’ve seen us move from the threat of a virus infecting your computer, to the risk of a scammer tricking you into handing over money to them on a phone call, email, or SMS message.
Given that, I wanted to take this opportunity to share with you some tips and tricks to help you stay one step ahead of scammers.
What is an impersonation scam?
Impersonation scams involve fraudsters posing as someone else to deceive individuals. In the tech realm, this could mean scammers pretending to be from well-known tech companies, customer support representatives, or even friends and family. These scammers use various tactics to lure victims into their traps.
Recognising the signs
To protect yourself from impersonation scams, it's crucial to recognise the signs. Keep an eye out for:
- Whether you have an account with that company: Often, scammers will call you about a payment they claim you’ve made which needs verification. If you don’t have an account with that company, it’s a big red flag. Even if you do, a phone call about a suspicious “issue” with your membership or purchase you didn’t make could be an impersonation scam.
- Unsolicited communications: Be cautious if you receive unexpected emails, messages or calls, especially if they request personal or financial information.
- Urgent or high-pressure tactics: Scammers often create a sense of urgency, to pressure you to act quickly without time to think.
- Inconsistent information: Double-check for discrepancies in the communication, such as spelling errors, unfamiliar email addresses, or phone numbers that don't match the official contact details of the supposed sender.
Protecting personal information
Safeguarding your personal and financial information is paramount. Follow these best practices:
- Use strong, unique passwords: Ensure that your online accounts have distinct passwords to prevent unauthorised access. A strong password is normally a longer password, and contains a combination of letters, numbers and characters. My advice is to combine three normally unrelated words, along with a number and special character, to ensure it’s both strong and memorable.
- Enable two-factor authentication (2FA): Turn on 2FA wherever possible to add an extra layer of security to your accounts.
- Be cautious with sensitive data: Never share personal or financial information through unsolicited communication channels. Legitimate companies won't ask for this information via email or social media and almost never via the phone. Amazon, for example, will never ask you to provide payment information over the phone or by email; or for credit card information to verify your identity before helping with a customer service issue; or request that you purchase a gift card (or “verification cards”, as some scammers call them) for any service; or ask you to download or install any software.
Verify before trusting
Before trusting any offers or requests, take these steps:
- Verify the source: Independently verify the authenticity of the communication by cross-checking with official contact details provided on the company's website or app.
- Don't click on suspicious links: Avoid clicking on links or downloading attachments in unsolicited emails or messages.
- Trust your instincts: If something feels off or too good to be true, it probably is. Don't hesitate to question the legitimacy of any request.
To stay safe in the ever-evolving landscape of scams, consider the following:
- You might not normally read online stories about scams, or perhaps you ignore those emails and social media posts from internet security companies. Don’t. The articles we read that tell us about the latest trends in scams, or the new scams being discovered, help us stay aware of the threats around us. Likewise, internet security companies like Trend Micro or Norton will often send updates to their subscribers which offer alerts on the biggest threats of the day.
- Don’t rely on status updates or social media posts from your friends or family who might be sharing links or concerns about online scam activities. Often these are the very source of a scam trying to trick you into being scared.
Pause, don’t rush
No matter how troubling the call or email contents, don’t rush to act.
- The scammers want you to worry and be concerned enough to hand over your personal information, so don't act with urgency.
- Go back to our earlier tips and take your time to verify if this is legitimate.
- The time you take might just be enough to prevent you from falling victim.
Stay safe, and don’t be quiet
In the fast-paced world of consumer tech, and amidst the busyness of our lives, it's easy to overlook the threat of impersonation scams. However, being vigilant and well-informed is your best defense. By recognising the signs, protecting your personal information, verifying before trusting, and staying informed, you can navigate the digital landscape with confidence and avoid falling victim to impersonation scams.
As well as being safe and smart yourself, you should take the time to check in on your family—make sure this knowledge is shared and learned so more people have the tools to stay safe online.
If you receive communication—be it a call, text, or email—that you think may not be from Amazon, please report it to amazon.com.au/reportascam.
People who are not Amazon customers can still report a suspicious message to us at email@example.com.
This article was written and produced in collaboration with Trevor Long.