Once scammers have hacked your computer or mobile device they can access your personal information, change your passwords, and restrict access to your system. They can use this information to commit fraudulent activities, such as identity theft, or to get access to your banking and credit card details. They might also get access to your banking details or take over your accounts.

On this page

Warning signs it might be a scam

  • You can't log in to your computer or mobile, or your email, social media and other online accounts.
  • You don’t receive expected payments into your bank account such as Centrelink payments.
  • You’re notified that your ATO refund was paid but you didn’t receive it. 
  • Your phone loses service and goes into SOS mode.
  • Unexpected contact from your phone provider about your number changing.
  • New icons appear on your computer screen.
  • Files on your computer have been moved or deleted.
  • Pop-up boxes start appearing on your computer screen. 
  • Someone contacts you and asks you to buy software or sign up to a service.
  • Unusual activity in your accounts. 

Protect yourself

  • Use multi-factor authentication when you can. 
  • Always keep your computer security up to date with anti-virus and anti-spyware software, and a good firewall. Only buy a computer and anti-virus software from a reputable source.
  • Use your security software to run a virus check if you think your computer’s security has been compromised. If you still have doubts, contact your anti-virus software provider or a computer specialist.
  • Secure your networks and devices, and avoid using public computers or WiFi hotspots to access or provide personal information.
  • Choose passwords or passphrases and PINs that would be difficult for others to guess, and update them regularly. Do not save them on your phone or computer.
  • Do not open attachments or click on links in emails or social media messages unless you are sure it is from someone you trust.
  • Be wary of free downloads and website access, such as music, games, movies and adult sites. They may install harmful programs onto your device without you knowing.
  • Keep your personal information secure and be mindful of what you share on social media.  Do not use software that auto-completes online forms.
  • Reach out to IDCARE for free advice and support in dealing with identity theft.
  • Delete the remote access software from your device. Check to see if the scammer has added any additional malware to your device by using antivirus software. Often scammers will leave a ‘back door’ to gain access to your device again.
  • If your myGov account has been compromised contact the Services Australia Scams and Identity Theft Helpdesk on 1800 941 126 between Monday to Friday, 8 am to 5 pm AEDT.
  • To learn more about how to best protect yourself online including how to secure your accounts, devices, and email, visit the Australian Cyber Security Centre.

Types of account or identity takeover scams

Hacking

Hacking occurs when a scammer gains unauthorised access to your personal information by using technology to break into your computer, mobile device or network. 

Scammers can exploit security weaknesses like reused and easily guessed passwords, out of date anti-virus software, and unsecured WiFi and Bluetooth connections.

Malware manipulates you into installing software that allows scammers to access your files and track what you are doing. Ransomware demands payment to 'unlock' your computer or files.

Identity theft

Identity theft occurs when someone’s identity has been compromised. It is fraud that involves using someone else’s personal information to steal money or gain other benefits. 

Identity theft often begins with phishing attempts or information stolen from data breaches. Scammers misuse the victim’s identity information. This allows them to change passwords and gain access to accounts.

Phone porting is a common example of identity theft. Scammers collect your personal information through phishing, data breaches, or social media. They then use that information to impersonate you and contact your mobile provider requesting to ’port’ or transfer your number to a new SIM that they control. Once ported, all calls and messages including 2 factor authentication like bank SMS codes and one-time-pins, go to the scammer. Scammers can then log into your bank, email, superannuation, and other accounts to change details and divert funds. 

To learn about how myGov scams can lead to identity theft and how to protect yourself, visit Services Australia

Remote access 

Scammers impersonate a telecommunications or computer company, or a technical support service provider. They try to convince you that you have a computer or internet problem and that you need to buy new software to fix the problem.

The caller will request remote access to your device to ‘find out what the problem is’. The scammer may try to talk you into buying unnecessary software or a service to ‘fix’ the computer, or they may ask you for your personal details and your bank or credit card details.

Once a scammer gains remote access to your device, they can control your screen and access any files located on your device or any apps you may have open.

Think you've been scammed?

  1. Act fast to stop any further losses

    Contact your bank or card provider immediately to report the scam. Ask them to stop any transactions.

    Change passwords on all your devices and online accounts like banking, email, government and shopping.

  2. Get help to recover

    IDCARE is Australia and New Zealand’s national identity and cyber support service. They can help you make a plan (for free) to limit the damage. Call them on 1800 595 160 or visit their website to find out more.

  3. Report the scam

    Once you have secured your details, you can help us try to stop the scam or to warn others by reporting the scam to us.

Find out more about what to do if you've been scammed