Protect yourself from impersonation scams

Man looking at his phone crossing the street

Learn how to spot an impersonation scam - and how to avoid them

Impersonation scams are on the rise in Australia. In 2022, Scamwatch reported that $169 million was lost to impersonation scams – a figure expected to rise in 2023.

We’ve put together a guide to help you get clued up on this particular type of scam, and provide you with the knowledge to help prevent this happening to you.

What is an impersonation scam?

These scams often begin with a phone call, text message or email that appears to be from a trusted organisation. You’re convinced to make a payment or give personal and/or financial details to someone claiming to be from an organisation you trust.

Scammers will give you a fake but believable story about an issue with your bank account, a regular payment, a government benefit, or a fine that they tell you needs paying.

The scammers will use ways to make their calls or text messages seem legitimate by having them appear in the same thread as genuine messages from the company they say they’re contacting you from (known as spoofing). In some cases criminals will even send couriers to collect your cards, PINs or valuable items in person.

The scammer’s goal is to convince you to make a payment or give personal and/or financial details to someone you’ve been tricked into believing is from an organisation you trust.

These scams are based on threats and intimidation tactics, so you should report any concerns immediately to the police and your bank.

How to spot an impersonation scam

There are several red flags of an impersonation scam that we’ve listed below to help you better protect yourself. Please be wary if any of the following happens:

  • You receive a phone call, text message or email out of the blue requesting for your personal and/or financial information, to make a payment or move money.
  • You’re asked to act immediately, sometimes with the claim that “your money is at risk” or “your account will be blocked” or “there are suspicious transactions on your account”. You are threatened that if you don’t act immediately, you may be arrested or face the prospect of losing all your money.
  • The sender’s email address is similar, but ever so slightly different to that of the genuine organisation.
  • The caller will ask you to transfer money to another account for ‘safe-keeping’ or for you to buy high value goods/vouchers to cover the cost of fines.
  • You are asked for personal details and your bank or credit card details.
  • The caller is very persistent and may become abusive or threatening.

Tips to protect yourself from impersonation scams

  • Never give your personal, credit card or online account details over the phone unless you made the call and the phone number came from a trusted source – like the organisation’s official website.
  • If you receive a phone call out of the blue about your bank account, government benefit or a tax debt – hang up – even if they mention a well-known company such as Heritage, Telstra or the ATO. Locate the organisation's contact number, often available on their website, and call that organisation directly to verify their claim. Never use the contact details from the call or text message you received.
  • Remember that you can still receive scam calls even if you have a private number or have listed your number on the Australian Government’s Do Not Call Register. Scammers can obtain your number fraudulently.
  • If you have fallen victim to a scam, or you receive a lot of unsolicited emails and phone calls, consider changing your email address and phone number.

How to know if Heritage is contacting you legitimately

Heritage will never contact you to request your login passwords, one-time passwords (OTP), card, or account details. We may ask security questions to verify your identity.

If you have been contacted or are concerned about your privacy, please call us directly on 13 14 22 or visit a branch. Please be aware that if you share your banking passcodes with anyone, you may fail to meet our passcode security requirements, which could result in you being liable for losses arising from unauthorised transactions on your account. We will never ask for sensitive information via text message, such as an access code, OTP or Internet Banking password.

How to report a scam

If you think you have been a victim of a scam it’s important to call Heritage on 13 14 22 (available 24/7) promptly to limit the amount of unauthorised transactions on your account. We can also see if the transactions can be reversed or disputed. If you are overseas please call +61 7 4694 9000. DO NOT make further payments to the scammer.

Please ensure you change your passwords to secure your account and report the scam to ACCC ( via the report a scam page. For more information on how to protect yourself from scam visit the Scamwatch website (

If a scammer has accessed your computer remotely you should have your computer professionally cleaned by a reputable technician to ensure there is no malware on your system.

More online security tips from Heritage are available here.


Related tips 

Scam alerts & fraud protection
Fight scammers with our help. Learn how we protect you from fraud and become savvy at identifying scams with our help guides and security tips.
How to avoid investment scams
Investment scams cost Australians hundreds of millions of dollars each year and research from the Customer Owned Banking Association reveals that both novice and experienced investors may fall vulnerable. So, how do you avoid investment scams in Australia?
Improve online payment security with PayID
Did you know that you can use PayID to reduce your chances of falling victim to a scam? Here's why.

Related products

Was this helpful?