Can you pick a scam?

Get a step ahead of fraudsters. Test yourself to see if you can pick a scam.

Fraudsters are always thinking up new (and creative!) ways to trick you into clicking on phishing links and obtaining your personal information. It's no cause for alarm, but it is a case to be prepared!

The best way to prepare yourself for identifying a scam email or SMS is to be aware of some of the common red flags of a scamTo help you, we've created some pretend scams and compared them to legitimate Heritage Bank email and SMS. Can you pick which ones are a scam? 

Can you pick an email scam? Choose A or B.

A

Scam email - Can you pick a scam? 

B

Scam email - Can you pick a scam?

ANSWER: Which email is a scam and why...

If you chose B then you're correct! Here are the red flags in this email: 

The 'From' email address

The email may look like it's coming from Heritage Bank but has an odd 'from' email address: alert.heritage@server231.com.au. Legitimate communications from Heritage Bank are sent from emails ending in @heritage.com.au such as 'info@heritage.com.au'. We may also occasionally request third parties to complete customer surveys on our behalf, but this will always be made clear in the email.

The email was sent to multiple people

This is shown in the spam email by the To: ...... more text. Fraudsters may send out bulk fraud emails at once and sometimes this will show in the email you receive.

There is a threat to act quickly

Scams may include a push to act quickly, including a threat that your account may be locked or frozen if you don't take action. Heritage will never send you an email requesting the disclosure of any personal security details such as your PIN, online banking passwords or credit card details. 

The button may be hiding a suspicious link

At Heritage, we sometimes use buttons and links in our emails to link you to more information or to a form to complete. However buttons can also allow fraudsters to hide suspicious links. If you click on a button in a scam email, you could get sent to a phishing web page set up to mimic the organisation emailing you. It could even download a virus onto your computer. If you see a button in an email, always hover over it first to see where the link is going before clicking. Remember if you're ever unsure, don't click the link!

There are grammar issues

While organisations may make spelling mistakes from time to time, grammar issues can be a clear red flag that the sender is pretending to be someone they aren't. In this example a lot of commas were used instead of full stops. 


Note: 
We included our old logo in this pretend scam, but this may not necessarily be a red flag! You may still notice our old logo on communications and brochures from time to time as we're in a transition phase to our new design. 

Can you pick an SMS scam? Choose A or B.

A

Scam SMS - Can you pick a scam? 

B

Scam SMS - Can you pick a scam? 

ANSWER: Which SMS is a scam and why...

If you chose A then you're correct! Here are the red flags in this SMS: 

It's not specific to your account

The message may look like it's coming from Heritage Bank but the information in it is generic and may not relate specifically to your account. Especially if you don't have a credit card!

There is a threat to act quickly

This scam includes a push to act quickly, including a threat that your account may be blocked if you don't take action.

There is a request to confirm identifying information 

The sender wants you to click on a link to go to a web page to confirm your information. Remember, at times Heritage may prompt you to update your contact details online or activate a new card, but we will never send you a message requesting the disclosure of any personal security details such as your PIN, online banking passwords or credit card details.  

The examples included in this article have been created to help you understand some common red flags in scam emails and SMS. They may not include every red flag and scammers may change their tactics over time.

If you're ever unsure about whether an SMS, email or phone call is legitimate, check directly with the organisation using contact details that you find yourself online or by talking to their local office.

View our latest security alerts page and visit our security and scam help and guidance hub for more helpful tips and tricks.

Share this