In an age where misinformation and deepfakes blur the lines between fact and fiction, identifying scams has never been more challenging.
Gone are the days when most of us were reasonably certain we could spot a ‘Nigerian Prince’ suggesting we were his long-lost relative, and unfortunately falling for a scam can have devastating social, financial, and personal consequences.
Over the past year, victims of cybercrime reported losing an average of $30,700 per incident. You might think you have nothing valuable for a hacker to steal, yet Identity fraud alone can damage professional relationships and reputation with financial services.
As technology becomes more integral to our daily lives, how can we protect ourselves and those we care about from these cyber threats? Here are five tips from the experts at the CSIRO:
1) Have a family safe word
Scammers are increasingly using texts, calls and even video to impersonate loved ones and request money. With AI voice cloning on the rise, these schemes are becoming more and more believable.
CSIRO’s Chief Information Security Officer Jamie Rossato advises setting up a pre-agreed safe word to verify who you’re speaking to. This word should remain private and not be easily discovered through social media or other online sources.
“Use this proactively, rather than waiting until you are suspicious,” Jamie said.
“If my children asked me for money, unless they said our special safe word, I would never transfer funds to them.”
2) Don’t be afraid to hang up
With advances in voice-spoofing technology, fraudsters can convincingly mimic organisations like banks to steal money. Lauren Ferro, Human-centric Security Research Scientist with CSIRO’s Data61 team, recommends verifying caller identities before sharing any information.
“If something seems a bit off, hang up and call the organisation directly using their official number, or go and visit them in person,” Lauren advised.
“They would prefer you to be cautious. It's far easier to address concerns up front that to recover stolen money or repair reputational damage later."
3) Enable multi-factor authentication
Identity fraud is the most common self-reported cybercrime this year, making it crucial to protect personal data online. For example, private or sensitive information stored with Medicare and government accounts.
One effective method to protect your account is enabling multi-factor authentication (MFA) to log in. MFA requires a password and a one-time verification code. Often this is sent as a text message, but Jamie suggests using authentication apps like Microsoft Authenticator for added security.
“One of the benefits of app-based authenticators is they often use biometric controls, such as face ID or thumbprints to get into the app, before you get to the actual code itself,” Jamie explained.
“This creates an extra layer of protection beyond SMS codes.”
4) Turn on banking push notifications
With most people using card and online payments, staying informed about your transactions can help you detect scams. While banks monitor suspicious activity, scammers can bypass these measures by mimicking your usual spending patterns.
Enabling real-time notifications through your banking app allows you to track transactions immediately, adding another layer of security.
5) Be aware of what you are sharing online
Most of us have an online and social media presence, but the photos, videos and information we share can be exploited. These assets can train deepfakes, which, once created and shared, are difficult to detect and remove. Always be mindful of what you share online and who can access it. This is especially critical for children.
Ultimately, awareness and proactive protection are key to staying safe online. Educating yourself about cybersecurity is your first line of defence against scams, the CSIRO team advises.