Cyber Security Awareness Month: Week 3 - Outsmart Scams, Think Before You Click, and Detect Deepfakes
Cyber Security Awareness Month: Week 3 - Outsmart Scams, Think Before You Click, and Detect Deepfakes
Why it matters
Scams are no longer just clumsy emails full of spelling mistakes. Today’s cybercriminals use AI‑powered tools to create convincing emails, text messages, phone calls, and even fake videos or voice recordings (“deepfakes”). These can be so realistic that they trick even the most cautious among us.
In 2024–25, Australians reported a cybercrime every six minutes, with millions of dollars lost to scams. The more realistic the scam, the more important it is to pause, verify, and protect yourself.
Protect yourself: Step‑by‑step review using the indicators
For situations involving unverified contacts, callers, or other unsolicited approaches.
- Pause before you act
- Email/SMS/Chat: Do not click links, open attachments, reply, or forward.
- Calls/Video: Do not share information, approve payments, or install software during the interaction.
- Scan for urgency or pressure
- Red flags: “Pay now,” “account will be closed,” “confirm within 2 hours,” “keep this confidential.”
- Action: Slow down. Scammers manufacture urgency to bypass your judgement.
- Check the source details
- Email:
- Sender domain: Hover the “From” address; look for misspellings or look‑alike domains (e.g.,
paypa1.com). - Links: Hover to reveal the true destination; it should exactly match the official domain.
- Sender domain: Hover the “From” address; look for misspellings or look‑alike domains (e.g.,
- SMS:
- Number: Random or international numbers, or messages that move a conversation from a verified thread to a new number.
- Links: Shortened or odd‑looking links.
- Call/Voicemail:
- Caller ID: Blocked, private, or spoofed to resemble a known organisation.
- Callback numbers: Don’t trust numbers given in the message; independently look up the official number.
- Video/Social:
- Account: Is it verified/official? New account? Low history?
- Context: Unexpected contact or off‑brand style.
- Email:
- Check the content carefully
- Language and tone: Generic greetings (“Dear Customer”), unusual phrasing, spelling errors, or a tone that doesn’t match previous messages.
- Requests: Passwords, PINs, MFA codes, remote access, gift cards, crypto, invoice changes, or bank detail changes.
- Attachments/links: Unexpected PDFs/ZIPs/Docs; URLs that don’t match the visible text.
- Deepfake clues (for video/voice): Lip‑sync lag, odd blinking, inconsistent lighting/shadows, audio glitches or robotic tone, sudden uncharacteristic behaviour.
- Verify independently (second channel)
- Contact the organisation or person using a number/address you find yourself (official website, saved contact, past invoice). Not the details in the message.
- Cross‑check: Search exact phrases online; many scam templates are widely reported.
- Workplace: Follow your internal verification and reporting process.
- Decide and act
- Safe: No red flags and verification checks out > proceed as normal.
- Suspicious: One or two red flags > do not interact! Verify further or ask IT/Security, contact company through offical means.
- Malicious: Multiple red flags or failed verification > report using the tools below, then delete/block.
- Report and remove
- Use built‑in reporting: Outlook/Gmail phishing report; forward SMS to 7226 (Telstra).
- Report officially: Lodge a report at ReportCyber.
- Then: Delete the message, block the sender, and, if at work, notify your security team.
Pro tips
- Type, don’t tap: For banking/government/work, manually type the website or search with Google/Bing instead of using links in the message.
- MFA code rule: Never share MFA codes or approve prompts you did not initiate.
- Screenshots: Report messages with your phish report button to your security team, or capture evidence before deleting to aid reporting and training with screenshots.
Top indicators of phishing attempts
| Indicator | What it looks like | Why it’s suspicious | What to do |
|---|---|---|---|
| Urgency or threats | “Your account will be closed in 24 hours” / “Pay now to avoid legal action” | Designed to make you panic and act without thinking | Pause; verify via official contact channels |
| Unfamiliar or altered sender address | support@paypa1.com vs support@paypal.com | Look‑alike domains trick you into trusting the sender | Hover to reveal the true domain; compare with official site |
| Generic greetings | “Dear Customer” | Legit organisations usually use your name | Treat as a red flag and verify |
| Unexpected attachments or links | Random PDFs/ZIPs/Docs or “View invoice” links | Malware or credential‑harvesting pages | Don’t open; confirm with the sender first |
| Spelling/formatting errors | Awkward phrasing, mixed fonts | Common in mass scams or poor translations | Combine with other signs; do not rely on this alone |
| Mismatched URLs | Text shows www.bank.com but hover shows bank-login-secure.com | Visible link differs from the destination | Type the address manually instead |
| Requests for sensitive info | Passwords, PINs, MFA codes, ID scans | Legit orgs won’t ask via email/SMS | Report to ReportCyber and delete |
Top indicators of deepfakes
| Indicator | What it looks like | Why it’s suspicious | What to do |
|---|---|---|---|
| Lip‑sync mismatch | Mouth slightly out of sync with speech | Imperfect alignment gives fakes away | Request a follow‑up call/meeting on a known channel |
| Unnatural blinking/expressions | Too much/little blinking; stiff micro‑movements | Models miss natural facial cues | Compare with known genuine footage |
| Weird lighting/shadows | Inconsistent shadows or light direction | AI struggles with realistic light physics | Inspect multiple frames for consistency |
| Audio glitches/robotic tone | Distortion, flat intonation, odd pauses | Voice cloning artifacts | Verify using a known phone number |
| Sudden tone/behaviour change | Unusual urgency or phrasing from a known contact | Possible impersonation | Cross‑check via a second channel |
| No verifiable contact | No matching phone/email on official sites | Avoids traceable channels | Independently look up contact details |
Top tools to report and block phishing
| Tool | What it does | How to use it |
|---|---|---|
| ReportCyber (Australian Government) | Report cybercrime including phishing/scams/ID theft | Visit https://www.cyber.gov.au/report > select type > submit > keep reference number |
| Outlook “Report Phishing” | Sends to Microsoft or your Security Team. Helps protect other users | Select email > Report > Phishing |
| Gmail “Report phishing” | Alerts Google to block similar emails globally | Open email > ⋮ More > Report phishing |
| SMS to 7226 (Telstra) | Reports scam texts to your mobile provider for blocking | Forward the suspicious SMS to 7226 (free on most networks) |
Tip: Report fast. Quick reporting helps providers & Security Teams block campaigns for everyone.
Not every message is what it seems.
Pause. Check. Protect.
This post is licensed under CC BY 4.0 by the author.