"May I steal your bank account details, please?" We would all know exactly how to respond to such a question no matter how genuine or polite the caller sounded.
"When the same question is disguised in 'phishing' emails or calls, however, many consumers fall 'hook, line and sinker' ", ACCC Deputy Chair and Chair of the Australasian Consumer Fraud Taskforce, Ms Louise Sylvan, said today.
"This particular scam is so successful because the scamsters use important trigger words and phrases like 'WARNING - Security breach of your account', or 'Account Verification Required', 'Account Suspended' and 'Billing Error'", she said.
"These words are carefully chosen to elicit one particular response – for the consumer to open the email and respond immediately without pausing to think".
The Australian Competition and Consumer Commission has renewed calls for consumers to take precautions against phishing as part of a four week campaign by the Australasian Consumer Fraud Taskforce* to help people protect themselves from scams.
"Phishing isn't new", Ms Sylvan said. "What is new is the intensity and technical sophistication. These scams not only trick people into disclosing personal details such as PINs and passwords, but even clicking on the email link can upload dangerous code onto the consumer's computer which is designed to capture personal information.
"Scamsters are also using 'spoofed' websites that look totally authentic, making their whole package seem genuine and urgent to people", she said. "And it is important to note that phishing emails or calls do not only appear to come from banks or other financial institutions. Online auctions have been another target.
"The consumer is a frontline defence against a phishing scams - the best protection against scammers is to hit the delete key or hang up!
Ms Sylvan welcomed the extensive private sector work in alerting consumers to phishing.
"As Chair of the Australian Consumer Fraud Taskforce, I wish particularly to commend the private sector not only for their support for the Taskforce but also for the excellent initiative of the banks and credit unions in undertaking 'to never send customers an email requesting personal security details'. This clear message will help ensure that email phishing in Australia is killed off".