Skip to Content

Change body font size

Inform | Mediate | Advocate

New types of scams

New types of scams that target small businesses include –


False Billing

False billing scams request you or your business to pay fake invoices for directory listings, advertising, domain name renewals or office supplies that you did not order. 

Your business might be sent an invoice, letter or invitation to be listed in a bogus trade directory or to renew your website domain name. Or the scammer might phone you out of the blue to confirm details of an advertisement booking or insist you've ordered certain goods or services. These scams take advantage of the fact the person handling the administrative duties for the business may not know whether any advertising or promotional activities have actually been requested.

Many email-based ransomware scams use fake bills as attachments to infect your computer. If you receive an unexpected bill from a utility provider, do not open the attachment. For more Information here

Overpayment Scams

Overpayment scams work by getting you to ‘refund’ a scammer who has sent you too much money for an item you are selling. 

If you are selling something online, as a business or through classifieds ads, you may be targeted by an overpayment scam.

The scammer will contact you, make you an offer—often quite generous—then make payment through credit card or cheque. They will be for an amount that is greater than the agreed price.

The scammer will contact you with an apology for the overpayment, offering a fake excuse. The scammer might tell you that the extra money was included to cover agent's fees or extra shipping costs. Or they may just say they simply made a mistake when writing the cheque.

The scammer will then ask you to refund the excess amount or they will ask for you to forward the amount through to a third party. They will ask for this to  through an online banking transfer, pre-loaded money card, or a wire transfer such as Western Union. You then discover that their cheque has bounced or the credit card had been a stolen or fake card.

A newer variation on this scam involves online sales, usually through classified sites, where the scammer pretends to have made a payment for a larger than agreed amount through services such as PayPal by sending a fake receipt of payment. The scammer will claim that the money is being held until you forward on the extra money.

If you send any money, you will not get it back. If you have already sent the 'sold' item you will lose this as well. At the very least, the scammer will have wasted your time and prevented you from accepting any legitimate offers on your sale. For more information here

Malware and Ransomware

Malware tricks you into installing software that allows scammers to access your files and track what you are doing, while ransomware demands payment to ‘unlock’ your computer or files. 


Malware scammers send emails and social media messages at random with links purporting to be on something topical—news, an event or something 'interesting'.

If you click on the link you may be taken to a fake website that looks like the real deal, complete with logos and branding of legitimate sites. In order to view the video, you will be asked to install some software, such as a ‘codec’, to be able to access the video format. If you download the software, your computer will be infected with malware (malicious software).

Another way of delivering a malware scam is through websites and pop-ups that offer 'free' file downloads, including music, movies and games, or free access to content, such as adult sites.

Malware scams work by installing software on your computer that allows scammers to access your files or watch what you are doing on your computer. Scammers use this information to steal your personal details and commit fraudulent activities. They may make unauthorised purchases on your credit card, or use your identity to open accounts such as banking, telephone or energy services. They might take out loans or carry out other illegal business under your name, or even sell your information to other scammers for further illegal use.


Ransomware is a type of malware that blocks or limits access to your computer or files, and demands a ransom be paid to the scammer for them to be unlocked.

Infected computers often display messages to convince you into paying the ransom. Scammers may pretend to be from the police and claim you have committed an illegal activity and must pay a fine, or they may simply demand payment for a 'key' to unlock your computer.

If you pay the ransom, there is no guarantee your computer will be unlocked. For more information here

Whaling and Spear Phishing

Whaling or spear phishing scams target businesses or organisations in an attempt to get confidential information for fraudulent purposes. 

Whaling and spear phishing scams differ from ordinary phishing scams in that they target businesses using information specific to the business that has been obtained elsewhere.

The scammer sends a personalised email to either a group of employees or a specific executive officer or senior manager.  The email is designed to look like it has been sent from a trustworthy source such as the employer or other staff members within the organisation.

The email addresses may look similar (but not identical) to frequently used email addresses. The subject of the email is usually about a fake ‘critical’ business matter, such as a legal subpoena  or a customer complaint.

The scammer’s aim is to convince you that the email requires urgent action by following a link to a fake website. When you visit the fake, but convincing website, it will ask you to do one or more of the following:

  • enter confidential company information and passwords
  • provide financial details or enter them when making a payment for a fake software download.

If financial details are provided, the scammer will use them to carry out fraudulent activities.

Alternatively, the email may ask you to download an attachment.  If you do, it will download malware onto your computer. Malware can record your key strokes, passwords and other company information, allowing the scammer to access it when you go online. For more information here

For other recent types of scams, click below on more information.

Online Shopping Scams

Online shopping scams involve scammers pretending to be legitimate online sellers, either with a fake website or a fake ad on a genuine retailer site. 

While many online sellers are legitimate, unfortunately scammers can use the anonymous nature of the internet to rip off unsuspecting shoppers.

Scammers use the latest technology to set up fake retailer websites that look like genuine online retail stores. They may use sophisticated designs and layouts, possibly stolen logos, and even a ‘’ domain name and stolen Australian Business Number (ABN).

Many of these websites offer luxury items such as popular brands of clothing, jewellery and electronics at very low prices. Sometimes you will receive the item you paid for but they will be fake, other times you will receive nothing at all.

The biggest tip-off that a retail website is a scam is the method of payment. Scammers will often ask you to pay using a money order, pre-loaded money card, or wire transfer, but if you send your money this way, it’s unlikely you will see it again or receive your purchased item.

A newer version of online shopping scams involves the use of social media platforms to set up fake online stores. They open the store for a short time, often selling fake branded clothing or jewellery. After making a number of sales, the stores disappear. They also use social media to advertise their fake website, so do not trust a site just because you have seen it advertised or shared on social media. The best way to detect an fake trader or social media online shopping scam is to search for reviews before purchasing. For more information here

Computer, Smartphone and Tablet Users Scam

This scam is where a scammer will call you claiming to be a technical support specialist, who informs you that your computer, smartphone or tablet has been compromised by malicious software. The 'technician' will claim to represent a reputable business such as Microsoft, Windows, Telstra or Bigpond. The 'technician' will ask you to provide them with remote access to your computer so that they can run a scan. If they claim that the virus is on your smartpone or tablet, they will ask you to connect the device to your computer so they can connect to it. Once connected the 'technician' will claim that your computer or device has been compromised and that it will need to be fixed on the spot for a fee. This fee will be for a one-off payment that will range from $100 to $300 for the installation of an ant-virus software. They will ask for payment via credit card or via direct debit from your bank account.

The ACCC reports that there has been a surge in complaints of scammers calling from Telstra advising of a risk to their internet being disconnected immediately as their computer has been hacked or infected with a malware that is threatening Telstra's infrastructure. SCAMwatch advise consumers to hang up immediately if they receive a call out of the blue from someone claiming there is a problem with their internet conncection or computer.

Investment Scams

Investment scams involve promises of big payouts, quick money or guaranteed returns. Always be suspicious of any investment opportunities that promise a high return with little or no risk – if it seems too good to be true, it probably is – and is highly likely to be a scam.

Australians lose more money to investment scams than any other. They can be hard to spot, so before investing always seek independent legal advice or financial advice from a financial advisor who is registered with ASIC. 

If you are considering investing, always remember to:

  • Check if a financial advisor is registered via the ASIC website. Any business or person that offers or advises you about financial products must hold an Australian Financial Services (AFS) licence.
  • Check ASIC's list of companies you should not deal with. If the company that contacted you is on the list – do not deal with them. But even if they are not on the list it could still be a scam.
  • The MoneySmart website also contains information about how to avoid investment scams.
  • Search for the company online plus “review”, “complaint” or “scam”.

For more information here


This information has been supplied by the ACCC.


Was this page useful to you?

Please include your contact details if you would like us to follow up with you on the issue you have raised. Thank You.