Don’t Get Scammed Over the Holiday Season


As the holiday season approaches, it’s essential to stay vigilant and protect yourself from the increasing frequency of scams that tend to prey on the festive spirit. Reports of scams have surged from clients, staff, and associates, prompting a call for heightened awareness and caution. The Australian Cyber Security Centre (ACSC) issues a warning, emphasising the need to be cautious during this time when scammers exploit special occasions to deceive people and compromise their finances or personal information. 

In this article, we share valuable insights and recommendations from the ACSC, the Australian Taxation Office (ATO), and Scamwatch to help you safeguard against scams and fraudulent activities. From online shopping security to tax-related scams, we’ve compiled essential tips to ensure you have a secure and scam-free holiday season. Read on to discover how to shop safely online, protect your personal information, and stay alert to potential scams during this festive time. 

The Australian Cyber Security Centre (ACSC) on their website are warning people to be careful about being caught out during the holiday season, when scammers are expected to try to “take advantage of special days and major events to fleece people of their money or personal information”. 

They suggest five steps you can take to stay secure while shopping online. 

  • Shop using secure devices.  Make sure the device you use has all the latest updates loaded and is connected to a trusted network (avoid public wifi). 
  • Protect your payment information and accounts.  Avoid saving payment information such as credit card details to online shopping accounts.  Enable multi-factor authentication for any logins which store or give access to payment methods. 
  • Use trusted sellers.  Research online shopping websites before you buy or stick to well known sites or brands.  Ensure well know brands or sites are not being impersonated.   Be careful following Ad links from Google searches.  These have been used to direct unwary users to fake shopping and online banking websites. 
  • Use secure payment methods.  Pay by credit or even better PayPal to help you minimise the risk of your information being compromised. 
  • Watch out for fake delivery scams.  While waiting for goods to arrive be careful not to mistake fake delivery SMS or email messages for real updates.   Often these will direct you to fake web sites which will harvest your login information or personal details. 

The ATO also continue to warn of scams, and have a webpage dedicated to providing alerts on scams in relation to tax matters, such as ATO and tax agent impersonation.  A recent scam involves the scammers emailing ATO clients advising them to update their multifactor authentication on their ATO account.  The scam email includes a (fake) QR code which takes users to a fake myGov sign in page, designed to steal your myGov sign in details. 

The ATO recommend you phone their office on 1800 008 540 if you are in doubt about contact from someone claiming to be from the ATO. Alternatively, if you could ask the caller to contact your tax agent.  If they are legitimate, they will call us and we will attend to the matter on your behalf. 

Scamwatch offer some suggestions on how to protect yourself from scams. These include: 

  • Be alert to the fact that scams exist, so always consider the possibility that an uninvited approach by phone or email could be a scam. 
  • Know who you’re dealing with by doing a little research. If a message or email comes from someone you know, but it seems unusual or out of character for them, contact them directly to confirm that it really came from them. 
  • Don’t open suspicious texts, and don’t click links or attachments in emails. 
  • Never respond to phone calls about your computer asking for remote access. Scammers often pretend to be from organisations like Telstra or Microsoft,  
    and attempt to convince you to give them access to a computer to “fix an issue they have identified”. 
  • Keep your personal details secure. Scammers can use information they collect to create a fake identity or to target you with a scam, so keep your mailbox locked, shred bills and other documents, and keep your passwords secure (you might want to use an electronic solution for this, such as Lastpass). 
  • Review your privacy and security settings on social media. 

To help avoid taking calls from known scammers, you could also consider installing an app like hiya on your phone.  It’s not perfect but will often identify and block known scam calls, so you don’t need to waste time on them. 

Kreston Stanley Williamson

*Correct as of 28 November 2023

*Disclaimer – this article has been produced by Kreston Stanley Williamson as a service to its clients and associates. The information contained in the article is for general comment only and is not intended to be advice on any particular matter. Before acting on any areas contained in this article, it is imperative you seek specific advice relating to your particular circumstances. Liability is limited by a scheme approved under professional standards legislation.

Read Other Articles

Pin It on Pinterest