Be aware of coronavirus (COVID-19) scams

Unfortunately, scammers are taking advantage of the spread of coronavirus (COVID-19) to exploit and play on the fears of businesses and consumers across Australia. It is very difficult at times to know what communication is official.

Cybercriminals are using websites, emails and text messages that claim to provide official information about the coronavirus, but are attempts to get your personal or business information.

Scammers are impersonating, by phone, email and text messages a range of official Australian and international organisations such as the Department of Health and the World Health Organisation, other government authorities and legitimate businesses, including:

  • financial institutions
  • travel agents
  • telecommunications companies

It is important to stay informed, not alarmed. You learn more and stay-up-to-date about COVID-19 scams:

Your business holds sensitive data and information that cyber criminals would love to access. Criminals are creative and constantly develop new ways to gain access to this data and information, regardless if it’s sent through emails or stored on your hard drive.

Learn to recognise common online scams such as phishing, pharming, and malware to avoid getting caught out.


Phishing are fake messages to trick you into giving out your private personal, commercial or financial details. Some messages may look real, by using company logos and branding, and linking to authentic looking websites. Phishing messages are common scams that you receive by email, text message, social media or over the phone.

You and your staff should never respond to unknown messages requesting personal information, or click on links to unknown sources. It’s important that you and your employees know how to identify scams. Look out for:

  • the sender – check to see if the email is from someone you know
  • the domain name of email address – check the domain name (after the @ symbol, e.g is genuine. Criminals can use very similar or deceptive domain names
  • messages asking you to open an unknown or suspicious attachment, picture or link
    • TIP: you can hover your mouse cursor over a link or picture to see where you will be redirected – if it looks suspicious, is too long, or you’re unsure, don’t click it.
    • TIP: if you’re unsure contact the person or organization. Use contact details through a legitimate source and not those contained in the suspicious message. Ask them to describe what the attachment or link is.
  • spelling errors or poor grammar
  • messages offering deals too good to be true
  • messages asking you to validate or confirm your personal information, such as login credentials or passwords
  • messages asking you to perform a specific activity, or to provide them access to your system to perform the activity remotel
    • TIP: be very cautious of callers claiming to be support desk officers that direct you to access your computer to walk you through a system issue.
  • messages creating a sense of urgency or actions that are overdue
  • messages claiming to be from a trusted business or government department but sent from a generic email address such as Hotmail or Gmail

Find out more about phishing.

Tax time scams

Tax time is a popular period for scammers to target businesses. Keep one step ahead by being aware of these scams. The Australian Taxation Office (ATO) will not email you and ask for your bank details or tax file number (TFN).

Watch out for scams targeting small businesses such as the email scams, mobile phone scams (SMS) and phone call scams listed on the ATO website. If you get an email, call or SMS from the ATO that asks for personal information or offers a tax refund, report it to the ATO and Scamwatch.

Stay Smart Online has teamed up with the ATO to provide tips and resources to help you stay safe online at tax time.


Pharming is another common scam where the scammer puts a malicious code on your device that takes you to a fake version of a legitimate website. Pharming is similar to phishing as criminals rely on a fake website to trick you into logging in with your credentias (i.e. username and password). E-commerce and online banking sites have become popular pharming targets because criminals are able to log into the real sites with your stolen credentials.

How to protect yourself:

  • Use a trustworthy internet service provider (ISP).
  • Check the URL is correct and doesn’t redirect to a slightly different spelling.
  • Make sure the http changes to https when an online process asks for your payment details or user name and password – this indicates a secure browser.
  • Look for the padlock symbol and 'https' in the browser address bar when being directed to a website – be cautious of URLs that do not have these. Without these features, it isn’t certain that data between the website and your web browser is encrypted, and therefore open to being intercepted by a criminal.
  • Check the secure website has a valid certificate of authority and make sure that the name on the certificate matches the site you are visiting.
  • Check the web address is correct – hover the mouse over the link to see that the URL address will lead to the correct destinatio check the website for spelling and grammar errors and see if it has a contact page, terms and conditions and legitimate privacy policy.


Malware is malicious software most commonly used by criminals to steal your confidential information, hold your system or device to ransom or install damaging programs onto your device without your knowledge. Malware spreads viruses, trojans, worms and spyware through:

  • email messages
  • bogus websites
  • pop-up ads
  • infected files

Learn more about preventing malware.


Ransomware is a type of malware, often spread through phishing emails or a bad app, which locks your computer’s content. The victim clicks on a link or downloads a file that allows the cybercriminal to demand a ransom to unlock your computer.

Often, criminals use ransomware because they can exploit your software or your operating system (e.g. version of Windows or Mac OSX) that either does not have the most recent update, or is old and no longer supported by the vendor.

Ransomware can:

  • prevent you from using your devices
  • encrypt your files so you can’t open them
  • stop you from running applications

Undertaking the following steps can prevent criminals using ransomware against your business:

  • Minimise visits to unknown websites and avoid being enticed by clickbait.
  • Look for the padlock symbol and 'https' in the browser address bar when surfing the net – be cautious of URLs that do not have these. Without these features, it isn’t certain that data between the website and your web browser is encrypted, and therefore open to being intercepted by a criminal.
  • Install and regularly update antivirus and anti-ransomware software.
  • Install a firewall to stop traffic from untrustworthy sources getting onto your device.
  • Keep your operating system and software up to date with the latest versions. This should be done automatically where possible.
  • Back up your computers and phones regularly, and choose automatic back-ups where possible. Keep back-ups separate from your computer, on separate devices or use a cloud service. These will help your business get back online.
  • Disable macros in Microsoft Office.
  • Have an incident response plan ready to dramatically reduce the damage inflicted, ensure a quick recovery and safeguard against future incidents.
  • Adopt multiple layers of defence against malware. No single mitigation will protect you. You can develop multiple strategies that will improve your resilience and detect malware without disrupting the day-to-day running of your organisation.

There are ways to help protect your business if you’re impacted by a ransomware attack. The best way to safeguard your data is by making sure you:

  • have all your files and information backed up on a separate device
  • disconnect your computer from the network and turn it off to stop the malware from spreading
  • report the infection and seek help from a cyber security expert

Visit No More Ransom for free assistance to help you retrieve your data without paying the criminals. Supported by the Australian Federal Police and other law enforcement. No More Ransom provides ransomware crime prevention advice and decryption tools to help victims recover their files.

The Australian Cyber Security Centre recommends to never pay the ransom as you can’t guarantee the scammer will unlock your files. The scammer may also infect your computer again if they know you’re willing to pay the ransom. Report the infection and seek help from a cyber security expert.

You can report ransomware incidents to the Australian Cyber Security Centre through ReportCyber.

Read more about ransomware.

Invoice email scam

This involves scammers pretending to be legitimate suppliers advising you about changes to payment details. You may not realise until your business receives complaints from suppliers that your payments didn’t occur.

Be aware of potential scamming and have checks in place to ensure you pay the right suppliers. Before paying, ensure the supplier verifies all major invoices using contact details you already have on record.

Have you been scammed?

  • Keep an eye out for anything suspicious.
  • Research any offers you receive that are too good to be true.
  • If you think you’ve been the victim of a scam, report the scam to ACCC via Scamwatch

Resources to help protect your business

For more information on scams targeting small business, and how to protect yourself:

Read more about typical scams and where to get help.

Visit Scamwatch's Protect your small business information.

Check the ATO's Online security information for the latest ATO related scams.

Download the Australian Competition and Consumer Commission's (ACCC) fact sheet on Business scams.

Download the ACCC's Little Black Book of Scams.

Read next

Get an introduction to cyber security and protecting your business.

Read about ways to protect your business from cyber threats.