Australians are being warned to urgently update passwords and stop saving bank card details in accounts when shopping online.
One of the country’s top TikTok stars Millie Ford, from Sydney, lost $1,000 to hackers who found her personal information and started making unauthorised purchases in her name.
The 26-year-old told FEMAIL she started receiving ‘hundreds of spam emails’ in her main inbox that led her to finding out what was really happening.
‘I took a closer look and realised the hoards of emails were covering up real confirmation emails of purchases from a website that were not made by me,’ she said.
‘My card details were saved to my account for an online store and the hackers had been using them to purchase items.
‘Turns out this scam process happened four times before I figured out what had happened. Overall, I lost about $1000.’
Sydney TikTok star Millie Ford (pictured) lost around $1,000 to hackers who found her personal information and started making unauthorised purchases in her name
‘I took a closer look and realised the emails were covering up real confirmation emails of purchases from a website that were not made by me,’ she said
At first Millie posted about the situation on social media asking for advice because she ‘didn’t know’ she’d been hacked or what to do.
‘It was very frustrating and not knowing what sort of position I was in was scary. I also didn’t know how much they had taken from me or what to do next,’ she said.
Luckily the online business the purchases were made from reached out and Millie shared what had happened, but unfortunately she didn’t receive any of the money back.
‘I learnt my lesson not to save my details on a website, though, even though I thought it was safe to do so,’ Millie said.
‘There is no shame in being hacked, and the more people that are aware of the risk, the safer everyone can be – especially young people who spend a lot of time online and might not think it will happen to them!’
PayPal’s tips to identifying scam emails:
Do you know them? Scammer emails or texts often come from an unfamiliar email or phone number
Bad spelling: Scam emails commonly have spelling mistakes and incorrect grammar. So, it’s important to keep your eyes peeled for typos or anything out of the ordinary.
Have they used your name? Always be on the lookout for imposters. If an email starts with ‘Dear user’ or ‘Hello, PayPal customer’ then you should be suspect.
Unrecognised call: Think twice before sharing sensitive information such as your credit card number, password, or even security questions like your first dog’s name.
Phishing for information: Regularly update your antivirus program to protect against malware.
Suspect URL: If the website looks suspicious, don’t click on anything and check for a URL starting with ‘https’ and close padlock symbol.
Sense of urgency: Scammers often dial up pressure with ‘urgent action required’ or ‘limited time offer’ messages. So stay calm and take stock while browsing online.
At the moment there’s also a new PayID impersonation scam going round targeting users selling items on Facebook Marketplace, Gumtree and other websites.
NAB has seen an increasing number of scams related to fake PayID communication in recent weeks, as thousands of Aussies look to ramp up side hustles or become more engaged with their finances to deal with rising cost of living pressures.
The scammer profiles appear to be a real person with little information on profiles and will ask to pay for an item using PayID – a quick, seamless way to pay for something without exchanging bank details.
Recently one young woman was almost caught by a scammer who claimed the PayID wasn’t working on their end because they had a ‘business account’.
In this instance, never exchange email addresses or bank details with someone who’s drawing a sense of urgency to the conversation.
At the moment there’s also a new PayID impersonation scam going round targeting users selling items on Facebook Marketplace, Gumtree and other websites (pictured: message from a scammer on Facebook Marketplace)
Recently one young woman was almost caught by a scammer who claimed the PayID wasn’t working on their end because they had a ‘business account’
The woman received an email from the Facebook Marketplace scammer who explained she had to a ‘limit’ on her account (pictured: the email). However, PayID is always free and instant. Users should never exchange email addresses or bank details with someone who’s drawing a sense of urgency to the conversation
Australians lost $260,000 to PayID-specific impersonation scams last year, according to Scamwatch, while total scam reports to NAB increased 38 per cent year-on-year.
NAB Executive Group Executive and Fraud Chris Sheehan said PayID deception was the latest impersonation scam and the true number of scams impacting the community was expected to be higher given many aren’t reported.
‘No one wants to try to sell their old couch, fridge, phone or pram and it inadvertently ends up costing them. Unfortunately, that’s what’s happening more and more when people try to sell items online,’ Mr Sheehan said.
‘Cyber criminals are sophisticated and we’re unfortunately now seeing them try to exploit PayID given, on the whole, it isn’t as familiar to the community as other ways to send and receive money.’