Commonwealth logo and the ACCC logo
INFOCENTRE: 1300 302 502
Login
ACCC HOME
spacer
ACCC home > For consumers > Phone & internet services > Phishing, mishing, vishing & other scams

Phishing, mishing, vishing & other scams

What is phishing?

'Phishing' refers to emails, sent to you by scammers, that are designed to trick you into providing your personal and banking information.

Typically, scammers will send phishing emails which often appear to be from your bank, a government organisation, or other financial institution urging you to click on a link to update your personal profile or 'validate' or 'confirm' your personal details.

By clicking on the link in the email, you will be taken to a fake website designed to look like the real thing and prompted to enter your password, PIN and other personal information. Any details you enter are recorded by the scammer.

Some phishing emails contain spelling mistakes or other errors that may alert you to the scam, but other messages look so genuine that you could be fooled if you are not careful. Scammers are creative and manipulative. They will easily copy an institution's logo and message format to make their email look genuine. It will also be easy for them to set up a fake website too.

What is mishing?

'Mishing' is a combination of the words mobile phone and phishing.

Mishing is very similar to phishing—the only difference is the technology. Phishing involves the use of emails to trick you into providing your personal details, whereas mishing involves mobile phones.

M-commerce is fast becoming a part of everyday life. If you use your mobile phone for purchasing goods and services and convenient banking, you could be more vulnerable to a mishing scam.

A typical mishing call or message involves a scammer, posing as an employee from your bank or another organisation, claiming to need your personal details. Scammers are very creative and they could tell you many different reasons why they need this information from you—perhaps to verify your account or maybe to authorise a purchase you have made on your mobile.

Regardless of the story you are told, the scammer will be aiming to convince you to divulge confidential personal and banking information, such as your PIN or password. Even if you use your telephone keypad or keyboard to type in your details, if you are on the line to a scammer, the scammer can record them.

What is vishing?

'Vishing' is a combination of the words voice and phishing.

Vishing is very similar to phishing—the only difference is the technology. Phishing involves the use of emails to trick you into providing your personal details whereas vishing involves voice or telephone services. If you use a Voice over Internet Protocol (VoIP) phone service, you are particularly vulnerable to a vishing scam.

A typical vishing call involves a scammer, posing as an employee from your bank or another organisation, claiming to need your personal details. Scammers are very creative and they could tell you many different reasons why they need this information from you. Do not assume you won't be a target of a vishing scam.

Regardless of the story you are told, the scammer will be aiming to convince you to divulge confidential personal and banking information, such as your PIN or password. Even if you use your telephone keypad or keyboard to type in your details, if you are on the line to a scammer, the scammer can record them.

How to recognise a phishing, mishing or vishing scam

Here are some tips to help you recognise a phishing, mishing or vishing scam. For more tips and warning signs, visit the phishing page of our SCAMwatch website.

  • Genuine banks and organisations will NOT contact you by email to request confidential and personal information. 
  • If a bank or organisation sends you a genuine request for some information, they should address you by name and not refer to you as 'account holder' or 'customer'.
  • A genuine bank or organisation should take good care to ensure that any email or message they send to you does not contain typing errors and grammatical mistakes—many scammers make silly mistakes.

How to respond to a phishing, mishing or vishing scam

There are things you can do if you receive a suspicious message. For more help on how to protect yourself, visit the phishing page of our SCAMwatch website.

  • If you receive an email, phone call or other message supposedly from your bank or another organisation requesting your personal details, delete the message or hang up your phone.
  • Even if the email or message urges you to act quickly, do not panic—this is just a trick to make you respond immediately without giving you a chance to talk to others or to check if it is a scam.
  • If you receive a suspicious call or message that you think might be genuine, do not divulge your details until you have made some extra checks to satisfy yourself that it is not a scam.
  • Ring your bank or the company yourself to find out if it is a genuine message but never use the number provided in the email or message—a scammer will not give you the correct number!

How to reduce the damage if you think you have fallen for a scam

Report the scam

You should telephone your bank or financial institution if you are suspicious of an email, letter or phone call that claims to be from them, or if you think someone may have access to your accounts. They can advise you on what to do next. Make sure the telephone number you use is from the phone book or your account statement, ATM card or credit card.

Protect your computer

If you were using your computer when you got scammed, it is possible that a virus of other malicious software may have infected your computer. Run a full system check using reliable security software. If you do not have security software (such as virus scanners and a firewall) installed on your computer, a computer professional can help you choose what you need.

Change your passwords

Scammers may have also gained access to your online passwords. Change your passwords using a secure computer.

Visit SCAMwatch to find out more about scams

Stay one step ahead of the scammers. Visit our SCAMwatch website to learn more about phishing scams and other scams that target you or your small business. You can also find out more about how scams work, how to protect yourself and report scams to us and other government agencies via SCAMwatch.

You can also read our popular publication The little black book of scams. The little black book of scams highlights a variety of popular scams that regularly target Australian consumers and small business in areas such as fake lotteries, internet shopping, mobile phones, online banking, employment and investment opportunities. You can ring our Infocentre on 1300 302 502 to request your free copy, or you can download it from our website (see the link in the Key publications box of this page).

Related topics on the ACCC website

Scams & shopping online in For consumers
Scams & you
Internet banking in For consumers
Internet phone services (VoIP) in For consumers

Rate this information

Good   Poor         Tell us why:

Printer friendly version

Key publications

More publications

Notify me...
  • Email me if updated
spacer

Contact us | Site map | Definition of terms | New on site | Help | Privacy | Disclaimer & copyright | Accessibility | Website feedback | Other languages

© Commonwealth of Australia 2008