Impersonation

Impersonation is when scammers pretend to be a trusted person or organisation to gain your confidence and get you to do something unsafe. They might pose as your bank, MyGov, Australia Post, a telco, Microsoft, a school, or even a colleague or manager. The goal is usually to make you click a link, share personal information, approve a payment, or hand over access to an account.

Impersonation can happen by email, SMS, phone call, social media, or messaging apps. Scammers often copy logos, colours, and writing style, and they may use details they found online to sound convincing. Sometimes they “spoof” phone numbers or email display names so the message looks like it comes from a real contact.

Examples include: a “bank” text warning about suspicious activity and asking you to confirm details, a “MyGov” email directing you to sign in, a “Microsoft support” call saying your device has a virus, or a message that appears to be from a manager asking for an urgent invoice payment. Another common trick is an “overdue bill” notice with a link to a fake payment page.

To protect yourself, verify the request using a trusted method. Don’t use the contact details in the message — look up the official website or phone number independently. Check the sender carefully, and be cautious if you’re being asked for passwords, verification codes, remote access, or unusual payments. When in doubt, pause and confirm with the real person or organisation through a known channel.