Cyber Security

We take your privacy seriously

Scamwatch is run by the Australian Competition and Consumer Commission (ACCC) to help consumers and businesses recognise and report scams. In 2021, Scamwatch reported that over $320 million was lost to scams in Australia alone – this amount is only predicted to increase each year.  

At Real Insurance, we work hard to keep your personal information safe. But no matter what safeguards are in place, education and awareness will always be the best way to protect yourself against scammers.

What exactly is a scam?

A scam is any scheme that is designed to trick you into revealing your personal information. If successful, the scammers can then use that information to commit criminal activities, such as making online purchases with your credit card or opening a bank account.

Scams fall into the following categories:

  • Buying or selling scams use fake websites to try and trick you into sending money for products or services that don’t exist, or sending you bills or invoices for something you never ordered.
  • Investment scams pretend to offer you an easy way to make money, often disguised as opportunities such as property or business deals claiming a “guaranteed” high-return or a gambling system that “guarantees” you a significantly higher chance of winning.
  • Dating and romance scams take advantage of peoples’ loneliness, creating fake profiles to attract potential victims and then using strong emotional triggers to convince them to provide money, gifts, or their personal details.
  • Jobs and employment scams are designed to trick you into paying for training or access to a dream role that doesn’t require you to have the necessary qualifications or experience.
  • Fake charity scams often impersonate genuine charities, asking for donations after natural disasters or other major events such as the 2018/2019 bushfires.
  • Remote access scams use convincing arguments to get you to hand over control of your computer or other device so the caller can fix a problem, with scammers often pretending to be from your local council, electricity company, internet or phone provider, or another trusted source.
  • Threats and extortion scams often occur after a scammer has taken control of your computer through fraudulent means, threatening to release sensitive information or even threaten your life if you don’t hand over money or your personal information – these scammers often claim to be from a trustworthy organisation, such as the government or the police.
  • Unexpected win scams trick you into sending money or your personal information in order to receive a prize from a lottery or competition that you never entered.
  • Unexpected money scams give you false hope about seemingly legitimate offers of money, such as an inheritance from a distant relative or a stranger who wants to move a large lottery win out of their country to avoid high taxation.

Understanding scammers

While it’s almost impossible to protect yourself from the many different types of scams, knowing how scammers work can significantly reduce your risk of becoming a victim.

To help educate and protect yourself, Scamwatch and the Australian Cyber Security Centre (ACSC) provide comprehensive information on how to spot a scam. Scamwatch also has a number of real life stories on their website from Australians who’ve been scammed, and how they resolved each issue.

Other Commonly Asked Questions

I’ve been scammed – what do I do now?

Even when you have strong knowledge on how to prevent scams, you can still fall victim to one. To help make sure you limit any further damage, we recommend you follow these three simple steps: 

  1. Don’t panic. Speak with your bank to cancel any cards that may be affected and/or put your accounts on hold, and immediately change all of your passwords.
  2. If you think you’ve been scammed by someone impersonating Real Insurance, please contact us on 136 036 immediately. The sooner we know about it, the faster we can take steps to minimise any damage.
  3. If you’ve suffered financial loss or your personal information has been compromised, log an incident with the Australian Cyber Security Centre or call their hotline on 1300 292 371. A list of resources, including recovery and counselling services, can be found on the Scamwatch website.

How can I protect myself online?

When it comes to your online safety, remember the following:

  • Never share your PIN, security codes or passwords with anyone, and never write your password down and leave it by your computer or on the fridge where someone else could find them.
  • Never click on any links in emails or text messages that are sent to you out-of-the-blue. Known as phishing, clicking on these fake links gives scammers access to your device, which allows them to steal personal information such as passwords, bank details and credit card numbers. These links often look legitimate but take you to a fake website.
  • Be aware that your friends or contacts could have their accounts hacked, which could be used to send you a malicious link. Before clicking on any link, always move your mouse across it to see the website it will take you to. If anything looks suspicious, don’t enter any personal information or make any payments without contacting the sender directly to confirm that the correspondence is legitimate.
  • Never reply to an email or SMS/text message that asks for your personal information.
  • Never give anyone access to your computer remotely, especially if they have contacted you out-of-the-blue.
  • Protect your devices with biometric features such as Two-Factor Authentication (thumbprint or facial recognition), and always make sure your anti-virus software is up to date.
  • Use a password generator to create unique, complex passwords for your devices and accounts. Change your passwords regularly and never use the same password on more than one website. Instead of saving your passwords on a browser, use a password manager to store them securely.
  • Avoid connecting your devices to a public Wi-Fi network. It’s much easier for scammers to steal your passwords and other sensitive information from an open network, so never login to websites that require your personal details or do any banking.
  • Never connect an unfamiliar USB drive to your computer or device.
  • Be wary of phone calls from numbers you don’t recognise.
  • Be wary of any business that uses uncommon payment methods, such as direct fund transfer, money order, pre-loaded card, wire transfer, gift cards, or cryptocurrency.
  • Be wary of new friends or romantic partners who develop strong feelings quickly, then ask for money or gifts.
  • Be wary of any offer that pressures you into making a decision quickly.
  • If you’ve received an offer that appears too good to be true, it probably is – this could include things like high-end fashion or popular electronic devices at bargain-basement prices, or a once-in-a-lifetime return on investment.
  • When logging in to the Real Insurance website, type instead of clicking on any links contained in emails, SMS or online. Please contact us directly if you’re unsure about any correspondence – if we send you an SMS or email it will clearly identify us and include our contact number.

What if my personal information has been impacted by a data breach?

While a data breach is not necessarily a scam, a data breach can do just as much damage and requires the same urgent attention and action, as it can often lead you to become a victim of a scam.

Data breaches occur when information being held by a bank, medical facility, educational institution, government department or commercial business has their online security breached, exposing confidential records and databases to the hacker who breached their defences.

If you are informed that your personal information could be compromised by a data breach, take the following 5 steps:

  1. First things first, you need to make sure there was actually a data breach. When hearing about a possible data breach, either directly or on the news, contact the affected party directly to make sure you haven’t been targeted by a scam. One handy way to learn if any of your phone numbers or email addresses have been involved in a data breach is to use a tool such as Have I Been Pwned?
  2. Scan If your information has been exposed, use up-to-date antivirus software to scan for malware on your computer and any device that you use to make sure they aren’t infected with a virus.
  3. Determine Once a breach has been confirmed, you need to work out what sensitive information has been exposed. Depending on the type of breach, this can be narrowed down by contacting the breached party for more information or reading any related news stories. If the breach occurred at your bank, you can assume that your financial information (account details, identity etc) is all at risk and you should take immediate action to secure it.
  4. Reset Perhaps one of the most important steps is to change the passwords for all your online accounts, even those that may not have been involved in the breach. If any account uses your email address, name or other sensitive information to identify you, you need to change the password.
  5. Observe After your passwords have been changed and you’ve performed a virus scan on all your devices, continue to monitor your accounts for any suspicious activity.

Hearing that your personal information has been involved in a data breach can be stressful, but you can minimise any damage by acting quickly and following the steps above.