Article

Can you pick a scam?

Get a step ahead of fraudsters. Test yourself to see if you can pick a scam.

Can you pick a scam? SMS examples

Fraudsters are always thinking up new (and creative!) ways to trick you into clicking on phishing links and obtaining your personal information. From calls saying your accounts are disabled to messages that you that you have a missed delivery on a parcel you didn't order, the stories scammers try to tell are never-ending. It's no cause for alarm, but it is a case to be prepared!

The best way to prepare yourself for identifying a scam email or SMS is to be aware of some of the common red flags of a scamTo help you, we've created some pretend scams and compared them to legitimate Heritage Bank email and SMS. Can you pick which ones are a scam? 

Can you pick an email scam? Choose 1 or 2.

Scam email - Can you pick a scam? Scam email - Can you pick a scam?

ANSWER: Which email is a scam and why...

If you chose 2 then you're correct! Here are the red flags in this email: 

The 'From' email address

The email may look like it's coming from Heritage Bank but has an odd 'from' email address: alert.heritage@server231.com.au. Legitimate communications from Heritage Bank are sent from emails ending in @heritage.com.au such as 'info@heritage.com.au'. We may also occasionally request third parties to complete customer surveys on our behalf, but this will always be made clear in the email.

The email was sent to multiple people

This is shown in the spam email by the To: ...... more text. Fraudsters may send out bulk fraud emails at once and sometimes this will show in the email you receive.

There is a threat to act quickly

Scams may include a push to act quickly, including a threat that your account may be locked or frozen if you don't take action. Heritage will never send you an email requesting the disclosure of any personal security details such as your PIN, online banking passwords or credit card details. 

The button may be hiding a suspicious link

Buttons or in-text links can help fraudsters to hide suspicious links. If you click on a link in a scam email, you could get sent to a phishing web page set up to mimic the organisation emailing you. It could even download a virus onto your computer. 

While Heritage may send information, or confirm receipt of items, by email, we will NEVER send an email that requests you to share personal security details such as your PIN, CCV number, internet banking passwords or credit card details.

If you see a button or in-text link in an email, always hover over it first to see where the link is going before clicking. Remember if you're ever unsure, don't click the link!

There are grammar issues

While organisations may make spelling mistakes from time to time, grammar issues can be a clear red flag that the sender is pretending to be someone they aren't. In this example a lot of commas were used instead of full stops. 


Note: We included our old logo in this pretend scam, but this may not necessarily be a red flag! You may still notice our old logo on communications and brochures from time to time as we're in a transition phase to our new design. 

Can you pick an SMS scam? Choose 1 or 2.

Scam SMS - Can you pick a scam? Scam SMS - Can you pick a scam?

ANSWER: Which SMS is a scam and why...

If you chose 1 then you're correct! Here are the red flags in this SMS: 

It's not specific to your account

The message may look like it's coming from Heritage Bank but the information in it is generic and may not relate specifically to your account. Especially if you don't have a credit card!

There is a threat to act quickly

This scam includes a push to act quickly, including a threat that your account may be blocked if you don't take action.

There is a request to confirm identifying information 

The sender wants you to click on a link to go to a web page to confirm your information. Remember, at times Heritage may prompt you to update your contact details online or activate a new card, but we will never send you a message requesting the disclosure of any personal security details such as your PIN, online banking passwords or credit card details.  

The examples included in this article have been created to help you understand some common red flags in scam emails and SMS. They may not include every red flag and scammers may change their tactics over time.

If you're ever unsure about whether an SMS, email or phone call is legitimate, check directly with the organisation using contact details that you find yourself online or by talking to their local office.

View our latest security alerts page and visit our security and scam help and guidance hub for more helpful tips and tricks.

Related tips 

Scam alerts & fraud protection
Fight scammers with our help. Learn how we protect you from fraud and become savvy at identifying scams with our help guides and security tips.
Learn more
How to avoid investment scams
Investment scams cost Australians hundreds of millions of dollars each year and research from the Customer Owned Banking Association reveals that both novice and experienced investors may fall vulnerable. So, how do you avoid investment scams in Australia?
Learn more
Improve online payment security with PayID
Did you know that you can use PayID to reduce your chances of falling victim to a scam? Here's why.
Learn more

Related products

Was this helpful?