← Back to Learn

Email Scams

Scam emails can look like the real thing, but they often include links or attachments designed to steal your money, passwords, banking details, wallet access, or personal information.

Check an EntityReport a Scam

Scammers send urgent emails pretending to be from government agencies, law enforcement, banks, crypto exchanges, delivery companies, online services, or businesses you know.

They may use the same logo, similar language, and a similar email address as the real organisation. Scammers can also copy or spoof an email address to make the message look more legitimate.

Warning Signs

Warning signs it might be a scam

Stop and think. There is a good chance it is a scam if the email:

  • Contains a link or attachment asking you to log in with your username and password.
  • Asks you to provide personal, banking, identity, wallet, or security information.
  • Requests a payment but the bank account, wallet address, or payment details are new or have changed.
  • Claims to be from a well-known organisation or government agency but uses a free webmail address.
  • Uses urgent language to pressure you into acting quickly.

Common email scam tactics

Asking you to confirm banking details so they can send a refund.

Providing a phone number to call urgently.

Making a threat such as immediate arrest, deportation, account closure, or blackmail.

Threatening to stop a service or charge a fine if you do not act.

Claiming you are a victim of identity crime and offering compensation.

Offering help to recover money stolen by scammers.

Protect Yourself

Steps you can take to avoid email scams

These simple steps can help prevent scammers from stealing your money or personal information.

Check that the email is real

Contact the organisation or person using details you found yourself, such as from their official website, app, or phone book listing. Do not rely on contact details inside the email.

Access accounts directly

Go directly to the organisation’s secure, authenticated portal or app. Never access sensitive accounts through a link inside a suspicious email.

Protect your email account

Use unique passwords for different accounts and consider using a password manager so you do not need to remember every password yourself.

Use multi-factor authentication

Multi-factor authentication adds another layer of protection. It means a scammer needs more than just your email password to access your account.

Be scam aware

Cut contact with anyone who threatens or intimidates you. Never give personal details or payment to someone offering compensation, recovery help, winnings, prizes, or inheritance payments.

Think you've been scammed?

1

Act fast to stop any further losses

Contact your bank, card provider, exchange, or payment provider immediately. Ask them to stop any transactions where possible. Change passwords on your email, banking, crypto, and important online accounts.

2

Preserve evidence

Save the email, sender address, full message, links, attachments, screenshots, transaction IDs, wallet addresses, and any messages that followed.

3

Report the scam

Once you have secured your details, report the suspicious contact so it can be reviewed and added to fraud intelligence records where appropriate.

Report a ScamCheck an Entity