NAB Bank issues urgent scam warning
Australians are becoming increasingly adept at spotting scams, but fraudsters are being tipped to change their tactics to deceive their targets by 2025.
National Australia Bank group researcher Chris Sheehan has outlined five new scams to look out for, based on emerging trends the bank has seen in its customer reports.
“Every Australian needs to know about these scams so they can recognize the warning signs and protect themselves and their loved ones,” the former Australian federal police officer said.
Emails and texts full of spelling and grammatical errors, along with obviously fake link addresses, used to be an easy way to identify scam messages.
An improvement in the quality of these posts, cleverly constructed links and even websites that replicate the genuine article now make them harder to spot.
Mr Sheehan said there is also a new wave of AI-powered scams targeting Australians, scams encouraging cryptocurrency investment, and what he calls ‘bucket list’ scams offering unique experiences.
‘Criminals create urgency to act quickly. It could be the fear of missing out that the concert tickets will sell out quickly, that you will miss the next big crypto investment opportunity or that there is a problem with your bank account and you need to move your money elsewhere,” said Mr Sheehan .
‘Once the money has been transferred, it is often very difficult to get the money back, despite our best efforts. Criminals quickly send it to offshore accounts or to cryptocurrency platforms, knowing it will be harder to track down. That’s why it’s important to catch him quickly.”
Chris Sheehan is a group investigation officer for National Australia Bank and previously worked for the Australian Federal Police
NAB has analyzed customer reports of scams and outlined five things to look out for in 2025
AI-based scams
A common use of artificial intelligence by fraudsters is scams that involve impersonating Australian politicians or famous personalities and promoting an opportunity or product on social media.
This scam uses deepfake technology, a lifelike imitation of real people generated by a computer.
Fake voice messages can be created with just three seconds of real audio or with fake photos or videos created with just one image from a social media profile or a video on a website.
“While we have had no reports of our customers being affected by sextortion using AI-generated images, we are monitoring this issue overseas as sextortion can have devastating consequences,” Mr Sheehan said.
How to protect yourself:
- Treat investment opportunities backed by leading figures with skepticism and do your own research.
- Access investment opportunities through data you source and verify, rather than clicking on social media ads or sponsored search results.
- If you are unsure of the legitimacy of a payment request, call the person back immediately – even if you know him/her – using the information you have found yourself.
- Set your social media profile to private and view friend requests and connections.
- Stop all contact if someone threatens to release images if you don’t pay. If you have sent a payment, report the matter to the e-Safety Commissioner and your bank.
Cryptocurrency investment scams
Scammers can create urgency around cryptocurrency by saying that the price was about to rise and they need to act now.
They socially manipulate people into ‘investing’ through fake crypto trading apps and fraudulent websites, but there is no legitimate wallet.
Crypto scams offering investment opportunities before they skyrocket target Australians (stock image)
Small wins or the ability to withdraw a small amount of money are used by criminals as a way to build trust.
But when you try to withdraw your money, you face fees, tax issues, or get locked out of the account.
How to protect yourself:
- Confirm that the person you are speaking to has an Australian Financial Services (AFS) license and contact them with the details you have independently found.
- Find the registration number of the cryptocurrency exchange on the website. Digital currency exchanges in Australia must be registered with AUSTRAC.
- Look for reviews of the investment offer and the company, including search for the offer and the word ‘scam’.
- Search ASIC’s investor alert list, which includes suspicious companies, companies and websites.
Bucket list scams
International music acts playing in Australia and new visa requirements for Europe, such as the electronic travel authorization required for Britain from January 8, could create opportunities for buying and selling scams around bucket list moments.
A large number of all buying and selling frauds reported by customers are linked to social media or digital platforms, reinforcing the need for a coordinated national approach to stop scams.
The customer may pay for an item that does not exist or, if something arrives, it is random or counterfeit. Other variations include paying a high price for a legitimate product or service.
“We expect there will be ticket fraud during the tour with Oasis and Metallica, similar to that of Taylor Swift and Coldplay in 2024,” Sheehan said.
How to protect yourself:
- Look for sold out tickets through official resellers, rather than on social media.
- If possible, pick up the phone and talk to the seller or organization directly before sending money.
- View the seller or organization’s social media profile in detail to see when it was created, how active they are, and if they have any reviews.
- Perform a reverse image search. If you see the same image of tickets, visa authorizations or proof of purchase on other websites, it is probably a scam.
- Consider how you pay. Private sales offer limited or no protection if the items are not genuine.
Remote access scams targeting businesses
These continue to be among the top frauds reported by NAB customers.
A phone call impersonating a well-known bank, telecom company, technology company or government department is the stepping stone and often they are deliberately targeted at older Australians.
An emerging trend is for criminals to call business customers pretending to be NAB and tell a story about there being a new chatbot or version of NAB Connect, or a problem they can help you solve.
They then direct people to download an app or software, which gives them remote access to a computer so they can access online banking or other personal information.
Scammers target companies by pretending to be telecom companies, banks or the government (stock image)
“We expect criminals will continue to target Australian consumers and businesses with remote access scams in 2025. Losses often run into the tens of thousands of dollars, compared to other scams where the criminals can make $500 or $1,000,” he said.
How to protect yourself
- Never give an unexpected person remote access to your computer or online bank accounts.
- Never share SMS codes sent by your bank.
- If you’re not sure if the contact is legitimate, hang up or delete the text message or email. Contact the organization using the information you found yourself.
- Update computer software and apps regularly.
Advanced phishing fraud
Phishing fraud involves sending large amounts of false messages, with the scammers counting on a few ‘bites’.
The content of messages and their appearance make it more difficult to distinguish them from real messages.
They remain one of the most popular scams among criminals.
‘An emerging trend is text messages urging people to use loyalty points from their supermarket or similar stores before they expire.
How to protect yourself:
- Be very suspicious of unsolicited contact. If in doubt, delete it or hang up.
- Please know that NAB will never ask you to provide your personal or banking details via a link.
- Please know that NAB will never send you an unexpected text message with a link in it.
- Keep your phone and computer up to date with the latest version of apps and trusted antivirus software.