I shared this story with several of our customers. When I first moved to Brisbane, I took the toll tunnel for the first time. I knew I would have to pay the toll eventually, and, lo and behold, a few days later, I received a text saying my toll payment is overdue.
I didn’t want to get in trouble, so I clicked on the link and entered my credit card details. It didn’t work, and the website said there was something wrong with my credit card. Not a problem, I thought, I would try another. Same thing!
Only then I noticed that the toll payment website URL didn’t quite look right. Instead of www.linkt.com.au, it read something like linkt-payment.com.au, with the design matching the original website.
I called both of my banks immediately and told them my cards were compromised. It felt really stupid! How could I, working in IT, and having helped so many people, have fallen for it? But it happened, and all I could do was replace my cards and change all the subscriptions and bill payments to new cards. It probably took over two or three hours to sort it out.
Was it a coincidence or did the scammers somehow know that I took the toll road? I don’t know. I had never received those texts before taking the tunnel. I still receive them every once in a while at night and I just delete them straight away. I suspect there is a data leak somewhere, or, perhaps, a rogue employee is collaborating with the scammers.
The timing made the scam quite convincing. I didn’t lose any money as a result, but others certainly will have. They’ll also have fallen for other scams which seemed more plausible because of the timing. We often think that only stupid people fall for scams, but that’s not the case at all.
So, how can you avoid being scammed? Unfortunately, you can’t. But what you can do is to make it less likely that you’ll be scammed. Be sceptical of any message, email or phone call that you receive, even if the timing makes you think it’s probably the real deal.
Look at the obvious signs of a scam, such as promising results that are too good to be true, prominent “call to action” links and buttons, and bad grammar. No, there are no “single women in your area dying to meet you tonight”. No, you won’t lose weight by following “a weird trick that doctors don’t want you to know”. And no, you haven’t placed any orders for an iPhone 15 Pro Max or “Norton security subscription”.
When it comes to money-related matters, it’s always better to take a few minutes to check whether a message is legitimate. Look up the organization’s phone number and call or visit its website and use the chat option.
Some security solutions include features that can block scam and malicious websites. But these tools simply help you reduce your risk. They’re not doing to block every bad link, and so you should still make checks. The antivirus we recommend, Emsisoft Anti-Malware, has this feature and allows to block the following categories. We can enable or disable it for you.
Bottom line: we’re all vulnerable and we can all be tricked. The good news, however, is that we can also make it significantly less likely that we will be tricked.