What to Do If You've Been Scammed in Australia
If you're reading this because you've just realised something has gone wrong — a transfer that shouldn't have happened, card details entered on a fake page, identity documents shared with someone who turned out not to be who they claimed — take a breath. The first ninety minutes matter more than the next ninety days. Most of what's recoverable is recoverable in that window. After that, the curve gets steeper.
This is the order. Not a checklist of every thing you can do — a checklist of what to do first, in the sequence that protects the most.
Stop the bleed
Before anything else, stop active loss.
If a scammer is on the phone right now, hang up. If you've installed remote-access software at someone's request, disconnect from the internet — pull the wifi, turn off mobile data, unplug the ethernet cable. If you're in the middle of a back-and-forth chat or email, stop responding. Don't argue, don't explain, don't try to "string them along". Every additional message is an opportunity for them to extract one more piece.
Scammers escalate when they sense you pulling away. "If you stop now, we'll have to involve the police." "This call is being recorded for legal purposes." "You'll be locked out of your accounts." These are manipulation scripts, not real consequences. The escalation tells you the contact is fake — not that you've made a mistake by stopping.
Block the number, block the email address, leave the chat. The scam ends when you stop participating.
Call your bank — within minutes, not hours
If money has moved, time is the single biggest variable. Card-testing happens in minutes. Wire transfers can sometimes be recalled if the receiving bank hasn't released the funds. The phone call you make in the first hour is dramatically more useful than the same call made tomorrow.
Call the fraud line directly. Use the number on the back of your card or the bank's official app — not anything from the scammer's message.
- CommBank: 13 2221
- Westpac: 132 032
- NAB: 13 22 65
- ANZ: 13 33 50
- Macquarie: 1800 622 742
Tell them: "I've been scammed. Please block my card and freeze [account]. Treat any pending transactions as unauthorised." Ask them to flag the case under the ePayments Code — the language matters for what they'll do next.
If you transferred money to the scammer's account, ask the bank to attempt a recall through the New Payments Platform. It doesn't always work, but it's free and fast when it does.
Lock down your identity
If you shared personal documents — Medicare card, driver's licence, passport, TFN, bank statements — assume those details are now in criminal hands and act accordingly.
Stolen identity documents are routinely used to open accounts in your name at banks and telcos that don't yet know you're compromised. The damage isn't always in the account you can see — it's in the account someone else opens months later. The only reliable defence is a credit ban applied now, before the documents move through criminal markets.
The order:
1. Call IDCARE on 1800 595 160. Free, government-funded, Australia's specialist identity-recovery service. They project-manage the rest — banks, telcos, Services Australia, registries — and the call counts as the start of your formal record.
2. Place free 21-day credit bans with the bureaus. Equifax: equifax.com.au/ban. Experian: experian.com.au/consumer/request-a-ban (covers illion as well). Five minutes each, costs nothing, stops anyone opening accounts in your name. Extendable in 12-month blocks with a ReportCyber reference number.
3. If myGov, Centrelink, or Medicare details were shared, call Services Australia. Centrelink: 136 150. Medicare: 132 011. Change your myGov password and turn on multi-factor authentication.
4. Change passwords on every account that uses the compromised email. Especially email itself — if a criminal owns your inbox, they own every password-reset flow downstream.
Report it — the references matter later
Reporting feels like paperwork in the moment. It isn't. The reference numbers you collect now are what banks, insurers, and regulators ask for in the weeks that follow.
Scamwatch. scamwatch.gov.au or 1300 795 995 (ACCC). The National Anti-Scam Centre's intake — and the reference number is what your bank's refund decision links to under the ePayments Code.
ReportCyber. cyber.gov.au or 1300 292 371. The Australian Cyber Security Centre's intake. Required if you want to extend the credit ban beyond 21 days.
Your state police. If significant money has been lost, lodge a formal report. Police won't typically investigate individual cases at the consumer level, but the reference is what insurers and tribunals (NCAT, VCAT, AFCA) need.
The platform. If the scam started on Facebook, Instagram, Marketplace, Gumtree, or LinkedIn, report the scammer's profile to the platform. They sometimes act, often slowly, but the report contributes to pattern detection.
Specific schemes. Investment or crypto scam → ASIC at 1300 300 630. Tax-related → ATO at 13 28 61 (verify) or ReportEmailFraud@ato.gov.au (forward).
Disinfect the device
If you installed software or clicked a link, the device may be compromised even if the immediate damage looks contained.
1. Disconnect from the internet.
2. Run a full antivirus scan. Windows Defender, Malwarebytes, Sophos Home — any reputable scanner. On Android, scan for banking trojans specifically; on iOS, the App Store sandbox makes infection unlikely but not impossible.
3. Remove any remote-access tools the scammer asked you to install — AnyDesk, TeamViewer, UltraViewer, LogMeIn, Splashtop. Uninstall, then check Activity Monitor (Mac) or Task Manager (Windows) to confirm nothing is still running.
4. Update everything. OS, browser, apps. Most malware exploits known vulnerabilities in old software.
5. Change passwords from a different, known-clean device. Phone, work laptop, library computer. Don't use the compromised device until you're confident it's clean.
The two weeks after
The damage you see isn't always the damage that happens.
Scammers sell their victim lists. Within days of being scammed once, you'll receive "recovery scams" — calls and emails offering to recover your lost money for an upfront fee. These are always the second scam. The real Scamwatch, IDCARE, and your bank don't charge to help you. Anyone who does is a criminal.
Watch your bank statements weekly for two billing cycles. Card details often get tested at small amounts before being used for larger purchases. Anything unfamiliar — dispute immediately under the ePayments Code.
Watch your post and your inbox for unexpected bills, account-opening notifications, or "welcome" emails from services you didn't sign up for. Each is a sign that stolen identity details are being used.
If the emotional fallout is heavy — and for many people it is — support is available. Lifeline 13 11 14. Beyond Blue 1300 22 4636. Financial Counselling Australia 1800 007 007. IDCARE's case managers also handle the psychological side, not just the paperwork.
The bottom line
Being scammed isn't a moral failing — the criminals running these operations are professionals using better data than your bank has. What matters now is the order: stop the bleed, call your bank, lock down your identity, report it, clean the device, monitor for the follow-up. Each step closes a door the scammer was counting on staying open.
If you're not sure what to do next, ring IDCARE on 1800 595 160. The call is free, the support is free, and they'll walk you through the rest.
If you've been scammed and money is at risk, call your bank's fraud line first. Then IDCARE on 1800 595 160 and Scamwatch on 1300 795 995. For emotional support, Lifeline is available 24/7 on 13 11 14 — being scammed takes a real toll and asking for help is the right call.
Ask Arthur is Australia's friendly scam-detection companion, built locally with Australian threat intelligence. For more guides and real-time alerts, visit askarthur.au.
Related posts
Think you've received a scam?
Check it instantly — free, private, no signup.
Check now