This week we’re looking at how you and your business can stay smart, safe and secure from scams.

Mythbusting scams and Nigerian Princes

Aussies consider themselves tech-savvy, yet we lost $851 million to scams last year. Here's how you can stop it.

Ben Daley



4 minute read

It starts with a Nigerian Prince. He has 300 gold bricks, and he needs YOUR help investing them into an off-brand and poorly misspelt bank account.

For many of us who spend our working (and waking) life online, it’s a well-known scam that has even reached meme status. But there are two things you may be surprised to learn about it.

One. It still rakes in $700,000 a year.

Two. It started as snail mail.
In short
  • In 2020, Aussies lost over $851 million to scams.
  • It’s not just your nan getting scammed – businesses are also a common target.
  • Asking questions and sharing experiences is the key to protecting you and your business.
Getting closer to the problem

There is a much bigger picture to scams than we often think about, and the Nigerian Prince con highlights this perfectly. Scams, even comparatively unsophisticated ones, can still rake in huge figures a year. And what’s worse, they’re constantly evolving with the times – making use of new platforms and technologies to trick people into sharing personal details, sending money, or giving them access to secure systems.

Scams are, ultimately, an effort to use social engineering with criminal intent. And they do it very successfully. Last year Australians reported losing a record-breaking $851 million.1 And that’s just what was reported.

Scam activity hit an all-time high during Covid, as people converted enmasse from offices to their homes – leaving the protective bubble of workplace networks and accessible IT support.

But while scam awareness is often focused on educating unsuspecting online shoppers or older digital immigrants, the threats to business are just as real2 – and even more sophisticated.3 The biggest threats being: 


  • False billing scams
    Scammers impersonate businesses to provide false invoices or change payment details to redirect authentic payments.
  • Phishing scams
    Scammers attempt to get data or personal details to access systems or accounts. They then can either hold to ransom or use to syphon of data or funds.
  • Malware and ransomware
    Perhaps most notoriously remembered as the 2017 WannaCry attack4 that threatened to cripple governments and corporations around the globe.

Identifying and avoiding scams

While we can’t outline every scam, nor the steps appropriate for dealing with different hustles and Princes, there are steps you and your employees can take to help identify and avoid scams – at both work and home:


  1. Remember that scams exist and that everyone is a potential target. Nobody is immune, and being scam-aware is sometimes more than half the battle won.
  2. Slow down and think it through, especially when working remotely. IT might occasionally grumble about things moving slowly, but nothing slows them down more than a preventable security breach.
  3. Only share information with people you know. And more importantly, only share with people you know should have that information.
  4. Speak up if you think something’s off. Shame plays a significant role in many scams going unreported or unrecognised. Ask questions, share experiences, and help protect each other.

also has a long list of scams and ways to protect yourself. Or, for a more interesting take on being safe online, you can check out these Scam Awareness animations we produced for our friends at Westpac.

“Shame plays a significant role in many scams going unreported or unrecognised.”
on catphishing
Add ‘romance baiting’ to your vocab list as scammers are now targeting young Aussie hearts. Last year, tech-fluent millennials lost $7.3 million from romance baiting. The technique involves hot bots and catfish hitting up dating sites to lure the lonely into phony cryptocurrency investments. And when the funds dry out? Poof.
Under block and key 
Despite the scariness of scams, in some instances the digitisation of real-world processes is making them ‘safer’ – or at the very least – more transparent. Take TechCrunch Founder Michael Arrington’s recent sale of his Kiev apartment as a real estate-backed NFT.

While these transactions aren’t exempt from cyber-attacks, the use of immutable blockchain can create an iron-clad trail of ownership that is unable to have its details altered by any new owner, at any time.
  1. ACCC, Scammers capitalise on pandemic as Australians lose record $851 million to scams, (June 2021) ACCC
  2. ACCC, Payment redirection scams cost Australian businesses $128 million in 2020, (June 2021) ACCC
  3. Juliana De Groot, Phishing Attack Prevention: How to Identify & Avoid Phishing Scams in 2021, (September 2021) Data Insider
  4. Wikipedia, WannaCry ransomware attack, (November 2021) Wikipedia
  5. ACCC, Protect yourself from scams, ACCC
  6. CX Lavender, stay smart, safe, and secure, (2021) Westpac

Written by Ben Daley, Edited by Alice Heraud, 52 Words by Alice Heraud, Freeform by Natasha Velkova & Kate Pendergast, Key Visual by Charlie Rosanove.
CX Lavender acknowledges the Traditional Custodians of Country throughout Australia and their connections to land, sea and community. We pay our respect to their Elders past and present and extend that respect to all Aboriginal and Torres Strait Islander peoples today.