Skip to content

🚩 Spotting Red Flags

Social engineers don’t need to outsmart your computer — they just need to outsmart you.
The good news? They’re not that creative. Most scams follow the same patterns, just dressed up with shinier logos and better grammar.

🎭 The psychology of a con

Every scam, big or small, plays on one or more of these feelings:

Emotion What they trigger Example
Urgency Makes you rush instead of think “Your account will be suspended in 3 hours!”
Fear Stops you questioning “The ATO has opened an investigation.”
Greed Makes you ignore common sense “You’ve won a $500 gift card!”
Curiosity Gets you to click “Someone searched for you on LinkedIn.”
Authority Makes you obey “This is your bank manager.”

Quick reality check

Any message that demands immediate action or personal info should make your spidey senses tingle.
Slow down, breathe, and double-check through official channels.

💬 Common Red Flags

1. Weird email addresses or domains

Looks legit until you hover over the sender or link.

security@commonwealthbanc.com — note the missing “k”.

2. Odd tone or language

Too formal? Too casual? Scammers are great at templates, not context.

If it ends in .exe, .zip, or .html and you weren’t expecting it — bin it.

4. Payment or gift card requests

Your boss doesn’t need iTunes cards. Ever.

5. Generic greetings

“Dear Customer” usually means they don’t know who you are.

🧠 Training your gut

Trust your instincts — but verify.
If something feels off, it probably is.

Real-world story

A local small biz owner almost transferred $12,000 after getting an email “from her accountant.”
The logo, signature, and tone were spot on. The only giveaway?
The email address ended in .org instead of .com.au.

🎥 Watch & Learn

(Linked video: How to recognise social engineering in action.)

🪤 Takeaway

If you remember one thing, make it this:

Pressure = pause.

Whenever someone pressures you to act fast online — that’s your cue to slow down.

Next up: Everyday Scams