How to spot an email scam

Learn how email scams work, common warning signs to look for and simple steps you can take to protect your personal information.

3 minute read

Why email scams are easy to fall for

Email scams are a common way scammers try to steal personal information, money or access to your accounts. They often look genuine and appear to come from trusted brands.

Be cautious if an email:

  • creates a sense of urgency
  • contains spelling or grammar errors
  • asks for your personal or financial information
  • includes unexpected links or attachments.

Knowing the signs can help you spot a scam early and take action.

Report a scam email

How email scams work

Most scam emails are designed to create urgency and false trust, pushing you to act before you’ve had time to think. They usually fall into two main categories:

 

Phishing emails

Phishing is a type of scam where criminals pose as legitimate organisations to trick you into giving up sensitive information such as your password, credit card details or account information.

Phishing emails may:

  • ask you to reply directly with personal details
  • encourage you to click a link to verify or secure your account
  • take you to a fake website that looks similar to a real one.

Once scammers have this information, they can use it to access your accounts or commit fraud.

 

Malware emails

Malware is malicious software designed to damage your device, spy on your activity or steal personal information. Malware emails try to trick you into installing this software without realising it.

These emails may:

  • include attachments that appear to be a bill or invoice
  • contain links that download files when clicked
  • look like legitimate messages from trusted brands, including Telstra.

Opening these attachments or links can install viruses or other unwanted programs that put your personal information and device at risk.

 

What to do if you receive a suspicious email

If you think an email might be a scam, acting carefully can help protect your personal information and your devices.

Don’t take any action

Avoid clicking links, opening attachments or replying to the message. If you do accidentally open a link, don’t enter any personal or account details on the website.

Delete the email

If the email is unsolicited or doesn’t look right, delete it straight from your inbox and recycle bin.

Check your device

If you’ve already clicked a link or opened an attachment:

  • Make sure your device’s operating system and antivirus software are up to date.
  • Consider running a full antivirus scan as soon as possible.

Report the scam

Reporting suspicious emails helps protect others and allows action to be taken.

Report a scam email to us so our Cyber Security team can investigate and take action faster.

 

Stay safe from email scams

Email scams can happen to anyone, but knowing the signs makes them easier to spot. By staying alert and reporting suspicious emails, you can help protect yourself and others.

Stay protected from cyber threats

Join millions of Australians who trust Telstra to help keep them safe online. From scam alerts to mobile protection, we’re committed to helping you stay secure every time you connect.

Explore our Cyber Security Hub

Explore more on these topics

How to recognise, avoid and report scams

Learn how to spot, avoid and report scams with practical tips and advice to help protect yourself and your loved ones online.

Explore scam safety tips

We also recommend

  • If you're worried you've been scammed

    If something feels unusual and you think you may have been scammed, pause and take a breath. Acting promptly can help limit the impact on your accounts, money and personal information.

    Article 3 minute read

  • Hello passkey, goodbye passwords

    Tired of remembering passwords? Passkeys offer a simpler, more secure way to sign in using your device’s built‑in security. Here’s how passkeys work, why they matter and how to start using them safely.