The Cyber Sushi

(serving up the cold facts, with some phish bytes)

Welcome back! Here's what we are covering in this issue:

• Recovery Scams: A Growing Threat for Scam Victims
• Keeping Your Mob Safe Online: Our New Safety Takeaways Booklet
• Behind the mask: The Guide to New and Trending Scams

Recovery Scams: A Growing Threat for Scam Victims

A worrying trend is emerging across Australia: people who have already lost money to scams are being targeted again by criminals pretending they can help recover the stolen funds. These ‘recovery scams’ have sharply increased in the past two years and are expected to continue rising.

How Recovery Scams Work
Scammers often contact victims by phone, email, social media, or messaging apps. They usually pose as government officials, fraud investigators, cyber‑security experts, or international agencies. Because they already have details from the original scam, they can seem highly convincing.

Victims are told their stolen money has been found and can be returned, but only after paying fees or setting up new accounts. Many people are coached into creating cryptocurrency wallets or transferring additional funds under the promise of unlocking the recovered money.

Some scammers spend weeks building trust. Others use social‑media ads to lure victims into handing over their details.

Who Gets Targeted
Most of those caught in recovery scams were previously involved in investment scams, especially cryptocurrency schemes. Others came through relationship, job, or online‑shopping scams.

What Victims Lose
Losses in recovery scams range from small amounts to large sums. But money isn’t the only risk. Many victims provide personal documents such as driver licences, passports or Medicare cards, after being told this is needed to ‘verify’ a recovery claim.

Some are pressured into opening new crypto or bank accounts or giving remote access to their devices, leaving them further exposed.

When Banks Can Recover Funds
Money can sometimes be recovered if a bank is notified quickly enough to stop a transfer. Reversing card payments is much harder. Once funds are withdrawn or moved overseas, recovery becomes unlikely.​​​​​​​

Recovery Agents: Mixed Results
Some people turn to private recovery companies. While a few operate legitimately, others charge large upfront fees and deliver little value. Australian based firms generally have stronger reputations than some overseas operators, but no service can guarantee success.

New Consumer Protections
From March 2026, the Australian Financial Complaints Authority (AFCA) will have expanded powers to review not just the victim’s bank, but also the receiving bank where the scammer’s funds were sent. This is an important step toward strengthening accountability across the financial system.

Protect Yourself
Be sceptical of anyone who contacts you unexpectedly offering to recover lost money.

• No genuine agency charges upfront fees to return stolen funds.
• Never pay recovery fees with gift cards or cryptocurrency.
• Contact your bank immediately after a scam.
• Seek support from trusted organisations like IDCARE.

Keeping Your Mob Safe Online: Our New Safety Takeaways Booklet

We’re delighted to announce the release of our ‘Keeping Your Mob Safe Online’ Safety Takeaways booklet!  You can download it here.

At IDCARE, we’ve been very fortunate to spend time with Aboriginal and Torres Strait Islander communities across Australia, listening and learning about how scams and cybercrime affect everyday lives. These experiences have deeply shaped the way we approach our work. Our goal is always to ensure the support we provide is culturally appropriate, practical, and easy for everyone to understand and use.

This booklet reflects that commitment. We worked closely with a local Aboriginal marketing professional to make the content ‘mob friendly’, and commissioned a local Aboriginal artist and photographer to bring it to life. It’s part of our ongoing effort to provide guidance and support that truly meets the needs of communities.

Behind the mask: The Guide to New and Trending Scams

The Fake HotDoc Refund Scam
There’s a new scam making the rounds, and it’s targeting Australians through a service many of us trust: HotDoc, the online medical appointment platform. Scammers are pretending to offer refunds or rebates, deceiving people into handing over personal and banking information.

How It Works:
Victims receive a text or email that looks like it’s from HotDoc, often claiming they’re owed a refund or that urgent action is required on a Medicare rebate. The message includes a link to a fake website designed to look legitimate, where people are asked to enter personal details or banking information. Scammers create a sense of urgency, claiming the refund will expire or action is required immediately to pressure people into acting quickly.

Our Tips:
Check the sender and links carefully. Genuine HotDoc communications come from official addresses such as hotdoc.com.au. Never click on unexpected links, instead, type the HotDoc website into your browser directly. Look for personal details in messages, generic greetings can be a red flag. If you’re unsure, contact HotDoc or your clinic directly.

The Fake Bunnings Tool Pack Scam
Since the beginning of January, IDCARE has supported multiple clients impacted by scams impersonating Bunnings. Scammers are using fake Facebook surveys to deceive people into giving away personal and banking information.

How It Works:
Victims see Facebook posts claiming they can purchase heavily discounted tool packs for a small delivery fee after completing a short questionnaire. Clicking the link takes them to a fraudulent Bunnings branded website, where they’re asked to provide personal information including their full name, address, phone number, email address, and bank card details.

Our Tips:

• Be cautious of ‘too-good-to-be-true’ deals on social media.
• Never click links in unexpected posts or messages—go directly to the official website.
• If you notice unusual activity or think your banking details may have been shared, contact your bank immediately and monitor your accounts closely.