Find out how to spot a hoax email and what to do if you suspect you've received one.

Main content

‘Phishing’ is a form of Internet fraud that aims to steal information (including personal information) such as user IDs and passwords. A fake web site is created to look similar to that of a legitimate one and an email or SMS is sent requesting that the recipient access the fake web site and enter their personal details, username and password. The page looks genuine but information entered is sent to the fraudster.

Phishing affects all companies and most phishing scams end up on spam filters etc and do not get accessed. The following information is to assist you if you suspect that you may have received a hoax email.

Some hoax emails can look very real but most are easy to identify because they often contain grammatical and spelling errors.

Some ways to spot a hoax email

  • Does it instruct the user to click on a link to a login page, open an attachment or call a number? Does it ask for login details?
  • Does the email have poor grammar and punctuation? Check the sender’s email address; does the email appear to come from a legitimate source?
  • Check the URL in address field. If in doubt you should go to and login to My Account from there.

What should you do if you suspect that you have received a hoax email?

  • Do not click on any links or open any attachments within the content of the email.
  • Do not respond directly or provide information (including personal information) without verifying the legitimacy of the request either by checking the information on our website or by calling Austrade on 13 28 78.
  • If you are using a computer in an office/corporate environment it is good practice to inform your systems administrator or IT department of any suspicious emails.

Further information