SMSF investors: How to avoid getting scammed

An increasingly prevalent type of scam, and one that SMSF trustees need to be mindful of, is business email compromise scams, also known as payment redirection scams.

These are scams where criminals hack a business’s email and may send invoices or payment requests that look identical to previously received documents, except for a change of bank details.

In 2024, Australians lost $153 million to these types of scams, making them the third-largest by loss that year.

Investment bonds

Impersonation scams are one of the latest threats specifically targeting investors. This is where criminals impersonate real businesses and offer fake investment bonds that they claim are protected by the government. 

They provide convincing documentation that may be copied from legitimate financial institutions, often use the name of a real person working at a bank and can also set up fake comparison websites to lure investors. Recently, ScamWatch was aware of a criminal impersonating Bunnings in one of these types of scams with a fake website.

To avoid these imposters, always be wary of surprise contacts offering ‘low-risk, high-return’ investments, whatever avenue they use – email, text, phone – and always independently verify who you are dealing with.

In Australia, a company or financial professional must hold an Australian Financial Services (AFS) licence or be an authorised representative to sell investments. You can check whether a person or company is licensed by the Australian Securities and Investment Commission (ASIC) or is an authorised representative on the ASIC Connect Professional register. You can also check ASIC’s financial advisers register.

Also, verify the company details offered via independent web searches and by calling the number provided on the public website rather than any number provided by a cold caller or in an email.

Fake IPOs

These are scams in which scammers impersonate companies raising capital via initial public offerings (IPOs). These crooks are also getting increasingly clever and know how to coordinate their campaigns with legitimate company listings.

You would probably be wary if you received an unsolicited phone call offering a ‘too-good-to-be-true’ chance to get in on an IPO, but you might not be so hesitant if you saw an advertisement for that IPO, which asked you to register your interest. If that first contact was followed up with a prospectus and a phone call, you would probably think it was legitimate, but this is one way people are being caught by scammers.

If you are truly interested in an IPO and believe it will be a good investment for your SMSF, end contact with the cold caller/emailer/texter immediately and contact your broker or financial adviser to ask them for the prospectus and application form.

Crypto scams

Cryptocurrency accounted for over 22% of losses by payment method, or $71 million in 2024, according to the Targeting Scams report. Like many of the latest scams, criminals in this space are getting increasingly sophisticated. They use cryptocurrency because it is not easily recovered and can be used in fast international transactions. Unfortunately, if you lose money in a cryptocurrency scam, your money will be hard, if not impossible, to recover.

Be sceptical about any investment offer, however it comes to you, that offers guaranteed high returns with low risk, especially if it involves cryptocurrency.

Don’t download a crypto trading app from any unverified link, don’t sell mystery tokens in your crypto wallet, and don’t invest in any initial coin offering from an unverified source.

In short, just be very cautious of anything involving crypto. While you are technically allowed to invest in crypto in your SMSF, the ATO strongly encourages SMSF trustees to seek independent advice around investing in crypto assets.

Protect yourself

Scamwatch offers these tips to identify potential scams and stay out of harm’s way:

• Never send money or give your personal information, credit card, online bank or cryptocurrency account details to anyone you don’t know, especially if you’ve only met them online, through email or over the phone.
• Never click on links in text messages or open attachments in emails if you were not expecting the text or email.
• Avoid any arrangement that asks for up-front payment via bank transfer, PayID or cryptocurrency, like Bitcoin. It is rare to recover money sent this way.
• Be cautious of anyone making contact via encrypted message platforms. These platforms are commonly used by scammers.
• Know who you are dealing with. Contact the business or organisation via phone numbers sourced from an independent internet search.
• Don’t be pressured to act quickly. A legitimate business or agency will not require you to act immediately.
• Remember to update passwords to your online accounts regularly and use strong passwords, passphrases or a password manager.

Source: Scamwatch

What to do if you are scammed

If you think you have been, or are being, scammed, act quickly. End the call and stop sending money. Contact your bank or card provider immediately to put a stop on your account or credit card.

Report the scam to Scamwatch and you can also report it to police.

Australia’s national identity and cyber support service IDCARE may be able to help you limit the damage, especially in the wake of recent data breaches. You can also make a complaint to the Australian Financial Complaints Authority (AFCA) if you don’t believe your bank or financial institution has taken appropriate action. 

And don’t forget to watch out for follow-up scams, because a scammer is more than likely to try again if they have already been successful. They may even offer to try and help you get your money back, only to take more money.

If you suspect you have been scammed, know you are not alone and that it can happen to anyone, regardless of their financial expertise and knowledge.