As the cleanup begins following the devastation of Cyclone Alfred across South East Queensland and Northern New South Wales, cyber security experts are urgently warning the public to remain vigilant against a surge of online scams preying on victims in the aftermath of the disaster.
AUCyber CEO Chris Wright said it was a sad reality that whenever there was hardship, scammers usually weren’t too far behind.
“We don’t want to see any more pain for people who have already suffered enough,” said Mr Wright. “Scammers are the lowest of the low and will take any opportunity to prey on people when they are at their most vulnerable—with their guard down, easy to scam.”
Listen to an extract of Rafe Berding, AUCyber’s Chief Corporate Affairs Officer on the 4BC Afternoons podcast.
Top Scams to Watch Out for as the Cleanup Begins
AUCyber’s Top 8 Tips to Protect Yourself During the Cleanup
Unannounced Contractors and Repair Scams
Fraudsters may show up at cyclone-affected properties, posing as contractors or insurance representatives. These scammers may offer to carry out quick repairs for an upfront payment but will disappear with the money and never complete the work.
Phishing Emails
Cybercriminals may impersonate insurers, sending emails claiming to verify or update your personal information. These emails can trick victims into revealing sensitive data, such as bank account details, personal identification numbers, or MyGov credentials, which can be used for identity theft.
Fake Donation Campaigns
Fraudulent pages claiming to raise money for cyclone victims often emerge across social media platforms, where donors are unknowingly funding criminal enterprises rather than legitimate relief efforts.
Impersonation of Government and Relief Agencies
Scammers may pose as representatives from organisations like the Australian Red Cross, Centrelink, or the Government, offering emergency assistance or housing and asking for sensitive information like Medicare numbers or bank account details.
Don’t Be Pressured into Quick Contracts
Avoid signing contracts under pressure, especially in the aftermath of a disaster. Take the time to read and understand any agreement.
Check the Sender’s Email Address
Ensure any email communication claiming to be from your insurer is legitimate by verifying the sender’s email address.
If in Doubt, Contact Your Insurer Directly
If you are uncertain about an offer or email, contact your insurer directly using known contact details to confirm its legitimacy.
Report Suspicious Activity
If you suspect a scam, report it to ScamWatch (Australia). Awareness is key to preventing further exploitation.
“The recent 2025 LA wildfires showed us just how quickly cybercriminals can exploit a disaster. Fraudulent charity campaigns, phishing schemes, and fake contractors were launched in the chaos, preying on the vulnerability of both victims and donors,” Mr Wright said.
