I
Back to articles

Foundations.

Common Scam Scripts: Recognising the Patterns Before You Fall for Them

I

Illuminvest

|10 min read

Scammers are not creative. They use the same scripts, recycled and refined, because the scripts work. The details change (names, platforms, current events) but the underlying structure remains constant.

This is good news for potential victims. Once you recognise the pattern, the disguise falls away. The urgent message from your "bank" stops being alarming. The too-good-to-be-true investment stops being tempting. The romantic interest who needs money stops being sympathetic.

This article catalogues the most common scam scripts targeting Australian investors. It explains how each works, what makes it effective, and what to do if you encounter one.

This is general educational information, not personal financial advice.

The Urgency Script#

How it works:

You receive a message (email, SMS, phone call) warning of an urgent problem. Your account has been compromised. A suspicious transaction has been detected. Your tax file number has been used fraudulently. You must act immediately or face consequences: frozen accounts, legal action, financial loss.

The message provides a link to click, a number to call, or instructions to follow. These lead to the scammer, who captures your credentials, installs malware, or convinces you to transfer funds.

Why it works:

Urgency bypasses critical thinking. When you believe you have seconds to act, you do not pause to verify. The emotional state of fear overrides the rational processes that would normally detect the deception.

The authority of the supposed sender (bank, government agency, tax office) adds credibility. Legitimate institutions do contact customers about problems, so the premise is not inherently implausible.

Red flags:

  • Unexpected contact about a problem you were not aware of
  • Immediate deadlines ("within the next hour" or "today")
  • Requests for credentials, PINs, or remote access
  • Pressure to stay on the line or not contact anyone else
  • Generic greetings ("Dear customer") rather than your name

What to do:

  • Stop. Do not click links, call provided numbers, or follow instructions.
  • Verify independently. Use contact details from the official website or your existing records to contact the institution directly.
  • Report. Forward suspicious emails to the institution being impersonated and to Scamwatch.¹

The Guaranteed Returns Script#

How it works:

An investment opportunity promises exceptional returns with no risk. The returns are guaranteed. The strategy is "proven." Past performance is presented as evidence of future results. You may see screenshots of account balances, testimonials from satisfied investors, or charts showing consistent growth.

The opportunity is often presented as exclusive or time-limited. Early investors are rewarded. Late investors miss out.

Initial investments may even produce returns, funded by new investor money. This builds trust and encourages larger investments. Eventually, withdrawals become difficult or impossible. The scheme collapses or the operator disappears.

Why it works:

The promise of high returns with low risk is emotionally appealing. It offers a solution to the fundamental trade-off that governs all legitimate investing. People want to believe such opportunities exist.

Social proof (other investors making money) and authority (professional-looking materials, credentials, endorsements) add credibility. Early "returns" create a track record that seems to validate the promise.

Red flags:

  • Returns that seem too good to be true (consistently 20%+ annually, guaranteed)
  • Claims of "no risk" or "guaranteed" outcomes
  • Pressure to invest quickly before the opportunity closes
  • Difficulty withdrawing funds or endless reasons for delays
  • Unverifiable track records or credentials
  • Unlicensed operators (check ASIC registers)²

What to do:

  • Verify the operator. Check ASIC registers to confirm licensing. Check for warnings or alerts.
  • Be sceptical of guarantees. No legitimate investment can guarantee returns.
  • Research independently. Search for the opportunity plus "scam" or "review." Look for complaints.
  • Report. Suspected investment scams should be reported to ASIC and Scamwatch.

The Secrecy Script#

How it works:

You are asked to keep the investment, transaction, or communication secret. Do not tell your family. Do not mention this to your bank. This is a private matter.

Secrecy serves two purposes: it prevents others from raising concerns that might break the spell, and it delays detection of the fraud.

This script often combines with others. The guaranteed returns opportunity must be kept quiet. The romantic interest's financial troubles should not be discussed with friends. The government agent warns that leaking information could compromise an investigation.

Why it works:

Secrecy creates a sense of specialness and trust. You are being let into an exclusive circle. The request implies that others would not understand or might interfere.

Secrecy also exploits embarrassment. Once someone has sent money based on a scam, admitting it to others feels shameful. The longer the secret is kept, the deeper the victim becomes invested.

Red flags:

  • Any request to keep financial dealings secret from family, advisers, or banks
  • Warnings that others "would not understand"
  • Suggestions that discussing the matter could jeopardise the opportunity or investigation
  • Isolation from normal support networks

What to do:

  • Treat secrecy requests as a major warning sign. Legitimate opportunities do not require you to hide them.
  • Discuss with a trusted person. A family member, friend, or adviser can provide perspective.
  • Contact your bank if asked to hide transactions. Banks have scam detection teams and can provide guidance.

The Impersonation Script#

How it works:

The scammer pretends to be someone you trust: your bank, a government agency (ATO, Centrelink, ASIC), your broker, or a well-known company. They use official-looking emails, spoofed phone numbers, and professional language.

The impersonation creates false authority. Instructions from your "bank" carry more weight than instructions from a stranger.

Common impersonation scenarios include:

  • "Your bank" calling about a security issue
  • "The ATO" demanding payment for a tax debt
  • "ASIC" warning that your investments are at risk
  • "Your broker" asking you to verify account details
  • "Technical support" from a major company claiming your computer is compromised

Why it works:

We are conditioned to trust institutions. An email that looks like it is from your bank triggers automatic credibility. Caller ID showing a familiar institution's name seems like verification (but caller ID can be spoofed).

The impersonator uses inside knowledge where possible (your name, partial account numbers, recent transactions) to seem legitimate. This information may come from data breaches or social engineering.

Red flags:

  • Unsolicited contact requesting personal information or action
  • Requests for passwords, PINs, or two-factor codes (legitimate institutions will never ask for these)
  • Pressure to act immediately
  • Requests to transfer money to "safe" accounts
  • Instructions to download software or grant remote access

What to do:

  • Hang up and call back. Use the official number from the institution's website or your records, not a number provided in the call.
  • Never provide passwords or 2FA codes. No legitimate institution will ask for these.
  • Verify independently. If you receive an email about your account, log in by typing the URL directly (not clicking links).
  • Report the impersonation to the real institution and Scamwatch.

The Romance Script#

How it works:

A scammer builds a romantic relationship with you over time, typically through dating apps, social media, or online communities. The relationship develops over weeks or months. They are attentive, caring, and seem genuinely interested.

Eventually, a crisis arises. They need money for a medical emergency, legal problem, business opportunity, or travel to finally meet you. The amounts start small and escalate.

There may be multiple crises. Each time you help, another problem emerges. The meeting is always delayed. Eventually, they disappear or continue extracting money indefinitely.

Why it works:

Romance scams exploit the human need for connection and the trust that develops in intimate relationships. After investing emotionally, victims want to help. Refusing feels like a betrayal of the relationship.

The scammer uses time strategically. By building the relationship slowly, they create genuine emotional attachment before making financial requests. The sunk cost of emotional investment makes it harder to walk away.

Red flags:

  • Online-only relationship with someone who cannot meet in person
  • Rapid declarations of love or commitment
  • Requests for money, especially via wire transfer, gift cards, or cryptocurrency
  • Stories that prevent meeting (military deployment, offshore work, travel restrictions)
  • Requests that escalate in frequency or amount
  • Reluctance to video chat or excuses for poor video quality

What to do:

  • Never send money to someone you have not met in person. This is the single most effective protection.
  • Verify their identity. Reverse image search their photos. Ask for video calls.
  • Discuss with trusted friends or family. Outside perspective can reveal patterns you cannot see from inside the relationship.
  • Report to Scamwatch and the platform where you met.

The Recovery Script#

How it works:

After falling victim to a scam, you are contacted by someone offering to help recover your money. They may claim to be law enforcement, a recovery service, or a lawyer specialising in fraud recovery.

To recover your funds, you must pay an upfront fee: processing costs, legal fees, taxes, or administrative charges. The fee is a fraction of what you lost, so it seems worthwhile.

The recovery never happens. The "recovery service" is the same scammer, or a different scammer who purchased victim lists. You lose more money.

Why it works:

Victims of scams are desperate for recovery. The emotional state that made them vulnerable to the first scam (hope, trust, urgency) makes them vulnerable to the second.

Recovery scammers know exactly who to target: people who have already demonstrated susceptibility. Victim lists are traded among criminals.

Red flags:

  • Unsolicited contact from someone claiming to recover your funds
  • Upfront fees for recovery services
  • Guarantees of recovery
  • Pressure to act quickly
  • Requests for personal or financial information

What to do:

  • Be deeply sceptical of unsolicited recovery offers. Legitimate law enforcement does not charge fees.
  • Report the original scam to authorities (ASIC, Scamwatch, police) rather than private recovery services.
  • Do not pay fees to recover money. This is almost always a second scam.

Safe Actions When You Suspect a Scam#

If you believe you may be targeted:

  1. Stop all communication with the suspected scammer.
  2. Do not send money or provide personal information.
  3. Verify independently using official channels.
  4. Talk to someone you trust about what is happening.
  5. Report to Scamwatch (scamwatch.gov.au) and relevant authorities.¹

If you have already sent money:

  1. Contact your bank or payment provider immediately. Some transactions can be stopped or reversed if reported quickly.
  2. Change passwords on any accounts that may be compromised.
  3. Report to authorities. This helps protect others and may assist recovery efforts.
  4. Seek support. Scam victimisation is traumatic. Counselling and support services are available.

Summary#

Scams follow predictable scripts: urgency (act now or face consequences), guaranteed returns (too-good-to-be-true investments), secrecy (do not tell anyone), impersonation (pretending to be trusted institutions), romance (building false relationships to extract money), and recovery (charging fees to recover previous losses). Each script exploits specific psychological vulnerabilities: fear, greed, trust, loneliness, and desperation. Recognising the patterns is the first line of defence. Safe responses include stopping communication, verifying independently through official channels, discussing with trusted people, and reporting to Scamwatch and relevant authorities. If money has already been sent, contact your bank immediately; quick action may enable recovery.

Sources#

  1. Scamwatch. (2024). Report a scam. https://www.scamwatch.gov.au/report-a-scam
  1. ASIC. (2024). ASIC Connect Professional Registers. https://asic.gov.au/online-services/search-asics-registers/
  1. Australian Competition and Consumer Commission. (2024). Targeting scams report. https://www.accc.gov.au/about-us/publications/serial-publications/targeting-scams-reports-on-scams-activity

Illuminvest provides general educational information only and does not provide personal financial advice. The content on this site is not intended to be a substitute for professional financial advice.

Back to all articlesView your progress