Fraud
Latest scams, phishing messages and fraud alerts
How to report suspicious messages
Forward (then delete) suspicious emails to phish@stjohn.org.au
How to spot a scam
Think before you respond. Is St John really contacting you?
- We’re stopping the use of links in unexpected texts.
- Verify unexpected invoices or bills sent to you from St John.
- If you get an unexpected text message claiming to be from us, don’t click on the link.
- We’ll never ask you to download programs directly from our site. We’ll always direct you to the appropriate download source.
- When sending phishing emails, criminals sometimes set the sender’s name as “St John Ambulance”. This doesn’t mean our systems have been breached, it simply means a criminal is impersonating our brand.
Example of a fraudulent message
These screenshots demonstrate how criminals attempt to phish St John customers by sending emails that appear to come from a legitimate St John email address.
Criminals will often use language that creates a sense of urgency to trick the recipient into taking action.
The examples shown encourage the recipient to view a fake overdue invoice. If the recipient clicks the ‘View Invoice’ link, they are asked to login with their Microsoft account credentials to view the fake overdue invoice. The criminal would then take a copy of the Microsoft credentials entered by the recipient and may use them to gain access to other online services.
