Latest scams, phishing messages and fraud alerts

How to report suspicious messages

Forward (then delete) suspicious emails to phish@stjohn.org.au

How to spot a scam

Think before you respond. Is St John really contacting you?

• We’re stopping the use of links in unexpected texts.
• Verify unexpected invoices or bills sent to you from St John.
• If you get an unexpected text message claiming to be from us, don’t click on the link.
• We’ll never ask you to download programs directly from our site. We’ll always direct you to the appropriate download source.
• When sending phishing emails, criminals sometimes set the sender’s name as “St John Ambulance”. This doesn’t mean our systems have been breached, it simply means a criminal is impersonating our brand.

Forward (then delete) suspicious emails to phish@stjohn.org.au

Example of a fraudulent message

These screenshots demonstrate how criminals attempt to phish St John customers by sending emails that appear to come from a legitimate St John email address.

Criminals will often use language that creates a sense of urgency to trick the recipient into taking action.

The example shown above encourages the recipient to view a fake overdue invoice. If the recipient clicks the 'View Invoice' link, they are asked to login with their Microsoft account credentials to view the fake overdue invoice. The criminal would then take a copy of the Microsoft credentials entered by the recipient and may use them to gain access to other online services.