Key points:
- Scammers are impersonating ASIC by sending text messages which label 'ASIC' (known as an alpha tag) as the sender
- ASIC does not send text messages using alpha tags
- Do not engage and always delete any such message received from 'ASIC'
ASIC has become aware of scammers sending text messages that fraudulently seem to be from ASIC. Scammers are using alpha tags to trick consumers into thinking they are dealing with ASIC to obtain their personal and financial information.
ASIC does not communicate using text messages, including to:
- ask you to provide or update your personal details / financial information
- renew your business name through our registry service
- confirm receipt of reports of misconduct
- offer to assist with lost investments
- ask for payment of fees.
What are alpha tags?
Alpha tags are alphanumeric sender identification labels used in text messages to display the name of the sender, often an organisation, instead of a phone number.
For instance, instead of receiving a message from an unknown number, you might see the name of your bank or a government agency as the sender.
While alpha tags offer a sense of authenticity and professionalism, they can be easily manipulated by scammers to create a false sense of trust.
Below is an example of a scammer impersonating ASIC using alpha tags.
Scammers have recently been impersonating ASIC in several ways, including through fake emails, text messages and documents. We have a webpage dedicated to these ASIC impersonation scams, with information on distinguishing between them and genuine ASIC emails, recent alerts, and how to notify ASIC when it may have been impersonated.
How to protect yourself?
To protect yourself against alpha tag scammers, consider the following precautions:
Verify the sender
Stop and check. Do not reply to any message with an alpha tag until you have been able to independently verify the sender's authenticity. Contact the organisation directly using a known and trusted phone number or email address.
Avoid clicking on links
Never click on links or download attachments from unsolicited messages. Instead, visit the organisation's official website by typing the URL directly into your browser.
Enable Multi-Factor Authentication
Enhance your account security by enabling multi-factor authentication (MFA). This adds an extra layer of protection, requiring multiple forms of verification before granting access to your accounts.
Stay informed
Keep yourself updated on the latest scam tactics by subscribing to alerts from cybersecurity institutions, such as the Australian Cyber Security Centre, your service providers such as banks and utility providers, and Australia's National Anti-Scam Centre.
Report suspicious activity
If you receive a suspicious message, report it to the legitimate organisation being impersonated. You should also block the sender of the suspicious message and report it to your mobile phone provider.
Future protection
The Australian Communications and Media Authority is developing an SMS Sender ID Register to help protect alpha tags from impersonation by scammers. The Register is anticipated to commence by 15 December 2025.
Background
Be alert to scams
If you see these scams, it's important to remember to:
STOP - Do not engage with the text message, including responding with any personal information. If you feel unsure, simply delete the message.
CHECK - Scammers can create fake alpha tags which can convey a false sense of legitimacy. Always check ASIC's website to check if there have been any previous alerts published. If you can't find an alert, it doesn't mean you can trust the text message.
PROTECT - Act quickly if something feels wrong. If you have shared financial information or transferred money, contact your bank immediately. Help others by reporting scams to Scamwatch.
Think you have been scammed?
If you think you've been scammed, take these steps fast:
- Do not send any more money. Block all contact from the scammer.
- Report it to your bank or financial institution. Contact your bank or financial institution and ask them to stop any transactions. If you are not happy with your financial institution's response you can lodge a complaint with them. If you are not happy with this response, you can make a complaint to the Australian Financial Complaints Authority.
- Contact IDCARE, a free government-funded service, which can help to develop a specific response plan if your identity has been compromised. IDCARE will never contact you out of the blue.
- Be wary of follow-up scams promising to help get your money back.
- Report it to Scamwatch to help stop the scammer.
- Warn your family and friends about the scam.
Go to what to do if you've been scammed for more detailed steps.