Reports of scammers posing as Chinese police to target international students have more than doubled, prompting a Chinese ambassador to call for action to protect vulnerable students.
Former Chinese Consul General in Sydney, Limin Zhou, said internationals need more education on how to avoid scams. “Most international students are young and lack social experience, making them easy targets for telecom fraudsters.”
According to the Australian Competition and Consumer Commission (ACCC) scammers posing as Chinese police more than doubled in August, with a total of 1,244 reports this year and $8.7 million in losses to the scam.
ACCC Deputy Chair Catriona Lowe said: “We are very concerned by the rising number of reports we have had from Chinese students, who are understandably terrified by the threatening nature of these scams.”
Mr Zhou agreed, saying scam victims suffered significant financial and emotional trauma. Their lack of English language skills and reluctance to “cause trouble” with authority figures made them vulnerable to scammers.
“Scammers often pretend to be someone you trust or someone official, like a government figure,” he said. “They use big-sounding words and logos that look real. For example, they might act like they’re from the immigration office, making students believe they have a visa or academic issues, playing on students’ reluctance to create problems in their new home.”
Students believe them because they sound official: “It is crucial to emphasise that scammers may employ seemingly official phone numbers to make calls or send text messages directly to students.”
Mr Zhou pointed to the real-life case in which scammers successfully extracted more than $1 million from one international student based in Sydney. The student, Johnny*, was told his bank card was suspected of being involved in money laundering and had been seized by Shanghai Customs.
The “Shanghai Public Security Bureau” said he was a suspect in a major international money laundering case and he was sent what looked like an official wanted order from China’s legal authority, the Supreme People’s Procuratorate. He was threatened with arrest and deportation unless he paid 1.6 million RMB ($345,359 AU).
“Johnny” was instructed not to discuss the case and told to install an app on his phone so he could report to the “police” every two hours. When he said he didn’t have the money the scammers started targeting his family.
He was instructed to create images and videos of himself bound, beaten, and pleading to be rescued. The scammer impersonated “Johnny” on WeChat and told his parents he had been kidnapped.
His parents believed what they were seeing and transferred the money to the scammers.
“These cases have caused not only significant financial losses but have also resulted in severe mental stress for the affected students and their families, which deeply saddens us,” Mr Zhou said.
Scammers leverage a multifaceted approach to access personal data through external procedures. Their methods often include phishing, social engineering, and exploiting security flaws.
● Phishing Attacks: The Australian Institute of Criminology’s Reporting Experiences and Support Needs of Victims of Online Fraud report found Phishing is the digital bait scammers use to hook unsuspecting victims. “It often involves deceptive emails or websites that appear legitimate but are designed to extract sensitive information like usernames and passwords,” the report reveals.
A scenario for Phishing Attacks could be a student from the University of Sydney receives an email that appears to be from the University’s official account. The subject line reads, “Urgent: Verify Your Student Account.” The student clicks on the link. The scammers now have access to the student’s university credentials.
● Social Engineering: The Cyber Risk and Cybersecurity: the University of Limerick, Ireland conducted a systematic review of data availability study that found social engineering tactics prey on human tendencies to trust and comply. Scammers pose as trusted entities, convincing individuals to provide personal data willingly.
A scenario could be: A Chinese international student receives a call on his/her mobile phone. The caller ID displays the number as originating from the National Embassy of China in Australia. The student answers the call, believing it’s a genuine communication from the embassy. The scammer, skilled in social engineering, speaks in a polite and official tone, tells the student there is an issue with her visa status, and her documents need immediate verification. The student shares her bank account information with the caller. The scammer has succeeded in extracting her personal and financial data.
● Exploiting Security Flaws: The Australian Cyber Security Centre (ACSC) Annual Cyber Threat Report found scammers exploit software weaknesses to infiltrate networks and access sensitive information. Regular software updates and patches are vital in mitigating this risk.
A typical example could be: Scammers target a popular mobile banking app, exploiting a vulnerability that allows them to access accounts without passwords or two-factor authentication. After testing their approach on fake accounts, they select high-value targets. Using deceptive messages, they trick users into clicking a phishing link, gaining access to their accounts and sensitive financial data.
HELP IS AVAILABLE
If you think you have been scammed you can report this to Australia’s National Anti-Scam Centre – Scamwatch by logging onto scamwatch.gov.au
Sydney University provides resources to students to help report scams and navigate potential scam-related risks through Student Support Services as well as the Student Wellbeing team and Sonder app.
*Not his real name. Real name withheld on request