How to avoid email scams and use email safely

Scammers often send emails to a large number of addresses, hoping that someone will reply and fall victim to their scam. If you only share your email address with people or organisations you know and trust, you can stop some of these emails from reaching you.

Try not to post your email address on social media or other public websites. These websites usually allow you to change the settings of your account, so only those you trust can see your details.

It’s also a good idea to set up separate email accounts to use for business and personal reasons. You might even set up a completely different email address to use for online shopping, email newsletters or certain forms.

Whenever a site asks for your email address, be sure to read their privacy policy or statement first. Our privacy statement explains how we protect the privacy of your personal information.

Phishing emails are not always easy to spot, as they are often made to look like they are from well-known organisations. The scammers might use logos or fake contact details or email signatures to try to convince you that the email is from an organisation you know.

The Australian Cyber Security Centre (ACSC) has a range of resources to help you identify a phishing scam.

If you have requested a change to your personal details, for example, your password or email address, we may send you an email asking you to confirm the change. However, we will always send you a link to our secure Member Online service to do this.

If you need to verify that a GESB-branded message you have received is legitimate, please call us on 13 43 72. We can give you details of any genuine emails we have sent you.

Watch out for emails from people or companies you don’t know or that you aren’t expecting. These can be genuine emails, but it pays to check carefully.

Our emails always display our name ‘GESB’ as the sender. We send all general communications to our members from the address, ‘gesb_noreply@gesb.wa.gov.au’.

If you have submitted an online form, you will receive confirmation from ‘websiteforms@gesb.wa.gov.au’.

If you are attending a webinar, emails about the event will be sent from our webinar platform, ON24. This email address is ‘do_not_reply@on24event.com’.

If we need to contact you directly about your account, for example, if we are responding to an enquiry or request you’ve made, then we use the address ‘memberservices@gesb.com.au’.

Here’s an easy trick to help you check whether a link provided in an email is legitimate.

Simply hover your mouse over the buttons and links in an email without clicking. You’ll see the destination website address appear. If this does not include the company’s real website address, do not click.

Links in our emails will always contain our website address: gesb.wa.gov.au.

Emails from us will only ever include a link directly to Member Online when you have requested a change. For example, you may have changed your password or email address.

If you have a Member Online account, always login by typing ‘gesb.wa.gov.au’ in your browser and then clicking the ‘login’ button. You can ensure that the website address is correct by checking that it starts with mol.gesb.wa.gov.au.

Confirm that the page is secure by ensuring a padlock or tune icon appears in your browser.

Always select 'logout' and close your browser once you have finished.

The only time we will email you a link to your account information is when we send you a personalised link to your online annual member statement summary.

Before you click the personalised link in your statement email to go to your statement summary, always check the link in the email starts with 'e.gesb .wa.gov.au'.

Once you arrive at the 'Confirm your details' page of your statement summary, check the website address starts with 'statements.gesb.wa.gov.au'. Confirm that your data is encrypted by ensuring a padlock symbol appears in your browser.

Always select 'logout' and close your browser once you have finished viewing your statement summary.

For more information, see our Statement summaries: security and system requirements page.