How to spot a brand impostor
Phishing's older cousin: domains, social handles, and email accounts that pretend to be a legitimate brand.
What it is
A brand impostor is any account, domain, or page set up to look like a legitimate organisation. Common targets are banks (ANZ, CommBank, Westpac, NAB), exchanges (Coinbase, Binance), retailers (Amazon, eBay), and government agencies (Auspost, MyGov, ATO). The impostor uses the brand's logo, colours, and copy to build trust before asking for money or credentials.
The five signs
(1) Wrong domain. Real ANZ is anz.com.au, not anz-au-login.com. (2) Wrong social handle. Real CommBank on X is @CommBank, not @CommBank_Au_Verify. (3) Asking for things the real brand would not ask for, like your full credit card number plus the security code. (4) Artificial urgency, like 'verify within 15 minutes or your account closes'. (5) Small visual details that are off: fuzzy logo, wrong shade of brand colour, footer with no proper company registration details.
Where AVA fits
For any domain or social handle you can paste in, AVA combines multiple independent signals to produce a 0-to-100 trust score with explainable reasoning. See the public how-it-works summary for our methodology overview.
What to do
Type the brand's real domain into your browser yourself. Do not click links from unsolicited messages. If you receive something that claims to be from your bank or exchange, call the brand using a number you find independently.
Practice spotting this in AVA Scam Hunter
The more you see, the faster you spot. Play AVA Scam Hunter — free, 3 minutes, no signup needed.
📚 Read the full lesson at AVA Academy
This page is a quick spotter card. The full plain-English lesson lives in the AVA Academy. Read the Brand Impostor lesson → or browse all 9 lessons.