Scams are attempts by online criminals to collect information about you which can then be used to steal your money, personal and financial information. Everyone is a potential target for online criminals who specially craft scam messages to trick you into giving out your personal or sensitive information.

On occasion, BIG W identifies emails, SMS and phone scams that claim to be authentic communication from BIG W. They often look genuine, with features such as our logo and branding, imitated from our legitimate communications. The links provided in these scam messages direct you to fake websites that may visually look like the BIG W website but have a slightly different address that is not associated with our brand. For example, the link might take you to the website instead of

Please understand that BIG W will never email, message, or call you to ask for your personal or financial information, including your password, credit card details or account information. Our correspondence will prompt customers to log in to their BIG W account if we require you to update your personal information.

If you receive any suspicious messaging from BIG W, please forward it directly to for further investigation by our team. 

Below are some examples of recent scams that have been circulating.

Email phishing scams:

Phishing is a type of email scam where online criminals attempt to trick you into giving out your personal or financial information, which can then be used to steal your money and/or identity.  

Be suspicious of emails that:

  • Create a sense of urgency
  • Are from individuals or organisations that don’t usually contact you
  • Contain links that don’t relate to the emails content
  • Contain attachments you weren’t expecting
  • Request personal or sensitive information

Scams are becoming more prevalent and millions of dollars are lost to scams each year.  To find out more about scams and how to protect yourself visit the following Australian Government websites:

Responsible disclosure:

Security is core to our values, and we appreciate the input of security researchers acting in good faith to help us maintain a high standard for the security and privacy of our customers, team, business partners, and the communities we serve.

Woolworths expects security researchers to act with integrity and does not condone the engagement of the following activities:

  • Security research that involves potential or actual damage to Woolworths users, systems, applications, customers or partners.
  • Testing and research activities that violate laws and regulations, or in a way that would adversely affect our systems and data.

Woolworths expects security researchers to keep any findings confidential and to provide us a reasonable amount of time to resolve the issue before you disclose it publicly.

To report a potential security vulnerability to the Woolworths Group, email

For more information about how we handle your personal information in regards to Security Vulnerability Disclosures please see our collection notice here.