We're working all the time to better safeguard your financial and personal information. To help better protect you against scams, this page will provide information on some of the scams around at the moment.
The following are some scam email examples reported to us in the previous months. To better assist you, we've highlighted some of the ways that can help you spot a scam email.
The Australian Securities and Investments Commission (ASIC) is warning their customers to be vigilant of scam emails purporting to be from ASIC. The email asks recipients to view an important message from ASIC. Clicking this link may lead to malicious software being installed onto your machine, which could be used to compromise your online activities, including your banking activities.
Malicious software alerts
The following are recent examples of some signs that your machine may be infected with malicious software such as a trojan or virus.
Email Subject Line: Bill INV with reference number
By clicking the link or opening the invoice attached to this message there is a strong possibility your computer will be infected with malicious software, which will compromise your online activities, including your banking.
DO NOT click any links or open any attachments in this email. If you have clicked any links within this email we strongly recommend you install Trusteer Rapport to your device, go to bankofmelbourne.com.au/trusteer
Fraudsters don't only strike online. There's been an increase in phone scams where the caller claims to be from a reputable organisation offering to assist with a computer issue. They then attempt to take control of or access your computer. Do not allow this under any circumstances, just hang up.
Also, be particularly vigilant if you’re asked to disclose any Internet Banking sign in details or Secure Code sent to your mobile. Again, just don’t do it.
Remote access phone scam example
Max uses the internet for everyday purposes - emails, receiving and paying bills and keeping in touch with his grandkids via social media.
One morning Max receives a phone call from a utility provider. The caller advises Max that they have identified a fraudster and want his help catching them. Eager to help, Max follows instructions to install a piece of software. The caller asks Max to activate the software so that they can track the fraudster, and tells him that he will receive some money into his cheque account.
He signs into his online banking and confirms his account balance. The caller then tells him that they have almost caught the fraudster, and that he should now have received a deposit into his account, so Max logs back in to check. Max confirms the balance in his cheque account is higher, and is instructed to return the deposited funds to the utility provider, by withdrawing it as cash at his nearest branch and returning via a money transfer agent.
Max is waiting for a teller at his local branch and gets a call from Bank of Melbourne about some unusual online banking activity. Max has been told not to talk to anyone about this transaction but when the banker starts to explain some of his recent transactions, he starts to feel uneasy about withdrawing the cash from his account.
Unbeknownst to Max, this morning’s caller was not a utility provider, but a fraudster that had transferred funds from Max’s credit card to his cheque account, claiming this transaction as their deposit. The software Max had installed allows information, or control of the computer to be shared remotely to another user, this is known as remote access software. This permitted the fraudster to watch every move Max made on his PC, including the time he was signed into his online banking.
Max is lucky that Bank of Melbourne called, the local tellers were able to assist in reversing the transaction back to his credit card; however he could have been out of pocket as Bank of Melbourne Secure may not have applied.
Protect your Secure Code like you would a password or PIN
To protect the security of your accounts, never disclose your Secure Code – or any Bank of Melbourne Internet Banking access codes – to others.
Other recent phone scams involve hoax callers claiming to be bank employees, who then request customer account or personal details. For better protection from phone scams:
- Keep all access codes (e.g. ATM password, card PIN, Internet Banking password, Secure Code we send to your mobile) secret and secure. We’ll never ask for this information over the phone or on email.
- Never give a stranger remote access to your computer
- Do not give out your personal, account or online details unless the phone number comes from a trusted source
- Keep your computer protected by running security software purchased from trusted source
- If you're unsure, ask for a reference number and call back on a trusted number (i.e. phone book) to confirm if the call was genuine
- If you think you have provided your personal details to scammers, or given them access to your computer, contact us immediately on 13 22 66.