Types of fraud

• Phishing
• Identity theft
• Viruses and Trojans
• Spyware and Adware
• Card skimming
• Job and employment scams
• Phishing over the phone
• Phishing by SMS
• Other mobile scams
• More about scams and how to report them

Phishing – scams that request your account information

"Phishing" is a form of Internet fraud that aims to steal valuable information such as card numbers, user IDs and passwords. A fake web site is created to look similar to that of a legitimate organisation, typically a financial institution such as a bank or insurance company. An email or SMS is sent requesting that the recipient access the fake web site and enter their personal details, including security access codes. The page looks genuine but users entering information are inadvertently sending their information to the fraudster.

Find out more about current hoax emails, how to recognise them and what to do with them..

Identity theft

Identity theft is on the increase in Australia. It can take many forms, from fraudulent credit card use, to your entire identity being used to open accounts, obtain loans, and conduct other illegal activities.

Be suspicious if anyone asks you for your personal information. Scammers use convincing stories to explain why you need to give them money or personal details.

Here are 7 simple strategies to help protect your financial identity:

• Ensure your letterbox is locked and check it for tampering. If you'll be away from home for an extended period, arrange for mail to be held at your local post office or have a friend collect it.
• Safely dispose of personal and financial information such as account statements, bills and receipts, by tearing or shredding them before throwing them away
• Sign up to electronic statements, which can be viewed and downloaded when banking online: eStatements are also good for the environment
• Check you've received all expected bills and statements as a missing statement could mean a thief has removed it from your mailbox
• If you are moving house update your details straight away: Call us on 13 22 66
• Do we have your mobile or telephone number? Knowing your current contact details will enable us to contact you quickly if suspicious activity is detected
• Set up a verbal password - it’s like an extra layer of security used during Telephone Banking that makes it harder for a fraudster to assume your identity. Just call 13 22 66 anytime to activate.

Always take your time to check whether a request is genuine. You can verify Bank of Melbourne requests by calling us on 13 22 66 anytime.

Viruses and Trojans

Viruses and Trojans are harmful programs that are loaded onto your computer without your knowledge. The goal of these programs may be to obtain information, hinder the performance of your computer, or flood you with advertising.

Viruses spread by infecting computers and then replicating. Trojans appear as genuine applications and then embed themselves into a computer to monitor activity and collect information.

Using a firewall and maintaining current virus protection software can help minimise your chances of getting viruses and inadvertently downloading Trojans.

Find out more about how to secure your PC against Viruses and Trojans.

Spyware and Adware

When clicking on pop-up advertisements – ones that “pop up” in a separate browser window – it’s possible you are also downloading “spyware” or “adware”. These programs often come bundled with free programs, applications or services you may download from the Internet.

Spyware or Adware software covertly gathers your user information and monitors your Internet activity, usually for advertising purposes.

Be cautious about clicking on Internet banners and pop-ups or downloading free programs. Maintain current security software to detect and remove spyware.

Find out more about how to secure your PC.

Card skimming

Card skimming is the illegal copying and capture of magnetic stripe and PIN data on credit and debit cards. Skimming can occur at any bank ATM or via a compromised EFTPOS machine.

Captured card and PIN details are encoded onto a counterfeit card and used to make fraudulent account withdrawals and transactions.

ATM Skimming

Fraudsters can attach false casings and PIN pad overlay devices onto genuine existing ATMs, or they can attach a camouflaged skimming device onto a card reader entry used in tandem with a concealed camera to capture and record PIN entry details.

EFTPOS skimming

A foreign device is implanted into an EFTPOS machine that is capable of copying and capturing card and PIN details processed through the machine.

A compromised EFTPOS terminal can only be detected by a physical inspection. However, you may witness suspicious merchant behaviour that needs to be immediately reported to us:

Examples of suspicious merchant activity

• Your card is taken out of your sight to process a transaction
• You card is swiped more than once
• Your card is subsequently swiped through a second EFTPOS terminal

How to spot an ATM Skimming Device

Before you insert your card into any ATM, take a moment to check for evidence that the ATM has been compromised with a skimming device. The three areas to inspect are:

• ATM casing
• Card reader entry where you insert your card
• PIN pad buttons you use to enter your PIN

What to look for

• ATM casing
  • Foreign objects attached
  • Evidence of damage or tampering
  • Panels that don’t fit snugly together
  • Holes in the casing panel may indicate that a camera has been inserted
• Card reader entry
  • Any object placed over the card reader. A skimming device is often “piggy backed” onto the existing card reader.
  • Card entry slot not straight
  • Glue or tape residue around the card reader entry
• Keypad
  • Keypad is loose and not fitting flush with the rest of the ATM
  • Keypad is a different colour to the rest of the ATM

If you see any of these signs on an ATM immediately report it.