Fraud and scams

COVID-19 related scams and phishing emails

There has been a significant increase in Australians being targeted with COVID-19 related scams and phishing emails.

These phishing emails are sophisticated and are targeting people’s need for information during this crisis and imitating trusted and well-known organisations or government agencies. Clicking on these malicious links or visiting fake websites may install computer viruses, malware or ransomware onto your device. This gives the scammers an opportunity to steal your personal and financial information.

Please, if in doubt, do not click a link.

To see the current scams going around and report a scam please visit ScamWatch.

Email Scams

Internet banking consumers have always been targeted by a range of email scams involving various hoax emails. The hoax emails have been sent to large numbers of email addresses in anticipation of at least some reaching users of online banking facilities. Because of the large number of emails involved and the random nature of the hoax, these frauds are often called 'phishing'. The hoax emails seek to trick online banking consumers into disclosing confidential financial information such as their Internet banking login and password details, thereby providing the perpetrators of the fraud with illegal access to their accounts.

The emails can look very professional and give the appearance of coming from a legitimate financial institution. Techniques that have been used so far include:

• asking consumers to update their login and password details for 'security' purposes. The users are directed to an authentic looking but false website. In some cases, the website address is also very close to that of the targeted financial institution. When users try to login to their accounts, their login and password details are captured;
• luring users into opening emails or attachments that secretly install 'Trojan' virus programs. Trojans are computer programs that secretly install themselves on a user's computer without the user even knowing about it. In the case of online banking fraud, Trojans are used to log and capture key strokes (such as Internet Banking passwords, etc);
• falsely alerting consumers to suspect transactions on their account. If the recipient follows the link embedded in the email, a virus covertly installs a Trojan program that logs key strokes; and
• directing a user to a false website (such as one email purporting to come from the federal police) where a Trojan program is installed to log key strokes.

Having used these or similar techniques to capture login and password details, fraud perpetrators are then able to illegally access accounts and withdraw funds.

Please note Australian Mutual Bank will NEVER:

• ask for your Internet Banking login details or credit card details via phone or email
• use email to send you a link to an Internet Banking login page
• ask you to communicate your passwords to the bank in any form

Job Scams

Members should also be alerted to a number of fraudulent job scams advertised on the Internet which entice users to act as money transfer agents for a third party. Consumers are duped into using their own accounts to transfer money for third parties as part of an ostensibly legitimate business transaction for a commission based on a percentage of the transfer. In fact, they become part of a money laundering operation for transferring stolen money. Again, these false job websites appear very professional and can be very convincing.

Members should exercise extreme caution with any online job offer where you are asked for your personal and banking details.

Identity Theft

Identity theft occurs where a criminal obtains the personal details of an individual to masquerade as that individual and, typically; transfer funds, obtain cash, secure loans and other financial benefits. The individual is then left to deal with the debts so incurred along with the associated legal implications.

Identity theft can occur when a fraudster gets access to your personal information such as your date of birth, your address, your driver’s licence number and information from utilities, phone and bank account records.

This can be obtained through:

• email scams such as those mentioned above
• similar telephone scams; and
• theft of your records and/or mail.
  
  

Members should:

• keep responsible care of all personal information to minimise the risk of loss/theft (eg. by keeping tax records and other financial documents in a safe place);
• minimise the risk of mail theft by securing your mailbox (eg with a padlock);
• cancel unused credit union/bank/utility/phone accounts;
• securely dispose of any documents that may contain personal details (such as account statements, credit card transaction slips, bills, etc);
• regularly obtain a copy of your personal Credit File to make sure there is no unusual activity on your file; and
• promptly report to the police any loss or theft of personal documents.