Someone calls from your bank. They are polite. They identify themselves and tell you there's a problem with your account. Perhaps a suspicious transaction and they need you to do something to protect your money. RED FLAG.
Create a free account to read this article
$0/
(min cost $0)
or signup to continue reading
Or you get an email or SMS telling you to click on a link to update your account. RED FLAG.
Australians are being warned about a surge in bank impersonation scams, which saw more than $20 million reported lost from 14,603 reports in 2022, according to ScamWatch.
Increasingly sophisticated and convincing, bank impersonations can come via phone calls, SMS, email or via a social media post, search engine result or advertisement.
These scams impersonate bank brands with criminals often posing as cyber security or fraud specialists. They are clever and slick and are trained to use words that will alarm you about your account but reassure you that they can help.
Criminals are getting adept at carefully constructing often complex communications that convincingly mirror those of the brand they are impersonating.
- Bendigo Bank's head of fraud prevention Jason Gordon
New wave
Bendigo Bank's head of fraud prevention, Jason Gordon, said bank impersonation scams are the new wave of phishing scams designed to trick the recipient into transferring money, or into providing personal information or banking details such as account numbers, passwords, and one-time codes.
"Criminals are getting adept at carefully constructing often complex communications that convincingly mirror those of the brand they are impersonating," Mr Gordon said.
Learn the signs of a bank impersonation scam
- There is a sense of urgency or threat to the message, like "your bank account has been accessed", "your bank account has been locked" "a payment has been made from your account. If this was not you, please call (phone number)".
- The message looks different to other messages in the SMS thread, such as different wording or phrases used.
- The message may contain a suspicious looking link. Never click on links you're not sure of.
- The SMS has a telephone number to call - always find your bank's phone number independently.
- A caller telling you to transfer money to a different account to 'keep it safe' or for 'further investigation'. A bank will never ask a customer to do this. It is a scam.
The Bank recently shared on its website an example of scammers targeting customers via an email which included Bendigo Bank images and branding.
The scam asked recipients to verify or update accounts, with links directing unsuspecting victims to a fake website where their details could be harvested by criminals for various fraud and scams.
Scammers are also using spoofing to trick victims, with ScamWatch reporting total losses to phone and text scams of more than $169 million in 2022, a significant increase over the previous year.
"Spoofing is when phone calls appear to come from legitimate numbers and SMS messages appear in the same conversation thread as genuine communications, making it very difficult for people to detect genuine communications. That's why its so important that customers take extra precautions and be aware of signs of a scam," said Mr Gordon.
"Bank impersonation scams really erode the trust in bank communications, making it difficult for us to contact our customers when we need to, and they are putting pressure on our customers to try to discern what's real and what's a scam.
"We encourage everyone to be cautious and verify the legitimacy of any communication, especially when it involves their bank and their finances."
Mr Gordon's advice to customers who may have fallen victim to a bank impersonation scam is to contact their bank - in the case of Bendigo Bank they can visit www.bendigobank.com.au/security immediately to report it and get support.
No links
"Please remember the bank will never ask for your details, or to transfer money, download software or login via a link sent through email or SMS. Bendigo Bank has removed links from all our SMS messages, so customers who receive an SMS that includes a link should treat that as suspicious."
"If you are speaking to someone claiming to be from Bendigo Bank and you are unsure if the caller is legitimate, hang up and contact us directly on 1300-236-344," Mr Gordon said.
Bendigo Bank recommends stopping scammers in their tracks by following ScamWatch's advice:
- STOP - Don't give money or personal information to anyone if unsure.
Scammers will offer to help you or ask you to verify who you are. They will pretend to be from organisations you know and trust like Services Australia, police, government, or a fraud service.
- THINK - Ask yourself could the message or call be fake?
Never click a link in a message. Only contact us, businesses or government using contact information from their official website or through their secure apps. If you're not sure, say no, hang up or delete.
- PROTECT - Act quickly if something feels wrong.
If you notice unusual activity or if a scammer gets your money or information, visit www.bendigobank.com.au/security to report it and get support.
Bendigo Bank is running security and anti scam courses for customers and local community groups. Contact your local branch.