Types of fraud
- Identity theft
- Viruses and Trojans
- Spyware and Adware
- Card skimming
- Job and employment scams
- Phishing over the phone
- Phishing by SMS
- Other mobile scams
- More about scams and how to report them
"Phishing" is a form of Internet fraud that aims to steal valuable information such as card numbers, user IDs and passwords. A fake web site is created to look similar to that of a legitimate organisation, typically a financial institution such as a bank or insurance company. An email or SMS is sent requesting that the recipient access the fake web site and enter their personal details, including security access codes. The page looks genuine but users entering information are inadvertently sending their information to the fraudster.
Find out more about current hoax emails, how to recognise them and what to do with them..
Identity theft is on the increase in Australia. It can take many forms, from fraudulent credit card use, to your entire identity being used to open accounts, obtain loans, and conduct other illegal activities.
Be suspicious if anyone asks you for your personal information. Scammers use convincing stories to explain why you need to give them money or personal details.
Here are 7 simple strategies to help protect your financial identity:
- Ensure your letterbox is locked and check it for tampering. If you'll be away from home for an extended period, arrange for mail to be held at your local post office or have a friend collect it.
- Safely dispose of personal and financial information such as account statements, bills and receipts, by tearing or shredding them before throwing them away
- Sign up to electronic statements, which can be viewed and downloaded when banking online: eStatements are also good for the environment
- Check you've received all expected bills and statements as a missing statement could mean a thief has removed it from your mailbox
- If you are moving house update your details straight away: Call us on 13 33 30
- Do we have your mobile or telephone number? Knowing your current contact details will enable us to contact you quickly if suspicious activity is detected
- Set up a verbal password - it’s like an extra layer of security used during Telephone Banking that makes it harder for a fraudster to assume your identity. Just call 13 33 30 anytime to activate.
- Always take your time to check whether a request is genuine. You can verify St.George requests by calling us on 13 33 30 anytime.
Viruses and Trojans are harmful programs that are loaded onto your computer without your knowledge. The goal of these programs may be to obtain information, hinder the performance of your computer, or flood you with advertising.
Viruses spread by infecting computers and then replicating. Trojans appear as genuine applications and then embed themselves into a computer to monitor activity and collect information.
Using a firewall and maintaining current virus protection software can help minimise your chances of getting viruses and inadvertently downloading Trojans.
Find out more about how to secure your PC against Viruses and Trojans.
When clicking on pop-up advertisements – ones that “pop up” in a separate browser window – it’s possible you are also downloading “spyware” or “adware”. These programs often come bundled with free programs, applications or services you may download from the Internet.
Spyware or Adware software covertly gathers your user information and monitors your Internet activity, usually for advertising purposes.
Be cautious about clicking on Internet banners and pop-ups or downloading free programs. Maintain current security software to detect and remove spyware.
Find out more about how to secure your PC.
Card skimming is the illegal copying and capture of magnetic stripe and PIN data on credit and debit cards. Skimming can occur at any bank ATM or via a compromised EFTPOS machine.
Captured card and PIN details are encoded onto a counterfeit card and used to make fraudulent account withdrawals and transactions.
Fraudsters can attach false casings and PIN pad overlay devices onto genuine existing ATMs, or they can attach a camouflaged skimming device onto a card reader entry used in tandem with a concealed camera to capture and record PIN entry details.
A foreign device is implanted into an EFTPOS machine that is capable of copying and capturing card and PIN details processed through the machine.
A compromised EFTPOS terminal can only be detected by a physical inspection. However, you may witness suspicious merchant behaviour that needs to be immediately reported to us:
Examples of suspicious merchant activity
- Your card is taken out of your sight to process a transaction
- You card is swiped more than once
- Your card is subsequently swiped through a second EFTPOS terminal
How to spot an ATM Skimming Device
Before you insert your card into any ATM, take a moment to check for evidence that the ATM has been compromised with a skimming device. The three areas to inspect are:
- ATM casing
- Card reader entry where you insert your card
- PIN pad buttons you use to enter your PIN
What to look for
- ATM casing
- Foreign objects attached
- Evidence of damage or tampering
- Panels that don’t fit snugly together
- Holes in the casing panel may indicate that a camera has been inserted
- Card reader entry
- Any object placed over the card reader. A skimming device is often “piggy backed” onto the existing card reader.
- Card entry slot not straight
- Glue or tape residue around the card reader entry
- Keypad is loose and not fitting flush with the rest of the ATM
- Keypad is a different colour to the rest of the ATM
If you see any of these signs on an ATM immediately report it.
Find out how we protect you from card fraud
Job and employment scams target people looking for a new job or a change of job. They often promise a lot of income (sometimes they even guarantee it) for not a lot of work.
If you have received a work from home offer that you think could be a scam, or if you have responded to a job advertisement that you now realise is a scam, you can report a scam through the SCAMwatch website.
Fraudsters don't only strike online. Phishing, where traditionally emails seek to represent a known or trusted entity and trick people into disclosing their account or personal details, is now increasingly happening over the phone.
Be particularly vigilant if you’re asked to disclose any Internet Banking sign-in details or Secure Code sent to your mobile.
Protect your Secure Code like you would a password or a PIN.
To protect the security of your accounts, never disclose your Secure Code – or any Internet Banking access codes - to others.
If you have reason to doubt the validity of a caller, ask their name and phone number to call them back, and check the number against the organisation’s number in the phone directory. If the caller claims to be from St.George, check the number against St.George telephone directory.
Also, be on the lookout for voice recorded messages that can dial automatically and ask you to call a number or provide account information.
Your mobile can be a target for fraudsters too. If you receive any SMS message that you have not requested or are expecting, and you're suspicious, please contact us on 13 33 30 to confirm the authenticity of the message.
If you think you've received a hoax SMS:
- Forward it to 0457 114 629 (0457 11 HOAX)
- delete the message.
If the messages become a nuisance, contact your mobile network provider for further assistance.
You might be offered free or cheap ring tones, or the chance to win fantastic prizes via text messages, or even automated voicemail messages. You should avoid responding to or downloading supposedly free software due to the risk of a virus or trojan software being installed.
Check out the Australian Competition and Consumer Commission (ACCC) SCAMwatch site for more info on these types of scams.
It’s a good idea to check your transaction history and account statements regularly to ensure there are no unauthorised transactions on your accounts. Contact St.George immediately on 13 33 30 if you suspect any such transactions have taken place.