Article by Denise Gallagher
Have you ever received a suspicious text message, phone call or even email? I think we all have!
In today’s digital age, it is extremely important to protect yourself from scammers. Scammers are becoming increasingly sophisticated and are trying to impersonate banks to try and steal not only your personal information, but your hard-earned money. These types of scams are known as “bank impersonation fraud”. They are extremely disturbing and are becoming alarmingly common. Many people think that it’s mainly the elderly or vulnerable individuals that get caught out by these scammers, but the fact is that even the most intelligent, highly educated and cautious people can be caught off guard.
Here’s what you need to know to protect yourself.
| STOP – CHECK – PROTECT! | |
| Stop | If something feels off, pause before you act. |
| Check | Would your bank really ask for this? |
| Protect | Never share your sensitive bank details or transfer money to anyone if you have even the slightest doubt. |
How bank impersonation scams work
Scammers use several tactics to make their communication look legitimate:
- Phone calls (Vishing): You receive a call from someone claiming to be from your bank’s fraud department. They might say your account has been compromised. They may even tell you that they suspect one of their own bank employees are trying to steal money and that they need your help to try and catch them out. They might ask you to verify personal details or transfer money to a “safe” account.
- Text messages (Smishing): A message that appears to be from your bank, warning you of suspicious activity and urging you to click a link or call a number.
- Emails (Phishing): These emails mimic your bank’s branding and ask you to log in via a fake website or download an attachment that installs malware.
- Spoofed Caller IDs and URLs: Scammers can make their phone number or website look like it belongs to your bank, increasing the illusion of legitimacy.
Red flags
Here are some signs that you might be dealing with a scammer:
- Urgent or threatening language (“Your account will be locked!”)
- Requests for sensitive information like PINs, passwords, or full card numbers
- Instructions to move money to another account for “security”
- Links to unfamiliar or misspelled websites
- Caller ID that looks like your bank, but the caller behaves suspiciously
How to protect yourself
It is essential that you stay vigilant and follow these tips:
- Never share sensitive information: Your bank will never ask for your full password, PIN, or to transfer money.
- Verify independently: If you receive a suspicious message or call, hang up and contact your bank using the official number on their website or your bank card.
- Enable two-factor authentication: This adds an extra layer of security to your accounts.
- Monitor your accounts: Regularly check your bank statements and report any unauthorised transactions immediately.
- Educate yourself and others: Share this information with friends and family – especially those who may be more vulnerable.
- Double check website addresses: When on a website, always check that the website address at the top of the page is correct. Look out for misspelt words or extra letters in the URL address that should not be there. Don’t assume that because you have googled a website the one that appears first in google is the genuine website you are looking for.
Real-life example
We have recently had a client who was scammed by a team impersonating law enforcement personnel and bank officials, resulting in a loss of thousands of dollars through the transfer of money to multiple separate bank accounts.
During the scam, a loan had been taken out using their name and business details. They were sent emails purporting to be from their bank and text messages containing OTP authorisation codes. When they called to speak to someone regarding the alleged fraudulent activity, they were reassured that they were talking to a genuine advisor from the bank’s fraud team. When our client requested to see some kind of verification to prove he was who he said he was, they were sent a photo of their Australian Police ID card.
These scammers held personal information about the client, they could see various accounts they held with the bank and could even tell them about the balances in their accounts. They preyed on them and used the trust they held in their bank that they could stop this fraud from happening and help them to secure their money by transferring their money to “secure accounts”. Instead, thousands of dollars were transferred to unknown accounts which have not been able to be recovered.
After becoming aware that they had been the victim of a scam, all the emails and text messages purporting to be from the bank disappeared indicating that they perhaps used some kind of malware to gain access to their devices.
What to do if you’re targeted
If you suspect a scam:
- STOP ALL COMMUNICATION IMMEDIATELY!
- If you have been communicating with them on your computer or laptop, close out of everything and shutdown to ensure they do not have access to your computer.
- If you have been on the phone with a potential scammer, hang up and don’t make any further calls from your phone until you are sure that your phone is safe to use.
- Contact your bank directly. If you need to call your bank, use a different phone from the one that you were using while talking to any potential scammer.
- If you can, go into your bank in person.
- Report the scam to your local consumer protection agency or cybercrime unit.
- Change your passwords and monitor your accounts.
- Take your phone and device to an IT expert to ensure that no suspicious malware has been downloaded onto your devices.
Unlike other countries, banks in Australia have no legal obligation to refund customers who are caught out by scammers and therefore it can be extremely difficult to recoup money that has been lost to scammers.
Remember that bank impersonation scammers do not discriminate. They prey on trust and urgency. Always stop and think. Question everything and trust your instincts. It’s always better to be over cautious than under cautious.
By following some of the above, hopefully it might save you from being a scammer’s next victim!