Latest scams

Fraudsters are getting smarter by the minute so it is important to know what tricks they might use so you don’t become a victim of financial crime. Read up on the latest scams around at the moment.

For more information, check the ScamWatch and Stay Smart Online websites for new scams and the latest steps to secure yourself online.


Fake BPay refund emails

 

There are fraudulent phishing emails circulating purporting to be from BPay. These emails communicate a that a payment has been made to you through BPay.

The scammers will prompt you to download and open the attached word document to view details of this payment.

The attached document is not a document but a Trojan virus file that contains malicious software which downloads and installs on your system. Commonly, this infection will install a backdoor which allows remote access to your system. This backdoor may then be used by remote attackers to upload and install further malicious or potentially unwanted software.

What to look out for

If you receive an email alerting you to a payment from BPay, please confirm this independently with Bankwest. Avoid clicking on any link within an email and do not download any attachments.

If you receive a suspicious email forward it to abuse@security.bankwest.com.au

BPay scam email
 

Top




We’ve collected common scams from past years, so you can stay informed



Fake Australian Tax Office emails

 

There are fraudulent phishing emails circulating purporting to be from the Australian Tax Office These emails communicate that your next activity statement is available or that there are inconsistencies in your income declaration.

Some emails may contain a virus disguised as a legitimate file attachment to download. Other emails contain links that when clicked download malicious software to your computer called ransomware, blocking you from accessing your files until you pay a ransom.

 

What to look out for

If you receive an email purporting to be from the Australian Tax Office, please confirm independently with the ATO. Avoid clicking on any link within an email and do not download any attachments.

If you receive a suspicious email forward it to abuse@security.bankwest.com.au.

Fig. 1 - ATO phishing email scam  


Fig. 2 - ATO phishing email scam

Top



Fake Telstra refund emails

 

There are fraudulent phishing emails circulating purporting to be from Telstra. These emails communicate a refund due to you.

The scammers will prompt you to log into your Telstra account via a fake website (fig. 1) to collect your personal details such as name, address, date of birth, as well as full credit card information (fig. 2).

A 'Thank You' confirmation is also displayed at the end showing a receipt number giving the appearance of a legitimate transaction.

What to look out for

If you receive an email alerting you to a refund by Telstra, please confirm independently with Telstra. Avoid clicking on any link within an email to log directly into your account. Always use the login link on the official website.

Telstra phishing scam - fake refund email
  • View all Telstra scam images


    Fig. 1

    Fig. 1 - Telstra phishing email scam - fake login screen


    Fig. 2

    Fig. 2 - Telstra phishing email scam - fake form

Top


2016 invoice email scam - targeting Australian businesses

 

Beware of an invoice email scam asking you to change existing payment arrangements. The scam emails come from individuals acting as suppliers or colleagues, advising you to make a payment or change to the recipients in your online banking.

How to protect yourself

  • Make sure you have a clear process in place for verifying and paying accounts and invoices.
  • Double check email addresses to ensure they’re legitimate. Scammers often set up accounts that appear real at first glance, but feature inconsistencies or errors when you look closely.
  • Contact the business directly to verify the email’s authenticity. But don’t contact them via email reply or by calling the numbers listed in the email! Always use contact details that you already have on file, or that you have sourced yourself via a directory.

Top

2016 malicious virus alert - unusual content during Online Banking logon

 

We have detected computer viruses displaying unexpected messages and attempting to capture customer details.

What to look out for

  • New pages warning of delays to logging on and asking you to re-enter your security token code.
  • New pages advising of technical issues such as the example below.
  • Pages requesting your email address.

Example
Online Banking malicious virus alert - Logon Screen

Top

2015 email scam - account reactivation

 

Watch out for emails in your inbox pretending to be from Bankwest, advising you that you need to activate your banking access.

What to look out for

  • A generic introduction instead of your actual name. e.g Dear Sir or Hello customer.
  • A source email address that looks unfamiliar, suspicious or unprofessional.
  • A request for sensitive or personal information like your home address, contact number, banking details or password.
  • Scare tactics to pressure you into making a quick and potentially risky decision.

Example
Hoax email scam advising you that you need to activate your banking access.

Top

2015 malicious virus alert - unusual OBB content

 

We have detected computer viruses displaying unexpected messages and attempting to capture customer details.

What to look out for

  • New pages warning of delays to logging on and asking you to re-enter your security token code.
  • New pages advising of technical issues such as the example below.
  • Pages requesting your credit card expiry and CCV number (3 digit card code).
  • Pages requesting your mobile phone number and other personal information.

Fraudulent loading page Online business banking. Please wait while your security details are being validated  

Fraudulent customer data gathering page Form requesting customer to complete personal details
 

2014 malicious virus alert - unusual BOB content

 

We have detected computer viruses designed to trick customers into revealing personal banking information including SMS authorisation code.

What to look out for

  • New page heading.
  • Page heading not in left hand menu.
  • Different colours used (i.e. yellow buttons).
  • Request for your mobile phone number or credit card number for 'security reasons'.
  • Text messages that ask you to upload security updates to your Android phone. (Updates should only be performed from official app stores such as Apple’s App Store or Google Play (for Android devices).

Example
Fraudulent Content

Apple and App Store are trademarks of Apple Inc. registered in U.S and other countries.© 2015 Google Inc. All rights reserved. Android and Google Play are trademarks of Google Inc.

How can we help?

If you have any questions or concerns regarding Bankwest security or privacy please contact us immediately.

Reporting Scams
  • Personal customers call 1300 368 748
  • Business customers call 13 7000

McAfee® Internet Security

McAfee internet security

Bankwest customers get free McAfee® Internet Security for 6 months.

© 2017 Copyright Bankwest, a division of Commonwealth Bank of Australia (Bankwest) ABN 48 123 123 124 AFSL / Australian credit licence 234945. All rights reserved. To use this Website, you are required to read the Financial Services Guide (which you agree to be provided by accessing the link). Bankwest is a division of Commonwealth Bank of Australia, which is the product issuer unless otherwise stated. Rates stated are subject to change without notice. Any advice given does not take into account your objectives, financial situation or needs so please consider whether it is appropriate for you. For deposit and payment products, please ensure you read and consider the Product Disclosure Statement (which you agree to be provided through this link) before making any decision about the product(s). For lending products, lending criteria and fees and charges apply. Terms and conditions apply and are available on request.