Identity theft and fraud
Identity theft is when fraudsters steal your personal information, such as your name, date of birth, address and other details, and uses it to impersonate you or to fabricate a new identity in order to steal money or gain other benefits. Fraudsters can use stolen personal information to apply for credit in your name.
Identity takeover is when someone accesses another person’s personal information and assumes that person’s identity.
Identity fraud can also involve altering a genuine identity in order to avoid poor account history or credit conduct.
Fraudsters can use seemingly harmless things, such as utility bills or shopping club memberships, to steal your identity. Regard all documents containing personal information (including name and address) as sensitive, and store or dispose of them securely.
Consider the information that you put out over the Internet. Personal information may include a date of birth, phone numbers, addresses of where you have lived previously and even your account details.
You can reduce the risk of having your personal information stolen or misused by not sharing personal information on social networking sites.
Identity fraud can be stressful to the victim and their family, time consuming and costly to fix.
If you have concerns about identity fraud or believe someone has applied for credit in your name, contact us immediately on 132 888 or refer to reputable web sites, such as scamwatch.gov.au or veda.com.au.
Card fraud includes lost and stolen cards, counterfeit cards, and the use of card details on the internet or over the phone.
We monitor for unusual transactions, and offer security features such as chip, PIN and Verified by Visa (VbV), but it’s up to you to keep your card secure.
Some tips are:
- sign the signature panel as soon as you receive a new card, and make sure that you securely destroy any old ones
- regularly check that your card is still in your possession
- don’t let anyone else use your card, or the card details
- treat your card as if it was cash, and don’t leave it unattended (e.g. in a car, at your workplace, or in a public place)
- if you’re not sure about the security of a merchant or an ATM, don’t use it
- tell us straight away if your card is not in your possession. You can report a lost or stolen card through internet banking, or over the phone on 132 888 24/7 and follow the prompts.
Counterfeit cards and skimming devices
Skimming is the term used for the unauthorised copying of an electronic device—in this case, card details (including the PIN) at an ATM or EFTPOS terminal.
Once a card is skimmed, the cards details are transferred over to a counterfeit card and used to access your account without your knowledge.
Skimming devices can be fitted to ATMs or EFTPOS machines. Sometimes EFTPOS machines are used by retail staff who hide them and use them without your knowledge.
You can avoid having your card skimmed by:
- never using an ATM you think has been tampered with
- ensure you are familiar with the ATM you are using. Check for the following unwanted items:
- hidden pinhole cameras and extra plastic panels attached to the machine.
- any loose components or components being held in place by tape or adhesives.
- loose keypads or a keypad that looks out of place and does not match the ATM. Criminals often use keypad overlays which record your keystrokes electronically and can capture your PIN. Make sure there is not a ‘card reader’ or skimming device fitted to the front of the ATM
- keeping your card in sight at all times when making EFTPOS or Visa transactions
- protecting your PIN. Always cover your hand when entering your PIN so no-one else can see it. Never tell anyone your PIN, including family, friends, police or Bank Australia staff.
- be aware of your surroundings and the people who may be able to gain information while you are completing your transaction.
- know the balance of your account and check it often to minimise unauthorised transactions from occurring. Let us know immediately if there is anything you don’t recognise.
- before you leave, ensure the ATM has fully completed your transaction.
- never discard your ATM receipts in a public area. ATM receipts should be shredded to protect your card details.
If you see an ATM you think has been tampered with, or if you think your card or personal details have been compromised, contact us immediately on 132 888.
Take a look at our tips for using your card securely online.
Lending fraud is where a person illegally obtains funds, including mortgages, credit cards and personal loans. It can happen after an identity is stolen, and can include:
- outright theft where the borrower has no intention of repaying the money
- non-disclosure of debts where the borrower deliberately does not advise of existing credit facilities they have when they apply for a new facility
- supplying false identification information, including fabricated identities
- applying for credit using invalid, altered or false personal and employment details, or using someone else’s information.
You can protect yourself against lending fraud by:
- checking your credit report at least once a year to make sure there are no listings on it that don’t belong to you
- protecting your personal information from theft, including any information you have stored on a computer or mobile device
- protecting yourself from mail theft
- making sure any credit application you complete is accurate. For instance, a $500 credit limit that has no money owing on it is still considered an existing credit facility and must be disclosed
- reporting a stolen identity to the police and your financial institutions
- contacting the main credit reporting agencies, such as Veda, and asking for a ban on your credit file. You can also sign up for a credit alert service to let you know when a credit check has been performed on you.
Lending and identity fraud is illegal and Bank Australia does not tolerate it. If you have information or concerns about lending or identity fraud, contact us on 132 888 or visit veda.com.au.
Fraudsters still use mail theft as a way of getting your personal information and stealing your identity. Make sure your mailbox is secure.
If you believe your mail is being stolen or redirected without your permission, contact Australia Post.
Clear out old advertising material from your letterbox because this tells a thief that you’re not home.
You can protect your mail by:
- securely locking your mailbox and clearing it regularly
- making sure the opening to your mailbox isn’t big enough for a hand to fit through
- immediately telling your bank and other important organisations when you’re moving house, and arranging a mail hold or mail redirection to your new address
- arranging for someone you trust to clear your mailbox when you’re away from home or unable to collect your mail
- arranging for Australia Post to hold your mail if you’re going away and don’t have anyone to clear your mailbox for you
- where possible, signing up for email notifications, such as Bank Australia eStatements and BPAY view
- securely destroying the hard copy of personal and financial papers (for example, shredding them before disposing of them)
- consider Australia Post’s ‘digital mailbox’ service.
For more information about mail theft and Australia Post services, visit auspost.com.au.
If you suspect someone has stolen your identity, report it immediately to your local police. You can also contact Veda Advantage to gain a credit report to ensure nothing has been applied forveda.co in your name, or refer to reputable web sites.
Cheque fraud is still popular with some fraudsters and cheques offer many ways for fraudsters to steal money. Cheque fraud can involve personal cheques and those issued by businesses, banks and government departments.
‘Washing’ cheques involves removing genuine information (often by using chemicals) and replacing details, such as the payee name or the amount.
Fraudsters can hide cheque theft by removing one or more cheques from the middle of the cheque book and the cheque stub.
You can protect your cheques by:
- treating your cheque book like cash and keeping it in safe location
- checking that all the cheques you’re writing are in sequential order (the numbers follow each other logically)
- telling us immediately if your cheque book is lost or stolen or if individual cheques are missing
- regularly reconciling your cheque book. If there are amounts that do not match, contact us on 132 888.
If you have an old cheque book that you no longer need, make sure you let us know so that we can cancel it. Old cheque books should be returned to the bank for secure destruction.
Email hijacking and spoofing
Email hijacking is when an unauthorised party infiltrates an email account. The most commonly affected email accounts are free, web-based email accounts, but any email account can be hijacked.
Fraudsters can hijack emails for many reasons, including to:
- update personal details
- obtain personal details
- reset passwords
- request a funds transfer (including EFT, BPAY and telegraphic transfers).
When a fraudster has access to an email account, it’s possible for them to get copies of legitimate emails between you and Bank Australia. These emails can include scanned documents containing signatures and account numbers.
Depending on what emails you have saved in your email account, the fraudster may also obtain specific account information, personal history or even passwords.
If you suspect that someone has access to your emails, it’s important to ensure that your virus protection is up-to-date, and to thoroughly scan your computer or mobile device. After the scan is completed and the computer is cleared of any issues, make sure that you update all of your passwords.
Never send sensitive information, such as passwords, via email.
Spoofing is when someone sends you an email that is masquerading as being from someone else. For instance, the name might look to be your friend (or co-worker), but the email address is nothing to do with the real person.
Spoofing emails are similar to phishing emails in that they try to trick you into providing information, clicking on a link, or opening an attachment. They might also look like someone else’s email has been hacked, when it’s really just someone pretending to be them.
If you’re not sure of the origin of an email, don’t open it or click on any links or attachments. You can usually find out quickly if it’s from the real person by giving them a quick call.
Internet banking fraud
Internet banking fraud is when an unauthorised person accesses your internet banking to get personal details or transfer funds from your account.
Internet banking fraud can happen when you’ve been the victim of a scam or your computer has been infected with malware. It can also happen if someone other than you has access to your log in details – this includes your family and friends. Sometimes a third party can access your internet banking without your knowledge but not take any money. They do this for various reasons, including to check stolen details or to use your personal information to steal your identity.
You can avoid internet banking fraud by:
- ensuring you choose strong passwords.
- using a different password for your internet banking than what you use for other sites
- checking the log-in information on the welcome page of internet banking which shows you the most recent activity using your log-in details
- maintaining good computer and mobile phone security
- never using ‘auto-complete’ for internet banking
- never telling anyone else your log-in details, even if you know the person well
- never using internet banking on public computers or on an unsecured internet connection (including free WiFi)
- telling us immediately if you see a log-in record, transfer or transaction on your account that you didn’t process
- not becoming a phishing victim
- being familiar with the security features of internet banking
- use a token
If you’re concerned about the security of your internet banking, please call us on 132 888.