Scams Targeting Online Banking

Date: 9/4/2003

Customers should be aware that there has been an increase of reports recently relating to scams targeting online banking and electronic payment sites.

The Greater Building Society has not been targeted to date, but would like to remind all customers that UNDER NO CIRCUMSTANCES do we request that you divulge your PIN, Internet banking login or password.

The scams have been designed to fraudulently collect any of the following information:

  • Online banking logins and passwords.
  • Full banking account details such as account name/id, full name of account holder, swift code and BSB code.
  • Credit card details such as cardholder name, card number and expiry date.
  • Full account and password details of other forms of electronic payment or funds transfer.

In many cases these details are obtained via fraudulent sites that have been set up to look the same as the original site in both appearance and function. The domain name of these fraudulent sites is often very similar to the original site, with subtle changes such as using hyphens in the name.

Emails have also been sent that request the user to log onto a fraudulent site and update their login and password details. These sites also resemble the original site very closely. In some cases the fraudulent site even has links to other sites that appear legitimate, but are actually fake.

Other methods that have been used to obtain customer details include contacting users by email and requesting that they reply to the email with their login details and password, or to fill in a form that will send the results to the fraudulent party.

Details have also been gained from fraudulent parties contacting customers in person and requesting their login and password.

Greater customers are reminded to always protect their password and account details. Your login and password, as well as your PIN, is encrypted in such a way that knowledge of it cannot be obtained by anyone. Therefore, Greater members should never give out their password or account details in response to any unsolicited requests via email or other forms. They should also ensure that they log into the appropriate website, which is www.greater.com.au

Financial institutions and electronic payment sites never request account or credit card details, in particular they will never request passwords via email. The Greater's Internet banking site is verified by a digital certificate, which appears as a small padlock icon at the bottom of your browser. Members can view the certificate by clicking on it.

In summary, Greater members are reminded to never divulge their PIN, Internet banking login or password. In particular:

  • Never provide account details and passwords via email
  • Never provide your account details and passwords in response to an unsolicited request
  • Ensure that you are using the correct Internet banking site and the digital certificate

If you have any concerns relating to this article, email us at webenquiry@greater.com.au