Author: Jason Moffat

When it comes to Phishing, avoid the sharks..

Living in a digital age means we’re all more savvy and aware of the dangers of cyber crime, right? Not so much. Phishing scams and the like continue to prey on the uneducated and over-confident among us. Greater Corporate Risk and Security Manager Jason Moffat has some handy tips to keep us from getting bitten.

Most of us who have been online for 5 years or more would be familiar with the concept of spamming, but I am constantly amazed how few people I speak to realise what phishing is.

Phishing is when cyber-crooks try to fraudulently acquire your personal information by disguising themselves as a friendly authority figure. They will get in touch with you online claiming to be from your bank, for example, and ask for details like passwords and credit card details. Make no mistake. The goal is to steal the money from your accounts and there are millions of these emails circulating globally every day.

Here’s how phishing works:

  • The criminal will get in touch via email, text, chat, etc with a message that seems to be from a trustworthy source and is for appearences sake meant just for you. The message will include a link for you to click or an attachment to open.
  • When you click or open, malicious software (a virus) is embedded in your computer that searches for all banking, card, password and personal details and sends them back to the crooks.
  • The crook will often put pressure on you, making you believe there is a deal to be taken advantage of, or some issue with your account that needs to be resolved. The link provided will take you to a site meant to mirror the official website of the organisation in question.
  • You will be prompted to enter sensitive information, which goes straight into the hands of the cybercriminal
  • The crook now has access to your information which could be used to drain your bank account, or even attempt steal your identity.

Scary stuff huh?

But there’s no need to run and hide just yet. There are things we can all do to ensure we remain vigilant every day so that we’re able to keep our personal information safe and secure:

  1. Firstly, NO financial institution will EVER send you an unsolicited email asking you to enter or update your passwords, account details or security information... EVER. If you receive such an email you must assume it is a fraud.
  2. If something seems too good to be true it is. In the internet age this is more true than at any other time in history. Use the common sense test: Why would someone offer me something for nothing? Why would someone I have never actually met offer me a job by email, or free goods, or free services, or want to marry me? And why would a bank want my account details when they already have them? Or if I don't bank with them at all?
  3. It might seem like a hassle at times, but make sure your internet browser and operating system are up to date, and install any security updates whenever available. These updates are released to provide consumers the latest in protection technology, so bite the bullet and update. It's much less hassle than having your life savings cleaned out!
  4. If you come across an email that you think seems shady, avoid clicking any of the links in or attachments to the message.
  5. Make sure your system security software is up to date as often as you can. Most security software products offer free initial trials, and are worth their asking price once this period is up. Look for a software that includes a tool to identify risky sites in email, chat, social, etc.
  6. Be sure to stay on top of your account activity. The days of waiting 3 months for your account statement are over - you can check them online for free anytime. Using The Greater’s Mobile apps or Internet Banking lets you stay on top of your account activity anywhere, anytime and checking regularly may make the difference between an empty and full account if you fall victim to a virus.

By incorporating these few things into our routine we can all decrease our chances of falling victim to phishing scams.

If you would like to know more about online scams and be alerted to the latest in cyber-crime, check out our fraud and security updates, check out the ASIC and ACCC website at or you can RSS our blog for fresh related content.

Have you or someone you know ever been the target of a phishing scam? What was the result? How could they have avoided it? Let us know in the comments below.

The Greater Building Society will never send emails requesting you to confirm, update or disclose your confidential banking information. If you receive an email that you are suspicious of, please forward it to