skip to log on skip to main content
VoiceOver users please use the tab key when navigating expanded menus

Latest scams, fraud and security alerts

Stay informed on the latest scams, fraud, and security alerts. Learn about emerging cyber threats and important online risks as they arise. If you're a business owner, make sure to stay updated with the latest business security alerts  that could impact you.

Explore the latest alerts below, and make informed decisions to help keep your personal and banking details safe.
 

Jump to

August 2024

July 2024

Older alerts

 August 2024

Latest alerts scam email

 Posted on 30 August 2024

Alert from the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) on impersonation scam

Type: 

The ASD's ACSC has published a medium alert regarding email scammers impersonating the ASD's ACSC by sending out phishing emails to the public with the email content suggesting to download a malicious antivirus program.

The cybercriminals are emailing from spoofed email accounts utilising ASD’s ACSC’s logo, with the subject and contents of the email varying. These emails suggest that an increase in cyber threats requires the recipient to download ‘Antivirus’ software through a malicious link to stay safe. If clicked on, there is potential that malicious software could be downloaded and installed to the individual’s computer.

ASD’s ACSC encourages Australians to not click on links within the email, report it and block the sender. If you have clicked the link, require assistance, or if you’re not sure it’s a real email from ASD’s ACSC you can contact the ASD's ACSC via 1300 CYBER1 (1300 292 371).

For more information, please read the Australian Cyber Security Centre’s alert - Email scammers impersonating the ASD's ACSC.

 July 2024

Latest alerts scam SMS

 Posted on 21 July 2024

Third party technology outage – Scam alert

Type:   

ANZ is aware of a global incident affecting some CrowdStrike and Microsoft services and we are monitoring the situation closely. There is no impact to ANZ's services and systems at this point in time.

Scammers are using this global incident to their advantage and we’re warning customers and businesses to be cautious of unsolicited calls, emails or messages requesting they download a software patch or provide remote access to fix or protect their computer from the CrowdStrike/Microsoft outage.

Downloading unsolicited software can give scammers access to your computer, including your bank accounts.

Customers and businesses should also be on alert to unsolicited requests from individuals claiming to be from their financial institutions or other businesses requesting they update or verify their personal or financial information due to the CrowdStrike/Microsoft outage.

How to protect yourself

  • Never grant remote access or download software when prompted by unsolicited callers.
  • Be wary if someone asks you to share your device screen.
  • Don’t click on links or download attachments from an unexpected message or email.
  • Never hand over your debit/credit cards to anyone, including someone claiming to be from your bank.
  • Be suspicious of anyone asking you for personal information or payment. If in doubt, ignore the message, or just hang up.
  • If you shared debit/credit card details, block or cancel those cards immediately. If your cards are with ANZ, you can do this through the app.

If you suspect fraud on your account or have shared financial information or transferred money as a result of this scam, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.

You can also report scams to the Australian Government’s Scamwatch and the Australian Cyber Security Centre’s ReportCyber.

Latest alerts scam website

 Posted on 19 July 2024

Consider using different usernames and passwords across all your online accounts

Type: 

How does it work?

Whenever possible, try using different usernames and passwords/passphrases across multiple online platforms and websites. In the event of a data breach, your login details for these platforms or websites may get compromised and can be used in a cyberattack known as credential stuffing.

In a credential stuffing attack, the cybercriminal will use previously stolen usernames and passwords from one platform or website and use them on other platforms or websites in the hope that users are re-using them – to get unauthorised access to their user accounts.

This may lead to fraudulent transactions being made using the payment information saved in the user accounts on these platforms and websites.

How to protect yourself

Attacks of this nature are becoming more prevalent. To help safeguard your money and your information, we want to remind you of the following tips:

  • Use a different password/passphrase for different accounts.
  • Use multi-factor authentication (MFA) on all accounts, wherever possible.
  • Change your password/passphrase immediately, if impacted by a data breach.
  • Monitor your online purchases and credit card transactions carefully.

If you suspect fraud on your account, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.

You can also report scams to the Australian Government’s Scamwatch and the Australian Cyber Security Centre’s ReportCyber.

Latest alerts scam website

 Posted on 05 July 2024

Pop-up scams / Scareware

Type: 

How does it work?

Whenever you browse the internet, be cautious of fraudulent pop-ups.

Pop-ups are windows or banners that automatically appear on a website and usually contain either advertising, notifications, or alerts. Often scammers use fraudulent pop-ups with warning messages to trick people into downloading software, click on links, or provide personal information. These fraudulent pop-ups are designed to create a sense of panic and may lead to personal data theft, financial loss, and broader security breaches within networks.

How to protect yourself

  • Regularly update your operating system, web browsers, and applications.
  • Be cautious when clicking on links or when you’re asked to download software from unknown sources.
  • Consider installing legitimate antivirus and antimalware software on our device and keep it up to date. This may help protect your device if you’ve clicked a fraudulent pop-up and downloaded malicious software.
  • Enable pop-up blockers to reduce your chances of receiving pop-ups.

If you suspect fraud on your account or have shared financial information or transferred money as a result of this scam, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.

You can also report scams to the Australian Government’s Scamwatch and the Australian Cyber Security Centre’s ReportCyber.

 Business alerts

Latest alerts critical vulnerability

 Posted on 21 July 2024

Critical alert from the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)

Type: 

ASD’s ACSC have published a critical alert regarding a CrowdStrike software update has led to worldwide outages impacting Windows systems on Friday 19 July 2024.

ASD’s ACSC strongly encourages all consumers to source their technical information and updates from official CrowdStrike sources only.

ASD’s ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations or individuals that have been impacted or require assistance can contact us via 1300 CYBER1 (1300 292 371).

For more information, please read the Australian Cyber Security Centre alert - Widespread outages relating to CrowdStrike software update

App Store is a service mark of Apple Inc. Google Play and the Google Play logo are trademarks of Google LLC

Top