skip to log on skip to main content
VoiceOver users please use the tab key when navigating expanded menus
Find ANZ Support Centre
Find ANZ Support Centre

Latest scams, fraud and security alerts

Stay informed on the latest scams, fraud, and security alerts. Learn about emerging cyber threats and important online risks as they arise. If you are a business, make sure to stay updated with the latest business security alerts  that could impact you.

Explore the latest alerts below, and make informed decisions to help keep your personal and banking details safe.
 

Jump to

December 2024

November 2024

October 2024

Older alerts

 Businesses: See latest security alerts 

 December 2024

Latest alerts scam call

 Posted on 12 December 2024

Card collection scam

Type:  

We are aware of a new scam involving criminals impersonating trusted organisations like banks, IT companies, or phone companies, claiming that your bank accounts or computers are not secure. They may ask for your PIN and instruct you to leave your bank card in your letterbox so it can be cancelled and replaced. They may even ask you to withdraw cash and leave it in the letterbox instead.

These scammers use technology to spoof legitimate phone numbers and may call or send texts in the same thread as your real bank. Scamwatch reports indicate that older and vulnerable Australians living alone are being targeted, with large sums of money being stolen.

Scammers usually pretend to be from trusted organisations to gain your trust. They are likely to create fear about the security of your money or device, prompting you to act without verifying their claims. Once they have your card and PIN, they can withdraw money from your account.

 

STOP - Never tell anyone your PIN or give your card or cash to someone you don’t know. Say no, hang up, delete.

CHECK - Scammers call and pretend to be from organisations that you know and trust – like your bank. If you’re not sure, call the official number of the organisation to check. You can find this on their website, app or the back of your bank card.

PROTECT - If a scammer has taken your money, bank card or personal details, contact your bank or card provider immediately to report the scam and ask them to stop any transactions. Call the police if your cash or card has been taken by someone you don’t know.

If you have shared financial information or transferred money because of this scam, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.

You can also report scams to the Australian Government’s Scamwatch.

Latest alerts scam website

 Posted on 11 December 2024

Be alert to scams this festive season

Type:     

With the festive season upon us, it’s crucial to strengthen your defences against cybercrime and stay vigilant to scams.

During the busy end-of-year and peak online shopping period, our heightened online activity can make us more vulnerable to scams and cyber-attacks.

Cybercriminals often exploit this time of year, preying on people who may be more likely to respond to ‘urgent’ requests or clicking on fake websites. As we prepare for the festive season, it’s essential to be on the lookout for scams such as: Online Stores or Booking Agencies, Parcel Delivery, eCards and Charities.

 

Top tips to help protect yourself and your business this festive season:

  • Avoid clicking links in emails, SMS messages or pop-ups. Access websites directly through your web browser instead.
  • Always use an online store, booking agencies or charitable organisation that is reputable and legitimate.
  • Don’t assume that the first search result on your web browser is the real website.
  • Don’t rely on the contact details or website address provided in a suspicious call, email, or SMS. Confirm the legitimacy of messages through verifiable numbers.
  • Ensure automatic updates on your device are turned on and your anti-virus and anti-spyware software are up to date.

If you suspect fraud on your account or have shared financial information or transferred money as a result of a scam, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.

You can also report scams to the Australian Government’s Scamwatch.

 October 2024

Latest alerts scam email

 Posted on 31 October 2024

Bulk email extortion scam targets Australians

Type:  

ScamWatch has published an alert about criminals attempting to extort Australians through emails. The email falsely claims to have compromising images or videos of the intended victims obtained by hacking into people’s computers or webcams.

The criminals threaten to release the images or videos unless paid, using personal details like birth dates and addresses to intimidate victims. These details likely come from previous data breaches.

If you receive such emails, do not respond, or pay any money. This scam is a type of threat and impersonation scam, where criminals may use intimidation to extort money.

For more information visit: Scam alert: Bulk email extortion scam | Scamwatch
 

  • STOP - Don’t give money or personal information to anyone if unsure. Delete the email.
  • CHECK - Contact a computer specialist if you have concerns about the security of your device.
  • PROTECT - If a scammer has taken your money or personal details, contact your bank or card provider immediately to report the scam. Ask them to stop any transactions. 

Information on how to help avoid scams after a data breach is available on the Scamwatch website.

Receiving scam emails is nothing to be ashamed of; it can happen to anyone. If you’ve shared personal information, contact IDCARE at 1800 595 160.

If you’ve responded to a scam message and shared your ANZ banking details or transferred money, contact ANZ immediately. 

You can also report scams to the Australian Government’s  Scamwatch and the Australian Cyber Security Centre’s ReportCyber.

Latest alerts scam SMS

 Posted on 21 October 2024

Bank impersonation scam alert

Type:  

How does it work?

The National Anti-Scam Centre is warning consumers to be wary of bank impersonation scams.  ANZ encourages customers to be cautious of any unsolicited calls, emails or messages from someone claiming to be from their bank, requesting they provide their personal or financial information, transfer funds, or provide a one-time security code over the phone.

Scammers often claim to be calling from the bank’s fraud department and may refer to an account compromise, suspicious transaction, or online banking outage to try to create a sense of urgency.

The call may appear to come from the bank’s legitimate phone number or a very similar number, or by a text message that appears in the same conversation thread as genuine bank messages or an email appearing to come from the bank.

Remember, ANZ will never ask you to:

  • Share sensitive information like your One Time Passcode (OTP), verification code (for payment), PIN or card details.
  • Transfer money to another account.
  • Open a new account.
  • Provide access to your device.
  • Download software.

Impersonation scams imitate not only banks, but government agencies, organisations and even friends or family members. Here are some tips to help you protect yourself:

  • STOP: Be cautious of unexpected or urgent emails, SMS messages, or phone calls, and do not click on any links, or open any attachments.
  • CHECK: Verify with your provider/bank immediately via official channels if you receive a message from someone saying your account is at risk, under review, unavailable, or locked, or if you enter personal details into a link that you suspect is a scam.
  • PROTECT:
    • Do not share personal or financial details, and never provide your passwords, account numbers, or one-time passcodes to anyone.
    • If you suspect fraud on your account or have shared financial information or transferred money as a result of this scam, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.
    • Report to scamwatch.gov.au and the Australian Cyber Security Centre’s ReportCyber to help protect others. Tell your friends and family: it helps to share your experience so they can give you support, and also so you can help them stay safe from scams.

For more information about bank impersonation scams, visit ANZ Security hub – types of scams – bank impersonation scams.

If you suspect fraud on your account or have shared financial information or transferred money as a result of this scam, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.

You can also report scams to the Australian Government’s  Scamwatch and the Australian Cyber Security Centre’s ReportCyber.

 Business alerts

Latest alerts scam website

 Posted on 11 December 2024

Be alert to scams this festive season

Type:     

With the festive season upon us, it’s crucial for businesses to strengthen their defences against cybercrime and for consumers to stay vigilant.

The increased use of digital tools for everyday tasks has led to a surge in cyber-attacks, impacting both individuals and businesses. During the busy end-of-year and peak online shopping period, our heightened online activity can make us more vulnerable to scams and cyber-attacks.

Cybercriminals often exploit this time of year, preying on people who may be more likely to respond to ‘urgent’ requests or click on links in emails. As businesses prepare for the festive shutdown, it’s essential to ensure that cyber resiliency plans are up-to-date and that scam awareness is heightened.

Cybersecurity is a shared responsibility, and staying vigilant is crucial. By taking these proactive steps, you can help safeguard your business, your customers, and your staff against cyber threats during the festive season and beyond.

 

Top tips to help protect yourself and your business this festive season:

  • Seek confirmation if you receive an email or phone request to change banking details from a supplier or employee. Always confirm by contacting the supplier or employee directly on a trusted contact number.
  • Turn on multi-factor authentication for all essential services such as email, bank, social media accounts and any databases holding your customer information.
  • Avoid clicking links in unsolicited emails, text messages or popups, instead access websites directly through your web browser. Take extra care at this time of year when opening Christmas eCards.
  • Set up a PayID and BPAY for your business and remove your account number and BSB from your invoice payment options.

Protect the sensitive data you share and the data your organisation creates, collects, stores and shares. Never share passwords, PINS or OTP’s (one-time passwords)

If you suspect fraud on your account or have shared financial information or transferred money as a result of a scam, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.

You can also report scams to the Australian Government’s Scamwatch.

Latest alerts critical vulnerability

 Posted on 02 December 2024

Protect Your Business from Remote Access Scams

Type:    

We are seeing a continuous rise in remote access scam attempts where cybercriminals impersonate bank representatives to gain unauthorised access to your systems. These scams may lead to significant financial losses and data breaches.

Cybercriminals often claim to be calling from a bank’s fraud department, referring to an account compromise, suspicious transaction, or online banking outage to create a sense of urgency. They may send messages that include a link to a website controlled by the scammer, where you might be prompted to enter important banking information.

Remember, ANZ will NEVER ask you to:

  • Share sensitive banking details like passwords, PIN’s, ANZ Shield codes, token codes or one-time passcodes (for payments).
  • Download software.
  • Provide access to your device.
  • Transfer money to another account.
  • Scan QR codes to verify transactions.

  • Always verify the identity of the caller. Contact your bank directly using official contact details before taking any action.
  • Always log into your internet banking through the ANZ app or our official website. Type the URL (www.anz.com.au) directly into your browser and avoid clicking on links sent to you that claim to direct you to our site.
  • Keep all software, including remote access tools, up to date with the latest security patches.
  • Review remote access capabilities within your organisation.
  • Ensure your staff are aware of phishing attempts and the risks of unsolicited remote access requests.
  • Review and strengthen payment processes in your organisation.

If you suspect fraud on your account, have shared financial information, or transferred money, please contact us immediately. Our Customer Protection Team is available 24/7 to help you.

You can also report scams to the Australian Government’s  Scamwatch and the Australian Cyber Security Centre’s ReportCyber.

Latest alerts critical vulnerability

 Posted on 20 November 2024

Payment Redirection Scam

Type:  

Be cautious when processing requests to update phone, email or bank details from third-party suppliers. These requests could be part of a payment redirection scam.

Cybercriminals may impersonate a legitimate supplier, create a fake business and ABN, and contact your business, requesting updates to supplier details such as:

  • New contact details (phone numbers or email addresses)
  • Updated bank account information

Since contact details have been updated, verification processes may fail, leading to unintentional contact with the scammer.

  • Verify Requests: Always confirm any changes to phone, email or bank details directly with your supplier using known contact information.
  • Implement Controls: Establish internal procedures for verifying and approving any changes to supplier information.
  • Educate Employees: Train your staff to recognise and report suspicious requests.

If you suspect fraud on your account, have shared financial information, or transferred money, please contact us immediately. Our Customer Protection Team is available 24/7 to help you.

You can also report scams to the Australian Government’s  Scamwatch and the Australian Cyber Security Centre’s ReportCyber.

Latest alerts critical vulnerability

 Posted on 31 October 2024

Critical alert from the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)

Type: 

The ASD's ACSC has published a critical alert regarding vulnerabilities affecting FortiManager devices.

Fortinet are aware of active exploitation of vulnerable instances. This vulnerability has been allocated a CVSSv3 score of 9.8.

Australian organisations are advised to review their networks for use of vulnerable instances of FortiManager devices and implement the mitigation advice provided by the vendor.

Affected Australian organisations are strongly recommended by the ASD’s ACSC to patch this vulnerability as a matter of high priority. Patch information is available at PSIRT | FortiGuard Labs.

Organisations or individuals that have been impacted or require assistance can contact the ACSC at ReportCyber.

For more information, please read the Australian Cyber Security Centre’s alert, Vulnerability in Fortinet’s FortiManager.

View older alerts 

Important information

App Store is a service mark of Apple Inc. Google Play and the Google Play logo are trademarks of Google LLC

Top