Latest News

Black Friday and Cyber Monday are among the year’s biggest online shopping events, with millions of Australians searching for bargains. While retailers prepare for increased demand, scammers do too, building fake websites, sending phishing messages and placing deceptive ads designed to steal money and personal information. Fraudulent activity typically rises during major shopping periods. Common scams to watch for: AI fake online stores – Professional-looking websites that use deepfake videos, fake reviews, manufactured product images and convincing logos to appear legitimate. Phishing emails and texts – Messages that appear to come from trusted retailers or delivery companies, asking you to “confirm your order” or “track your parcel.” Social media ads – Ads promoting unrealistic prices or fake giveaways that redirect you to malicious sites. Payment scams – Requests for direct bank transfers or cryptocurrency payments instead of secure options like credit cards or PayPal. It’s also important to note that even legitimate retailers may occasionally use misleading promotions, such as limited-time claims that create false urgency, “store-wide” discounts that exclude most products, or “up to X% off” deals where only a small number of items receive the highest discount. The Australian Competition and Consumer Commission (ACCC) is conducting a sweep of retailers to ensure their sales advertising is accurate, transparent, and not likely to mislead or deceive consumers. If you’re planning to shop during the Black Friday and Cyber Monday sales, check prices before promotions begin so you can compare and ensure the discount is genuine.How to protect yourself You can still enjoy the sales, just shop smart: Stick to trusted retailers:- Buy from official brand websites or authorised sellers. Check URLs carefully:- Look for subtle spelling differences, extra characters or unusual domain names. Recognise fake website: AI generated images and videos can show unnatural facial expressions, inconsistent lighting, blurred lip movements. Verify the legitimacy by checking the contact details. Avoid clicking on suspicious links: Type the retailer’s URL directly or use a bookmark instead of following links from emails, texts or social media. Use secure payment methods: Credit cards and PayPal generally offer better buyer protection than direct bank transfers or cryptocurrency if something goes wrong. Be wary of offers that seem too good to be true: They usually are. Don’t succumb to pressure: Don’t let countdown timers or low stock pressure you into buying. Verify social media offers: Don’t rely solely on celebrity videos or influencer posts, check the retailer’s official channels. Black Friday and Cyber Monday sales can provide a great opportunity to save on your purchases, but it’s also a prime time for scammers. Take a moment to double-check before you click, buy, or share any personal information. A few seconds of caution can save you from weeks of stress and financial loss.Need help?  If you believe someone has gained access to your bank account and/or personal information, even if the scam appears unrelated to your finances, you should contact your bank immediately. A timely response can be critical. If you have concerns about your account contact us immediately. You can report cybercrime directly to the Australian Cyber Security Centre (ACSC). Find out how scams work, how to protect yourself, what to do if you’ve been scammed or report a scam to the Australian Competition and Consumer Commission (ACCC) via Scamwatch. Change your passwords and enable two-factor authentication to protect your accounts. As always, we remain committed to your security and privacy online. To understand how we help to keep you safe, please refer to our Security page. For more information on common scams and how to protect yourself, please visit the News section of our website.

October is Cyber Security Awareness Month, an important reminder that small, consistent actions help protect what matters most online. This year’s theme “Building our cyber safe culture” underscores the importance of proactive online safety measures, supported by a range of resources designed to help individuals and businesses to prioritise cyber security. There are simple actions everyone can take to safeguard themselves online: 1) Install all software updates to keep your devices secure: Installing regular updates will keep your devices secure and makes it harder for cyber criminals to access them. Make sure that automatic updates are switched on so that you are notified when an update is available. Learn more about how to update your devices at cyber.gov.au 2) Use a unique and strong passphrase on every account: A passphrase is a more secure version of a password. Passphrases are hard for cybercriminals to crack, but easy for you to remember.        Create passphrases that are: 15 or more characters Unpredictable: use 4 or more random words. Avoid identifying information such as family names, birth dates or addresses. Unique: are different for every account. Learn more about how to set secure passphrases at cyber.gov.au 3) Always set up multi-factor authentication (MFA): Enable multi-factor authentication where available to add an extra layer of security to all of your online accounts. MFA requires two or more proofs of identity to log in to your account MFA adds an extra layer of security Start with setting up MFA on your most important accounts (such as online banking and email accounts) Learn more about how to turn on multi-factor authentication at cyber.gov.au Cyber Security Awareness Month focuses on building capability and encouraging action, giving Australians the skills and confidence to take control of their online safety. The goal is to ensure both individuals and organisations have the knowledge and tools to stay secure. A strong cyber culture develops through small, consistent actions that become everyday habits. Simple practices, such as questioning unexpected emails, pausing before clicking links, and regularly checking account security, can make a big difference. By embedding these behaviours into daily routines, cyber safety becomes second nature at home and in the workplace. Everyone has a role in creating a resilient digital community. By staying alert and practising good cyber hygiene, we can reduce risks and better protect the things that matter most. Need help?If you believe someone has gained access to your bank account and/or personal information, even if the scam appears unrelated to your finances, you should contact your bank immediately. A timely response can be critical. If you have concerns about your account contact us immediately. You can report cybercrime directly to the Australian Cyber Security Centre (ACSC). Find out how scams work, how to protect yourself, what to do if you’ve been scammed or report a scam to the Australian Competition and Consumer Commission (ACCC) via Scamwatch. As always, we remain committed to your security and privacy online. To understand how we help to keep you safe, please refer to our Security page. For information on common scams and how to protect yourself, please visit the News section of our website.  

Stop. Check. Protect. From 25 to 29 August, Scams Awareness Week 2025, a national initiative led by the Australian Competition and Consumer Commission (ACCC) aims to raise awareness about the growing risks of scams and cyber threats. “Stop. Check. Protect.” is this year’s theme, encouraging Australians to remain vigilant, verify suspicious activity, and take proactive steps to protect their personal and financial information.  As a mutual bank, the trust and safety of our members are among our highest priorities. We are committed to helping protect member data, raising awareness of online risks, and ensuring our members have the knowledge to respond to threats with confidence and care. Common types of scams and cyber threats: Scams and cyberattacks are becoming increasingly sophisticated and frequent. Some of the most common include: Phishing emails: Scammers pose as trusted organisations, sending emails that prompt recipients to click malicious links, download harmful attachments, or reveal sensitive information such as passwords and credit card details. Romance scams: Fraudsters create fake identities online to form emotional connections, eventually convincing victims to send money for fabricated emergencies. Lottery and prize scams: Scammers falsely declare victims as lottery winners, demanding upfront payments or personal data to claim fictitious prizes, resulting in financial loss or identity theft. Bank impersonation scams: Scammers impersonates a bank or financial institution to trick their victims into making payments to a fraudulent account. Tax time SMS and email scams: These scams encourage people to click on a link that directs them to a fake MyGov sign-in pages designed to steal their username and password. E.g. phrases include: 'You are due to receive an ATO direct refund”, or “You have an ATO notification.” Linkt Toll scams: Messages (SMS or WhatsApp mostly) request payment or updated billing information through a fraudulent link. Phone scams: Scammers call victims pretending to be from government agencies, tech support, banks or delivery services to steal information or money. Impersonation scams: Fraudsters pose as trusted individuals, such as colleagues, family member, or CEO, to request urgent payments or sensitive data. Fake websites: They mimic real websites to steal credentials or infect your device with malware when you enter information or download content. Malware attacks: Malicious software is installed via unsafe links or downloads, allowing scammers to access your personal or financial information. Remote access scams: Scammers convince victims to grant access to their computer or mobile device, often claiming to be tech support. No one is immune, stay alert and informed.That’s why we’re focused on continuing to strengthen our digital security, educating both members and staff, and providing the tools and training needed to protect what matters most: our members’ information and financial wellbeing. What you can do: Stop. Check. Protect. We all have a role to play in cybersecurity. Here’s how you can take action: Stop: If something feels off. Don’t click, share or respond. Scammers often create a sense of urgency to get you to act quickly.  Check: Always verify the legitimacy of the message or call. If in doubt, contact the organisation directly using official contact details from their website, not the ones provided in the suspicious message. Protect: Secure your accounts with strong passwords and enable Multi-Factor Authentication (MFA) or Two-Factor Authentication (2FA) whenever available. Report any suspicious activity immediately to us and the appropriate authorities (e.g. Scamwatch, your IT support or local police). Additional tips for protection: Never share your password with anyone. Use complex, unique passwords for different accounts. Avoid using easily guessed words. (e.g. “123456”, “password”, “birth dates”) Don’t reuse passwords across platforms. Keep your devices updated with the latest security. Be cautious of unsolicited messages or offers that sound too good to be true. Don’t click on suspicious links or attachments, especially from unknown sources. Our commitment to youScams Awareness Week is a timely reminder of the importance of staying safe online. As your mutual bank, we will continue to: Provide ongoing cybersecurity training to help our staff stay alert. Share useful resources and alerts to help members identify and avoid scams. Maintain strong data protection policies and invest in secure technology. Monitor cyber threats closely and act quickly to protect member accounts. This Scams Awareness Week, take a moment to reflect on your online habits, have conversations with friends and family about scam safety, and help spread the message.  Stop. Check. Protect.  To understand how we manage your personal information, please visit our Privacy page. To understand how we help to keep you safe, please refer to our Security page. Need help?If you believe someone has gained access to your personal information, even if it appears unrelated to your finances, you should contact us or relevant financial institution immediately. A timely response can be critical in giving you the best chance to stem any loss. If you have concerns about your account with us, contact us on 1300 36 2000. If the scam occurred on social media or a legitimate website, report it to the platform involved. For scams on Facebook, Messenger, WhatsApp and Instagram, see this step-by-step guide for reporting scams on Facebook services.

The Australian Federal Police are urging Australians to be wary of a new scam spreading across social media, in which criminals lure individuals into opening legitimate bank accounts in their own name. After the account is opened, control is then handed over to the fraudster in exchange for payment. Known as a ‘money mule scam’, this scam tricks people into becoming part of a criminal operation. The bank accounts are later used to launder money or receive funds from other fraudulent activities.Serious Legal ConsequencesWhile it may seem like a harmless favour or an easy way to make money, acting as a money mule is a criminal offence. Those who take part, knowingly or not, may face: Bank account bans or closure Permanent marks on their credit file Investigation by law enforcement Criminal charges for money laundering, which carry heavy penalties including prison time What to Watch Out ForBe cautious of the following red flags: Job offers on social media promising “quick money” for minimal effort Requests to open a new bank account for someone else to use Being asked to share your bank login details or bank card Vague explanations about the purpose of the account We take fraud prevention seriously. We monitor for unusual account activity and work closely with law enforcement and other financial institutions to shut down suspicious accounts. However, we also rely on our members to be vigilant. Never allow anyone else to use a bank account in your name.Need help?If you believe someone has gained access to your bank account and/or personal information, even if the scam appears unrelated to your finances, you should contact your bank immediately. A timely response can be critical. If you have concerns about your account contact us immediately. You can report cybercrime directly to the Australian Cyber Security Centre (ACSC). Find out how scams work, how to protect yourself, what to do if you’ve been scammed or report a scam to the Australian Competition and Consumer Commission (ACCC) via Scamwatch. As always, we remain committed to your security and privacy online. To understand how we help to keep you safe, please refer to our Security page. For information on common scams and how to protect yourself, please visit the News section of our website.

As the end of the financial year (EOFY) approaches, many Australians are gathering documents, receipts, and tax statements. But it’s just as important to prepare for something else: staying safe from tax scams. With over $119 million lost to scams in just the first four months of 2025, scammers are exploiting every opportunity, including the tax system. To help keep you and your money safe, Customer Owned Banking Association's (COBA) Financial Crimes and Cyber Resilience team share expert tips on how to spot and avoid tax scams.What is a tax scam, and how do they work?Tax scams often involve criminals impersonating government agencies like the Australian Taxation Office (ATO) or myGov. These scammers send phishing emails or text messages to trick you into sharing personal information - such as your myGov username, password, or other sensitive details - or to get you to click malicious links.How can you protect yourself from tax scams?Here are four key ways to stay safe:1. Verify the sourceAlways double-check the sender's email address. Official messages from myGov typically come from addresses ending in @my.gov.au. Don’t respond unless you’re certain it’s legitimate.2. Avoid clicking on linksIf you receive an email or text with a link claiming to be from myGov, don’t click it. Instead, type the official website address directly into your browser: https://www.my.gov.au3. Be wary of urgency or threatsScammers often try to pressure you with urgent messages - like threats to suspend your account or offers of unexpected refunds. These are red flags. Stay calm and verify the claim independently.4. Never share personal detailsmyGov and government agencies will never ask for your password, Tax File Number (TFN), or bank details via email or text. Never share this information in response to unsolicited messages.How do you report a tax scam?If you receive a suspicious message claiming to be from myGov or another government agency, it’s important you report it to protect yourself and others from being scammed. Report it to the Australian Cyber Security Centre (ACSC) or the myGov Help Desk If it's related to the ATO: Call the ATO’s dedicated scam line: 1800 008 540Forward suspicious emails to ReportScams@ato.gov.au Take a screenshot of fake social media posts or phishing messages and email them to ReportScams@ato.gov.au More information about how to report a tax scam can be found on the ATOs website.   Published: 27 June 2025

While booking time off is exciting, it’s even more important to ensure your plans are legitimate so you don’t end up the victim of a travel scam. "Scammers often lure travellers with discounted travel packages that promise luxurious accommodation, exclusive deals, or free prizes, only for the victim to realise none of it was true," explained COBA’s Acting Chief of Financial Crimes and Cyber Resilience, Martin Latimer. To help ensure your holiday plans go ahead, COBA’s financial crimes team share expert tips on how to identify and avoid travel scams. What is a travel scam? A travel scam entices travellers with cheap flights and accommodation offers, free vacations, or exclusive holiday rentals that promise the holiday of a lifetime. Scammers create fake listings for popular travel destinations that mimic legitimate online travel agencies, often requiring payment upfront or request unusual and unsecured methods of payment that scam victims out of money. Travel scams can take many forms, including: Fake travel websites, booking platforms or rental listings advertised online. Unsolicited calls or emails offering free or heavily discounted luxury vacations. Fraudulent online marketplaces where scammers demand upfront payments for non-existent bookings. “These fake travel deals target victims booking big overseas holidays or short domestic trips, so it’s important to ensure you’re using reputable sites and avoid any requests for suspicious methods of payment,” Martin says. “Once the victim hands their money over to the scammer, they may discover the deal doesn’t exist, the accommodation listing was fake, or – upon arrival at the destination – realise it’s nothing like what was advertised,” he adds. Tips to protect yourself Do your research: Verify the legitimacy of travel websites, agencies, or accommodation listings by reading reviews from other travellers or ask for proof of the agency’s accreditation or certification. Beware of listings with limited photos, vague descriptions, or deals significantly cheaper than market rates. Be sceptical of unsolicited travel offers: Avoid holiday deals that seem too good to be true, especially if they’re unexpected. You may receive emails notifying that you’ve won a free vacation and ask you to click a link to claim the prize – this is likely a scam, especially if you haven’t entered any competition. Use secure payment methods: Avoid transferring money or paying through untraceable methods like gift cards or cryptocurrency. Stay vigilant during travel Remember, travel scams don’t stop once you’re on holiday as scammers can lurk in popular tourist destinations and trick travellers looking to use common services or holiday activities. These can include: Taxi scams. Vehicle hire scams. Wrong or overcharging scams. Credit card skimming. Pickpocketing and theft scams. Visa scams. Fake ticket scams. QR code scams. “Carry my bag” scams. More information on how these scams occur and how you can protect yourself is found at Smartraveller. What to do if you suspect a scam If you encounter a potential scam, report it to ScamWatch.gov.au to help protect others from falling victim. If you’ve been scammed, immediately notify your bank or financial institution. Customer-owned banks are dedicated to safeguarding their customers from scams and fraud. In November 2023, 55 mutual banks and credit unions demonstrated this commitment by joining forces to launch the Scam-Safe Accord with the Australian Banking Association. This industry-wide initiative represents a united front against scammers and reinforces the banking sector’s determination to strengthen consumer protection. Find out more about the Scam-Safe Accord here.