What is Phishing?
Phishing is a way scammers trick you into unknowingly sharing your personal information such as passwords, account information, identification details or credit card numbers, with the intention to steal your identity for personal and financial gain.
Scammers often impersonate well-known businesses that you are likely to deal with such as financial institutions, utility providers, telecommunications companies and government agencies. They may also take the form of fake vouchers or competitions, surveys, postal notifications, bills, account alerts etc.
Examples of scams*
Ronan received an SMS on his phone, that looked to have come from his bank, advising that suspicious activity had been detected on his credit card and that the card had been suspended. The message contained a link for him to click on, to restore the card access.
Ronan clicked on the link and was taken to a webpage (that looked just like his banks) which asked him to enter a number of personal details as part of the security validation, including full name, date of birth, address, phone number and credit card details, which he completed and submitted.
Over the next few days, Ronan noticed some transactions on his credit card that he did not recognise. The scammers had enough information to use his credit card.
Please note, all your information is securely held at Westpac and we would not ask you to validate it via a link in an email or SMS.
Signs this may be a scam
You're asked for your personal information.
Do not give it to them. Ask for a reference number, then contact the business yourself separately on a trusted number to verify if the request was genuine.
You receive an email or SMS asking you to click on a link.
Do not click on the link. To sign in to your banking, type the address into the browser yourself (e.g. type in westpac.com.au).
A caller is threatening and applies time pressure.
They may also ask you to download software, or complete something in secret. Hang up. Do not act on their requests or download anything.
It just doesn't sound or feel right.
Trust your gut instinct and separately verify the person, business or information given to you.
Financial institutions, government agencies and most organisations will never contact you requesting access to your device, share your passwords, security codes, PIN’s or other personal information via a pop up or a phone call. Never share these with anyone, regardless of the claims being made. Always call organisations back on trusted numbers found on their website or phone directory to validate any of these types of requests.
What a scammer could do with your personal information
- Access and drain your bank accounts
- Open new bank accounts in your name and apply for loans or lines of credit
- Take out phone plans and other contracts in your name
- Purchase expensive goods in your name
- Steal your superannuation
- Gain access to your government online services
- Access your email to find more sensitive information
- Access your social media accounts and impersonate you to scam your family and friends
What you can do if you
come across a scam
Let us know
- Please report scams or suspicious activity immediately to Westpac at 132 032 or +61 2 9155 7700 (if calling from overseas).
- Forward suspicious emails to firstname.lastname@example.org or SMS/text messages to 0497 132 032 then delete the email or message.
- You can also report all suspicious activity to the Australian Cyber Security Centre at cyber.gov.au/report.
Get support and stay in the know
- IDCARE provides free, confidential support and guidance to those impacted by fraud, scams, identity theft or compromise. Call them toll-free on 1800 595 160 or visit idcare.org.
- Keep up to date on scams by subscribing to the government's scam email alerts from scamwatch.gov.au/subscribe.
- Check out our latest scams, for copies of recently reported scams at westpac.com.au/scams.
ScamSpot: a series of 2-minute bites to help spot the latest scams
Things you should know
* Examples are based on one or more real scam reports received by Westpac. For privacy purposes real names have not been used.