Common Security Risks
Listed below are the current most common online security risks.
Internet Banking users have recently been targeted by a range of email scams involving various hoax emails. The hoax emails have been sent to large numbers of email addresses in anticipation of at least some reaching users of online banking facilities. Because of the large number of emails involved and the random nature of the hoax, these frauds are often called 'phishing'. The hoax emails seek to trick online banking consumers into disclosing confidential financial information such as their Internet Banking login and password details, thereby providing the perpetrators of the fraud with illegal access to their accounts.
The emails can look very professional and give the appearance of coming from a legitimate financial institution. Techniques that have been used so far include:
- asking consumers to update their login and password details for 'security' purposes. The users are directed to an authentic looking but false website. In some cases, the website address is also very close to that of the targeted financial institution. When users try to login to their accounts, their login and password details are captured
- luring users into opening emails or attachments that secretly install 'Trojan' virus programs. Trojans are computer programs that secretly install themselves on a user's computer without the user even knowing about it. In the case of online banking fraud, Trojans are used to log and capture key strokes (such as Internet Banking passwords, etc)
- falsely alerting consumers to suspect transactions on their account. If the recipient follows the link embedded in the email, a virus covertly installs a Trojan program that logs key strokes
- directing a user to a false website such as emails purporting to come from Australian Federal Police or the ATO where a Trojan program is installed to log key strokes
Having used these or similar techniques to capture login and password details, fraud perpetrators are then able to illegally access accounts and withdraw funds.
PLEASE NOTE: The Credit Union will
- never ask for your Internet Banking loging details or card details via phone or email.
- never use email to send you a link to Internet Banking login page
- never ask you to communicate your passwords to us in any form
Members should also be alerted to a number of fraudulent job scams advertised on the Internet which entice users to act as money transfer agents for a third party. Consumers are duped into using their own accounts to transfer money for third parties as part of a legitimate business transaction for a commission based on a percentage of the transfer. In fact, they become part of a money laundering operation for transferring stolen money. Again, these false job websites appear very professional and can be very convincing.
Members should exercise extreme caution with any online job offer where you are asked for your personal and banking details.
Identity theft occurs where a criminal obtains the personal details of an individual to masquerade as that individual and, typically; transfer funds, obtain cash, secure loans and other financial benefits. The individual is then left to deal with the debts incurred, along with the associated legal implications.
Identity theft can occur when a fraudster gets access to your personal information such as your date of birth, your address, your drivers licence number and information from utilities, phone and credit union/bank account records.
This can be obtained through:
- email scams such as those mentioned above
- similar telephone scams
- theft of your records and/or mail
- keep responsible care of all personal information to minimise the risk of loss/theft (e.g. by keeping tax records and other financial documents in a safe place);
- minimise the risk of mail theft by securing your mailbox (e.g. with a padlock)
- cancel unused credit union/bank/utility/phone accounts
- securely dispose of any documents that may contain personal details (such as account statements, credit card transaction slips, bills, etc)
- regularly obtain a copy of your personal Credit File to make sure there is no unusual activity on your file
- promptly report to the police any loss or theft of personal documents