Security and scams

Stay informed with tips, tools, and resources to help you protect your money and recognise scams. We’re committed to keeping your banking safe and secure, and helping you spot the warning signs early.

Do you think you have been scammed?

Contact us

If you think your account details have been compromised or if you spot something unusual on your account, contact us immediately on 1300 464 465, Monday to Friday, 7am – 5pm AWST 1300 334 336.

Outside of these hours, call Lost/Stolen Visa Debit on 1800 648 027.

Email us at info@gmy.com.au

Recover

Contact IDCARE, a national support centre for victims of identity crime. IDCARE offers a free service to assist victims with repairing the damage to their reputation, credit history and identity information. Call them on 1800 595 160 or visit their website to find out more.

You may be eligible to apply for a Commonwealth Victims’ Certificate. This certificate can support your claim that you are a victim of identity crime. It may help you re-establish your credentials with government or financial institutions.

Update your passwords, ensuring you use a unique password with letters and numbers.

Report the scam

Report the incident to ReportCyber, a secure Australian Government reporting and referral service for cybercrime.

Report the scam to Scamwatch, an Australian Government site to help stop scammers and warn others.

Watch out for follow up scams

If you are a victim of a scam, you are likely to be contacted again by scammers. There will be an increase in scam calls, texts, or emails if your phone number or email were compromised during the scam. Watch out for new scams – especially someone offering to help you get your money back.

Unfortunately, 1 in 3 victims of a scam have been scammed more than once.​

Get support

If you need help or need to talk to someone there are support services available.

Financial counsellors offer a free and confidential service to people struggling with bills or debt.

If you need someone to talk to, you can contact Beyond Blue or Lifeline. Their contact details are:

Warning signs

Please be aware of these common warning signs:

  • Pressure to act quickly.
  • Threats of legal action.
  • Opportunities to make or save money.
  • A request for help linked to a crisis or life event, intended to appeal to your generosity and goodwill.
  • Asking you to click on links or open attachments.
  • Requests that you pay in unusual or specific ways, such as via gift cards.
  • Asking you to set up a new account or PayID.

Tips to protect yourself from scams

Monitor your accounts

Regularly monitor your bank statements and online banking for any unauthorised transactions or charges. Avoid saving your banking and card details on shopping sites.

Use strong and unique passwords

Create and set unique passwords for each of your online accounts, combining uppercase and lowercase letters, special characters, numbers and using unique phrases. Refrain from reusing your passwords across multiple accounts. Consider using a password manager to store your passwords.

Enable Two-Factor Authentication (2FA)

Enable 2FA on all your accounts to add an extra layer of security. This involves receiving a one-time unique code to your phone or email account to verify your log in.

Secure your devices

Regularly update your device’s operating system as they often fix any security vulnerabilities with your device. Consider installing reputable antivirus software to safeguard your device against any malware and prevent unauthorised access to your device.

Only download apps from legitimate app stores like Google Play™ or the Apple App Store.

Make sure you know who you are dealing with or talking to

Ensure you know that contact is coming from the person they are claiming to be. For example:

  • If you receive an email or text with a link to a website, navigate to the organisation’s website yourself rather than clicking the link.
  • If a caller claims to be from your bank, look up the bank’s phone number and call them back on the publicly available phone number.
  • If you receive an invoice over email, call the company to verbally confirm bank details.

Be cautious connecting to public Wi-Fi networks

Avoid conducting sensitive online activities, such as accessing your internet banking accounts on public Wi-Fi networks. Consider using a Virtual Private Network (VPN) which will encrypt your internet connection and protect you against anyone trying to intercept your data.

Stay informed

Learn about the different types of scams and what you need to watch out for to protect yourself.

Common types of scams:

Dating and romance scams

When a scammer hides behind a fake online profile/s that are designed to gain your affection and trust. They will introduce significant events requiring your financial assistance (such as health issues, financial problems, travel expenses, or other personal issues). They’ll usually ask for financial assistance, such as pre-loaded debit cards, iTunes cards/gift cards or Bitcoin/cryptocurrency.

Warning signs:

  • Preferring to communicate through email or instant messaging rather than an official dating platform.
  • Professing strong feelings quickly (a technique known as ‘love bombing’).
  • Making excuses as to why you can’t meet in person, e.g. work commitments, overseas for emergency or family issues.
  • A change from affection to desperation or threats if you don’t meet their request for financial assistance.
  • They usually make small requests first to see if you will comply with larger requests later.
  • Preying on vulnerability such as isolation, elderly or language barrier.

Investment or cryptocurrency scams

When a scammer offers the opportunity to make quick cash or offer extremely high returns, it offers a once-in-a-lifetime opportunity you need to act quickly to get a good return.

Investment scams are often real estate/property projects, superannuation, shares and stock promotions, foreign currency or cryptocurrency trading.

Warning signs:

  • An investment with low risk and high reward: If the opportunity sounds too good to be true, it usually is.
  • High pressure tactics designed to rush you into signing up to the investment, so you don’t ‘miss out’.
  • An online contact that you haven’t met in person starts talking to you about investing.
  • Social media post about the investment opportunity with links or using celebrity endorsements.

Remote access scams

Where a scammer gains access to your computer or device from a remote location to get your personal information. They will pretend to be from a familiar company such as a bank, telecommunications company, government agency or computer software company. They will give you a fake story, such as a computer virus, to convince you to give them remote access to your device to fix the issue.

Warning signs:

  • Never give someone access to your accounts, personal details or access to your devices – especially if they have cold-called you.
  • If you believe the call to be legitimate, call them back on the number listed on the company website. Don’t call them back on the number they provide.
  • Do not click on any links provided.
  • Consider installing anti-virus software and ensure that it is running regularly.

Job and employment scams

Stop and check any job that requires you to pay money to make money as it could be a scam. They may pretend to be hiring on behalf of high-profile companies or online shopping platforms. They also impersonate well-known recruitment agencies. They may post fake ads on legitimate employment platforms or websites.

Warning signs:

  • You are contacted through text message or encrypted message platforms like WhatsApp, Signal or Telegram.
  • You are asked to top up an account with your own money or cryptocurrency to complete tasks or be recruited.
  • The hiring process is quick with no interview or discussion about your qualifications, experience, or reference checks.
  • The job involves transferring money, making purchases, or receiving packages on behalf of someone else.

Threat and penalty scams

Threat and penalty scams are when scammers threaten you with harm (physical or emotional), arrest, legal action or other demands to force you into handing over money or personal information.

Warning signs:

  • You receive a call, message or email unexpectedly from someone claiming to be from a government department, debt collection agency or trusted company.
  • You are threatened with legal action or arrest.
  • You are told that to fix the matter you need to pay a fee or fine.
  • You are asked for personal information, such as passport details, date of birth or bank information.
  • You are asked to pay using an unusual payment type such as gift cards or cryptocurrency.

Phishing/Smishing scams

Phishing or Smishing is when a scammer sends an email or text that appears to be from a trusted source, often including an urgent ‘call to action’ or ‘pay a fee’. They will often have a link which takes you to a scam website.

To make the messages look real, scammers will often copy the phone number and sender ID of businesses or people you know. The scam message can even appear in the same message chain as legitimate messages from the organisation.

Warning signs:

  • A message asking you to:
    • Act urgently.
    • Make a payment or transfer money.
    • Click on a link.
  • The message creates a sense of urgency to make you act, such as:
    • Claiming that your account has been hacked or involved in fraud,
    • Saying there is a problem with your payment or your package delivery.
    • Making a threat if you don’t act immediately (such as a fine or cancelling a service).
  • The message may have spelling mistakes or grammar mistakes

Helpful links

ReportCyber – a secure Australian Government reporting and referral service for cybercrime. ReportCyber also has resources to help victims recover from scams.

Scamwatch – more information on recognising, avoiding and reporting scams. Run by the Australian Government’s National Anti-Scam Centre.

The Little Black Book of Scams – a comprehensive guide to spotting and avoiding scams, published by the Australian Competition and Consumer Commission (ACCC).

Microsoft – Microsoft provide tips on some of the most common online scams and attacks and what you can do to protect yourself.

Keep yourself safe from scammers

ban

Stop

Always take a moment before giving your money or personal information to anyone.
file-check-2

Check

Make sure the person or organisation you’re dealing with is real.
shield

Protect

Act quickly if something feels wrong.

3 simple steps to keep us all safe from scammers

Stop

Always take a moment before giving your money or personal information to anyone.
Scammers will create a sense of urgency to pressure you into acting quickly. Don’t rush to make decisions about money or sharing personal details.

What to do:

  • Say no, hang up, or delete suspicious messages.
  • Take time to think before responding to unexpected requests.
  • Don’t let anyone pressure you into immediate action.
  • Trust your instincts if something feels wrong.
Check

Make sure the person or organisation you’re dealing with is real.
Scammers pretend to be from organisations you know and trust. Always verify who you’re really dealing with before taking any action.

What to do:

  • Contact the organisation directly using phone numbers or email addresses you find on their official website or app.
  • Research investment opportunities or offers through official sources like ASIC.
  • Get a second opinion from family, friends, or professionals.
Protect

Act quickly if something feels wrong.
The sooner you take action, the better you can protect yourself and others from scammers.

What to do:

  • Contact your bank immediately if you think you’ve lost money or shared financial details.
  • Contact IDCARE if you’ve shared personal information – they can help you create a plan to limit damage.
  • Report scams to Scamwatch to help protect others.
  • Change passwords and security details if you think they’ve been compromised.
  • Monitor your bank statements and credit reports for unusual activity.
  • Report the scam to the impersonated organisation and platform where the scam is happening.
  • Being scammed can feel overwhelming. Support is available at Lifeline on 13 11 14 or Beyond Blue on 1300 22 4636.

Report a scam

Contact BNK immediately if you think you’ve lost money or shared financial details.
Contact us

Things you should know

Google Play is a trademark of Google Inc. Apple App Store and iTunes is a trademark of Apple Inc., registered in the U.S. and other countries and regions.