Be aware of SMS phishing attacks over the holiday period

18 November 2016

The Australian Communications and Media Authority (ACMA) has warned many Australian mobile phone users may be at risk of SMS phishing attacks that have been targeting banks over recent months.

What is SMS phishing?

SMS phishing is an alternative form of the more commonly known email phishing, which uses an SMS message to deliver an attachment or link to the victims mobile device. 

Recent cases all follow a similar pattern:

  • The SMS contained a link to a fake URL containing the organisation's name 
  • Clicking on the link took the victim to a website which looked like the organisation's mobile banking App
  • Here the customer was required to enter their online banking username/ID and password
  • They were then directed to a further 'verification' site where they were asked to input all card details, including VbV verification information 

Security tips to minimise your risk: 
  • Do not open SMS or emails from suspicious sources 
  • Never follow hyperlinks contained in these messages 
  • Do not use memory retainers for important information on websites 
  • Change your password regularly  
  • Check the online banking pages for the padlock security symbol or https:// in the URL 

If you have any concerns about suspicious behaviour on your account please contact us on 1300 346 400.