How to spot a bank impersonation scam

Receiving a message from your bank alerting you to fraudulent activity can be frightening. Your instinct might be to act quickly by clicking the links provided and following the instructions. Unfortunately, what looks like a genuine alert from your bank can often be a scam threat, and following the instructions in these messages can put your accounts at risk.

Load video

transcript

20 million dollars was lost to bank impersonation scams in Australia in 2022. Here’s what you need to know.

A bank impersonation scam involves emails, texts or phone calls claiming to be from your bank. These scams attempt to capture your personal or financial data.

Here are three important warning signs that an email, text or phone call from your bank isn’t legitimate.

1. Urgency or threats - scammers will attempt to get you to act quickly by demanding urgent action or using strong language to instil fear.

2. Tone or wording - even if a message appears in the same thread as genuine messages from your bank, unusual tone, wording or spelling errors can indicate a scam.

3. Links to update your details - never click links in text messages or emails claiming to be from your bank if it’s a request to update your information. Bendigo Bank will never ask for your details or to transfer money. We will never ask you to download software or login via a link sent through email or SMS.

If you are speaking to someone claiming to be from Bendigo Bank and you are unsure if the caller is legitimate, hang up and contact us directly on 1300 236 344.

Close transcript

Bendigo Bank’s Head of Fraud, Jason Gordon, warns customers that “criminals are getting adept at carefully constructing often complex communications that convincingly mirror those of the brand they are impersonating.”

Here’s everything you need to know about bank impersonation scams and how to spot one.

What is a bank impersonation scam?

A bank impersonation scam happens when a scammer contacts you pretending to be your bank. You may receive calls, emails or SMS text messages from the scammers.

Jason explained the rise of ‘spoofing’ in advanced scam activity. “Spoofing is when phone calls appear to come from legitimate numbers and SMS messages appear in the same conversation thread as genuine communications, making it very difficult for people to detect genuine communications,” he said.

Scammers will try to get you to click links, install software or provide personal information under their instruction. This information is then used to access your accounts and steal your money.

Red flags for bank impersonation scams

• Links in SMS text messages or emails. Bendigo Bank will never ask you to click a link to login to your online banking. If you’re concerned about your account, always login directly through the main website.
• Urgency or threats. Scammers use frightening language to try to get you to act quickly and override your sense of caution. They might tell you to update your information immediately to protect your account, or ask you to verify login information via a fraudulent link.
• Any request for sensitive information. Bendigo Bank will never ask you for passwords, passcodes, PIN numbers or login information. Never give this out to anyone, even if they claim to work at the Bank, and only enter your personal information on a website you’ve visited directly. Never follow login links in emails or texts.
• Instructions to install software. Scammers may try to get you to install software under the guise of protecting your accounts or devices. These programs are used to remotely access your devices, and copy your passwords and login information to compromise your accounts.
• Requests to transfer money. Bendigo Bank will never instruct you to transfer money to another account. Any mention of making transfers is an immediate red flag that you’re speaking to a scammer.

How to protect yourself from bank impersonation scams

Scams are becoming more sophisticated and are using a range of methods and software to take advantage of their victims. Bendigo Bank’s financial crime team is constantly tracking scam threats and putting control measures in place to keep your accounts safe, but we need our customers to be alert and aware of common risks, too.

It’s critical that you know what to look out for. Here are our top tips to protect yourself from bank impersonation scams:

• Slow down. If you receive a message or call from your bank, take a moment to consider whether it could be a scam before you act.
• Never click links in text messages claiming to be from the Bank, even if they seem harmless. Always use the official website to login to your accounts.
• Call us if you’re unsure. Visit our official website and call us on our main contact line. We’ll be able to check your accounts and instruct you if you do need to do anything.
• Look out for changes in caller IDs or call locations. Be extremely diligent about any inbound communication claiming to be from Bendigo Bank or any other financial institution.
• Remember to stop, think and protect. Take a pause. Ask yourself, ‘could this be a scam?’. Never give out personal information like passwords, PINs or verification codes.

“Please remember the Bank will never ask for your details, or to transfer money, download software or login via a link sent through email or SMS. Bendigo Bank has removed links from all our SMS messages, so customers who receive an SMS that includes a link should treat that as suspicious,” Jason concludes.

What to do if you have been scammed

If you think you’ve been scammed or think a scammer has access to your accounts, it’s important to act quickly. Call us on 1300 236 344 (in Australia) or +61 3 5445 0666 (from overseas - standard international call charges apply) as soon as you can. The faster you act, the sooner we can try to protect your accounts.

Remember to Stop, Think and Protect

Stop – before you make a quick decision, stop. Could this be a scam? Scammers benefit from rushed decision making.

Think – what are the red flags here? Why have I been contacted? How can I verify this is legitimate?

Protect – act quickly if something feels wrong. Contact your bank for support if you’re transferred funds. Report the scam to Scamwatch.

Learn more about our latest scam alerts and information to keep yourself and your family safe online.