NetBanking allows you to operate your SCCU accounts from anywhere you have access to the Internet. As your financial institution we are more than happy to provide this facility.

NetBanking gives you complete control over your financial affairs. However before becoming a Secure NetBanking Member we would like you to understand a few conditions and values established at Southern Cross Credit Union.

We at all times practice high security standards to maintain the integrity and privacy of all member information throughout the entire organisation. We ask our new NetBanking Members to adopt these values and practices, and to ensure that all care is taken to maintain your NetBanking membership in a safe and responsible manner.

NetBanking Access Code
The purpose of your NetBanking Access Code is exactly the same as that of your PIN on your Redicard or Visa Card. It uniquely identifies the person conducting the transaction. We rigourously protect your data and ensure that our security system protects against fraudulent activity, but access via your code is directly your responsibility.

Never disclose your access code to anyone. On joint accounts each signatory is allocated a separate Access Code. If you suspect the integrity of your access code, change it immediately by using the 'Change Password' facility found under the 'Other' menu at the NetBanking site. The same security procedures you apply to your PIN should also apply to your access code. Avoid allowing anyone observe you entering your code. Never store your access code on, or near your PC.

Your Access Code is entered using a virtual keypad. This prevents it being recorded using keystroke logging software should the system you are using be infiltrated by a trojan. The keys are presented in a random layout at each login to guard against the mouse click positions being recorded.

After three consecutive unsuccessful login attempts NetBanking access to your account will be 'locked' to prevent unauthorised access by continuing to guess at your access code. If your account becomes locked, you will need to contact us on 02 6672 2744 to request that your NetBanking access be reinstated.

Your Access Code must have between 6 and 12 characters. To help avoid entering an incorrect access code, we allow you to choose your own. Select one that will be easy for you to remember but avoid using easy to guess codes such as your phone number. You should also avoid reusing the same codes that you have registered at other sites.

To further protect your Access Code you will be asked to change it after three months.

Access to Your Computer
NetBanking will automatically log you off after a period of time where there has been no activity. This will minimise the risk of a fraudulent transaction in case you forget to log out. However you should always avoid leaving your computer unattended while you are connected to NetBanking. For maximum security always use the logout option to exit when you have finished using NetBanking or before leaving the computer.

Protect Your Records
Maintain control over your account details if you save or print them after accessing them via NetBanking.

Install Anti-virus Software
Thousands of computer viruses circulate online. Many include functions to eavesdrop on your activities. Some can record your keystokes and gather credit card information. It is imperative that you maintain your antivirus software by downloading the updates regularly. Viruses often attempt to disable antivirus software and it is important that the update is loaded before they have the chance to infiltrate the computer.

How Safe is My Account?

The credit union banking site is protected by a hardware firewall that blocks and reports any unauthorised attempt to establish a connection. The Internet address of each each connection to the server is logged. Antivirus software is run continuously on every computer in our network.

The communication of account information between your browser and our site uses a secure internet protocol. Data is encrypted making it unreadable without the appropriate decryption key. Encryption is based on a relationship between two very large numbers. One number (the public key) is sent to your browser and used to encrypt the data. The public key cannot be used to decrypt the data. The other number (our private key) is used by our server to decrypt the information.

Your access code is the most important feature. Even our computer staff cannot obtain your access code because it is encrypted using a one way algorithm. The code you enter in your browser is encrypted using the same algorithm and the result compared with the original on our records to establish a match. Of course if you do forget your code we can provide you with a new one. However once you have changed it (as required on your first login) only you can know the code.

How to prevent fraudulent attempts to obtain your banking details

• Never disclose your NetBanking Access Code to anyone for any reason.
• We will never send emails requesting access code or account details. Always disregard any email that ask for this information.
• Never access NetBanking from an email link. The target address of the link may be different from the address displayed.
• Always keep virus protection up to date.

Internet Banking Security Update

Southern Cross Credit Union has recently performed an update to our NetBanking system to enchance system security. The address bar on the NetBanking page will turn green on certain Internet browsers and display the company name, to indicate that the page is a legitimate NetBanking page, on the Southern Cross Credit Union system. This is to help protect our members against fake websites trying to steal passwords. An example of such an attack is when the user is directed to the fake website via a link in an email, after being told that they must login to update their password or the account will be locked or cancelled. Now, with a compatible browser, the address bar will turn green and display “Southern Cross Credit Union Ltd[AU]” when on the legitimate NetBanking website, but will remain white or yellow if the website is fake.

Currently, Internet Explorer 7 and Firefox 3 are the only browsers that supports the green address bar. Internet Explorer 7 requires the Automatic Phishing Filter to be enabled for this feature to work correctly. To enable the Automatic Phishing Filter, click the Tools menu, then Phishing Filter, then Turn On Automatic Website Checking.

We recommend that users of Internet Explorer 6 or older upgrade to version 7, which can be obtained for free from www.microsoft.com/ie7

We recommend that users of Firefox 2 or older upgrade to version 3, which can be obtained for free from www.getfirefox.com

Click here to see an example of the green address bar on Internet Explorer 7 and Firefox 3.

Online Shopping Credit Card Fraud
A very recent development has been a new type of trojan that lies dormant until the user enters a 15 or 16 digit number. Recognising it as a credit card number being entered online, a popup appears requesting the information be confirmed including in the CCV number. This information, which is sent to the perpetrator, is all that is required to commit "card not present" fraud. In some cases even the PIN is requested. Never ever enter your PIN online as this is a sure sign of fraud.

Members are urged to be extremely cautious when entering card details online. All credit card information should be be entered into a single form displayed on a secure page. Secure sites use https: addresses with the browser displaying a padlock symbol. Do not enter any credit card information into a separate popup.

Fraudulent Emails
One of the most prevalent scams is 'phishing' - email messages which appear to come from your bank. Often they contain authentic logos and bank business numbers. They usually contain links or addresses which connect to carbon copies of genuine banking sites. They are designed to fool recipients into divulging personal data such as account numbers, names, PINS or access codes and credit card numbers. These are fraudulent attempts to obtain your access code.

Most scams target major financial institutions and to date there are no known attempts to target Southern Cross Credit Union members. Please contact us as soon as possible if you do receive a phishing email pertaining to Southern Cross Credit Union.

You can read more information about phishing from the the Australian High Tech Crime Centre.

Avoid Becoming a Hacker's “Mule”
Criminals attempt to engage internet users to transfer stolen funds out of Australia. Never respond to an unsolicited employment offer received by email or at a chat site. Most newspaper advertisements for part time computer work at home are also attempts to recruit mules. Read more information about mules at the Australian High Tech Crime Centre.

Protect Your Access Code
Members are reminded that they should protect their access code at all times and never disclose it to anyone.

Please DO NOT respond to requests to:

• Disclose your access code to a person contacting you in person or by telephone.
• Disclose your access code to a person contacting you by email.
• Login to any unauthorised web site addresses. Only login via our authorised site address.

We will never request that your access code be communicated to us in any form.

Always protect your access code for internet banking and do not reveal any information or access codes to anyone.

Remember that protecting your access code is your responsibility, just like your Visa or Redicard PIN.