We've been notified of a number of phone and SMS scams in the banking industry of late, and remind our customers to please stay vigilant. Keeping you, your information and your money safe is extremely important to us. If you come across any questionable transactions on your account or have any security concerns, let us know.
Concerned about the safety of your accounts? Call 1300 360 744 immediately.
Fraud and Scams
It’s important to stay vigilant to scam activity and the different tactics being used today.
This year alone scams have cost Australian consumers, businesses and the economy over $222 million. We’re encouraging everyone to chat about scams with friends, family and colleagues to raise awareness and help reduce the risks.
Visit moneysmart.gov.au/ for more information.
- tips to avoid falling victim to a scam
1.Do NOT click the link!
If you receive a text message that contains a link, do not click on the link unless you are confident it is legitimate. Regularly install operating system updates and use anti-virus software.
- Never provide any of your personal or banking details
Never provide any of your personal or banking details to someone you don’t know and trust, and never provide banking passcodes (including authentication codes received via phone or email) to anyone.
3.Call back using details you find in an independent search
If you receive a suspicious request from someone who says they represent an organisation or government agency, call back using details you find in an independent search, rather than details they give you.
- Be wary of unusual payment requests
Scammers will often ask you to use an unusual payment method, including preloaded debit cards, gift cards, iTunes cards or virtual currency such as Bitcoin.
- Contact their bank or financial institution immediately
Anyone who has provided their banking details to a scammer should contact their bank or financial institution immediately.
Where to seek help:
If you’ve lost money or given your personal details to a scammer, there are steps you can take straight away to limit the damage and protect yourself from further loss.
- If you’ve sent money or shared your banking or credit card details, contact us
- If you’ve given your personal information to a scammer, visit IDCARE (idcare.org), Australia and New Zealand’s not-for-profit national identity and cyber support service. IDCARE can work with you to develop a specific response plan to your situation and support you through the process.
- Take the time to warn your friends and family about these scams.
- If the scam occurred on social media, report it to the social media platform.
Register for Australian Government’s Scamwatch email alerts to get updates on the latest types of scams targeting Australian consumers and small business.
The ACCC’s Scamwatch has released a warning regarding phishing scams. A few general reminders to help you stay vigilant:
- Don’t click on links from sources you don’t know. They could download viruses onto your computer or device.
- Don’t open attachments or click on links in emails, text messages or social media messages you’ve received from strangers — just press delete.
- Never respond to unsolicited messages and calls that ask for your password, personal or financial details — just press delete or hang up.
- Stay up to date with latest consumer advice on the ACCC website at: www.accc.gov.au.
- Be careful of fake online shopping sites requesting unusual payment methods such as upfront payment via money order, wire transfer, international funds transfer, preloaded card or electronic currency, like Bitcoin. Information is available at: Online shopping scams.
These scams often come with the tease of big payout, doubling your money or a guarantee of similar nature. They also often target those who are elderly and are vulnerable to scams (especially online investment scams) and are isolated from family or live alone. Please be alert to the dangers associated with investing money with people you don’t know, often based overseas, for seemingly great returns.
We are aware of fraudsters contacting customers and impersonating SCCU employees in an attempt to extract personal information, often saying they are verifying withdrawals or card transactions.
There have also been reports of fraudsters impersonating a transaction fraud committee. They ask for information to identify they are speaking to the right person while reiterating they are not asking for account or passwords to reassure. They flag there are suspicious transactions that they have not yet released, which is why you can’t see them on your account. After some questioning, the fraudulent company then says they can confirm that they’re speaking to the right person, but cannot confirm that the customer hasn’t made the queried transactions and will have to let them pass through unless they can verify the answers discussed through NetBanking. They then reiterated that they will not ask for any account information and instead have a completely secure app such as AnyDesk. After the customer downloads the App the fraudsters then have the ability to watch as the customer’s login to NetBanking, emails and other password protected sites. Please be aware that a range of tactics are used by fraudsters, including the use of language that triggers panic which in turn motivates the customers to act quickly rather than question what is being said (if I don’t do this right now, my money will be gone) as well as the use of a female voice to put people at ease. Please be alert to these types of scams and we encourage you to contact us directly if you are concerned that this has happened to you.
Money smart is ASIC’s website for consumers and investors.
The Money Smart website was created by ASIC to help you take steps to improve your personal finances.
ASIC is also interested in information of scams involving financial products. Report misconduct to ASIC
The website has calculators and guidance on:
- borrowing and credit
- superannuation and retirement
- budgeting and saving
Cyber Security Tips
As we increasingly use online solutions and integrate technology into our day to day it’s important to take measures to protect and maintain cyber security.
Here are a few tips to keep top of mind
- Do not click on suspicious links in emails or even text messages – especially emails requesting you to enter your account information.
- Be cautious of emails asking you to act on a financial transaction with a sense of urgency.
- Be vigilant when opening attachments – ensure you are expecting the attachments and that it’s not suspicious.
- Do not forward any suspicious emails from your personal email to your work email account.
According to the National Cyber Security Alliance, one in five small businesses falls victim to cybercrime each year. If you’re a small business, it pays to review the below:
- Never provide your password to anyone. Use complex passwords and use a different password for each of your online accounts or programs.
- Check for red flags in emails to tip you off that the sender may not be legitimate. Check domain names carefully.
- Don’t open any email attachments if you don’t know exactly why you received them or what they contain.
When in doubt, throw it out. Hit that delete button.
NetBanking & Mobile App Security
There are a few things you can do to protect your security when banking online.
- Consider the use of the ‘Save Password’ feature in browsers (this often pops up when you’re logging in to a site, or making an online payment). These passwords can often be viewed by simply going into browser settings and are vulnerable to hackers and in instances where property, like a laptop, is lost or unattended.
- Log out after using NetBanking – Always click on the ‘Logout’ button and close the browser when you have finished using NetBanking. Simply closing the browser when you are done may not log you out of NetBanking completely.
- Choose secure access codes – When choosing your password try to make sure it is as unique as possible. Don’t use your birthday or the name of your pet.
- Remember never to disclose your password to anyone.
- Ensure you have adequate protection against Virus’s (including Trojan) and Malware on your computer and phone.
24/7 Fraud Monitoring
Together with Orion (our supplier of fraud management services) we have a sophisticated card monitoring program in place to provide additional security to you 24 hours a day, 7 days a week, while you’re at home or travelling overseas.
Orion monitors your usual card spending activity and is able to quickly identify any unusual spending patterns with the aim of preventing attempts by others to use your card.
What happens if there has been an unauthorised transaction on my card?
If Orion detects suspicious or unusual spending behaviour on your card they will contact you via phone and email to confirm the transaction was genuine before putting a stop on your card.
It is very important that you ensure your details with us are up to date and correct and that you notify us if you are travelling overseas, as your card may be blocked if we are unaware of your plans to travel abroad.
Remember we will never:
• Ask you for your NetBanking login or credit card details via phone or email
• Use email to send you a link to the NetBanking login page
• Ask you to disclose your password to us in any form
For more info about how to identify and avoid scams, check out www.moneysmart.gov.au/scams/avoiding-scams
Security tokens are available to provide enhanced security when accessing your accounts online via NetBanking or your mobile.
There are two types of security tokens available:
• SMS Token
• VIP Access Tokens
SMS OTP (One Time Password) or SMS Token
If you would like access to enhanced security when accessing your accounts via NetBanking or mobile banking you can enable the SMS token facility.
The SMS security token can be enabled by all customers, no matter what your daily access limit amount is set at.
VIP Access Token
The VIP Access token is available via a SCCU mobile app or physical token that can be attached to your keyring.
The VIP Access token provides you with a unique security code that you can use in addition to your username and password when logging into NetBanking or mobile banking. This code changes every thirty seconds. The use of a secondary security device increases safety and security when accessing your accounts online. This device does not require internet to access.
If your daily transaction limit is more than $5,000, or you would like to increase your daily limit to more than $5,000 you will be required to use either the SMS token or a VIP Access token to access your accounts online via NetBanking or mobile banking.
Disputed Transactions & Chargeback Guidelines
- Contact the merchant if you have an unrecognised transaction on your account. This can often be the simplest solution. If this isn’t suitable or you’re not satisfied with the outcome, contact us and we can start the chargeback process on your behalf where the right to a chargeback exists.
- To enable this, you’ll need to get in touch within 45 days from the transaction date. If the transaction is an unauthorised transaction, contact us as soon as possible
- For more information on chargeback rights and disputed transactions, get in touch with our team for help. You can also read through our Resolving a Dispute guide for further assistance.