Security
Learn how to protect yourself from cyber threats, fraud and scams and keep your accounts secure.
What to do in the event of a scam or fraud
Received a text or call that seemed too good to be true? It usually is. Legitimate companies will never ask you to reveal passwords or financial information.
NEVER give any information like SMS One Time Passwords or codes to anyone. Bank First will NEVER request this information from Members.
Beware of scams and stay updated on national scams by reviewing current scams at scamwatch.gov.au.
Pause
Don’t act straight away. Stop and think about what you’re being asked to do.
Real companies or government agencies won’t pressure you to make payments.
Review
Have a quick look on Google to see if the company or person is real and whether it's the right phone number.
Check to see if anyone else has had similar experiences.
Ask
If you’re still unsure, show a family member or friend and ask for their opinion before taking any action.
Online Security Checklist
Unique password
Create a unique secure password for Internet Banking and always use an alpha-numeric password combining numbers, upper and lower case letters with at least one special character, e.g. Rf3Tg#1d8w.Two-factor authentication
Register for one of our free second level authentication security features; SMS One Time Password or Funds Transfer Password.Change your password regularly
Regularly change your password and keep your password secure.Contact details
Keep your contact details up-to-date.Keep your personal identity private
Only provide your personal identity information to entities that you do know and trust.Antivirus software
Regularly scan your computer and keep your antivirus software up-to-date.Automatic security updates
Turn on Automatic Updates for your security software.Unknown software
Do not install software or run programs of unknown origin.Always logout of Internet Banking
Always logout of Internet Banking using the logout button located at the top right of the screen.Don't use public computers for Internet Banking
Do not use public computers for Internet Banking, e.g. Internet cafes, libraries or hotels. If you have used a shared computer then please change your password on your own trusted computer at home or work.Check your last login details and transaction history
Immediately report any suspicious activity on your account to Bank First on 1300 654 822.Do not click links in an email
Never access Internet banking by clicking on a link in an email. Login directly by typing www.bankfirst.com.au into your browser and clicking on the Internet Banking link. Also check that the Internet Banking address starts with 'https://' to ensure that the site is secure.
What is phishing?
Phishing is the most common cyber-attack used today. They can be sent to you via email, text message, and sometimes via social media from what can appear to be a reputable source. Phishing attacks are used to trick the recipient into revealing sensitive information or data in order to steal from you.
Remember to pause, review and ask a friend or family member when you receive such messages. Learn more about protecting yourself from specific scams below.
Text message and email scams
Scam text messages or emails will sometimes look like they come from a reputable source.
Keep an eye out for spelling mistakes and email addresses that mimic a real organisations.
Never click any links.
Phone scams
Scam phone calls include calls where scammers will impersonate Bank First or a well-known company.
They may gain your trust and pressure you to provide passwords, codes or personal information over the phone claiming it will clear an unpaid bill, fine or similar.
Online shopping scams
As online shopping increases, scammers try to take advantage of those who shop online.
These can be anywhere on the internet but are especially found on online marketplaces, social media, classified sites and more.
Fake websites
Scammers can create fake websites that look almost identical to a reputable organisation that you deal with.
These websites are also designed to steal your personal information.
Check the website URL is legitimate. Never click any links.
Remote access scams
Remote access scams happen when scammers contact you by phone, email or text claiming to be from a familiar company.
They may ask you to give them remote access to your computer or device by downloading an app or say they need to remove a virus or malware from your computer.
Never download software or apps you don't know or give information like SMS One Time Passwords or codes.
Investment scams
Investment scams usually occur when someone pretends to be a financial advisor or similar.
A popular investment scam is where scammers try to get people to invest in cryptocurrency.
If it sounds too good to be true, it usually is.
More security resources
For further information about Internet and Email Security, visit the following websites:
Australian Government Initiative https://www.staysmartonline.gov.au
Australian Securities and Investment Commission https://www.moneysmart.gov.au
Little Black Book of Scams Online http://www.scamwatch.gov.au
Australian Competition and Consumer Commission http://www.accc.gov.au or call 1300 302 502.
We have become aware that there has been a cyber-attack at another financial institution which has resulted in the disclosure of PayID details of other banks’ customers.
The attackers will not be able to access bank accounts since no passwords or credentials are available from the PayID database.
Please be aware that SMS phishing attempts using hacked data could occur – for example, you may receive a personalised message from the attackers which looks like a legitimate message from us or another bank, in an attempt to acquire your banking credentials and password. You should be cautious of any unusual SMS activity and never click on a link in a random message.
Please call us on 1300 654 822 if you receive a suspicious SMS message.