MyState staff members will never ask you to disclose your confidential PIN, Internet Banking password or phone banking access code over the phone, by email or in person. If someone contacts you asking for these details, do not provide them – they are very likely a scammer.
There are common things to look out for, but the best thing to remember if someone is contacting you offering you something that’s too good to be true, then it is probably a scam.
What to do if you’ve been targeted by a scam or fraud
Call us immediately if you think you might have provided your bank details to a scammer, or are unsure if you’re being targeted – please give us a call on 138 001.
What to look out for
Scammers and fraudsters are constantly coming up with new ways to gain access to your personal banking.
Things to look out for include:
- Emails that tell you that you have won a prize, offer employment opportunities or that ask you to enter lotteries
- Anyone asking you to provide your bank details to support the transfer of funds
- Free websites and downloads (such as music, adult sites, games or movies). These may install harmful programs without you knowing
- SMS (text messages) and voicemail messages that ask you to call a number and then input your details via an automated service
- Emails or phone calls asking you to confirm your details, click on links or attachments within an email, or to complete a form on an unknown website.
If you are ever unsure of an email, delete it immediately and remove it from your deleted items. MyState may contact you through secure mail within your Internet Banking – once you’ve logged in you can communicate with us securely. We will never ask you to provide personal information using your normal email address.
If you are ever unsure if an email is legitimate, please give us a call on 138 001 or send an email to email@example.com
One common type of scam is where cold callers, pretending to be from a reputable company or government organisation, coerce unsuspecting victims into providing or confirming personal or banking information over the phone, such as your name, date of birth, card details, account numbers or passwords and Access Codes. The scammers then use this information to process fraudulent transactions on the victim’s card or wrongfully access their banking services in some other way.
In many instances the caller already knows part of the victim’s card number and will ask for the remaining digits, or they may have the full card number and ask the customer to verify it and provide the confidential 3 digit CVV number and expiry date. This enables the scammer to process a transaction online even without the card being present.
Cheque fraud is the use of a cheque to gain a financial advantage by deception. This includes altering cheques, stealing cheques, duplicating or counterfeiting cheques.
Criminals also use false invoices to obtain legitimate cheques, deposit cheques into a different third party account without authority or deposit cheques for payment knowing that insufficient funds are in the account to cover the deposited cheques.
MyState’s cheques contain a number of security features designed to make it difficult for fraudsters to alter cheques.
Be aware that the information you share online via social networking websites, such as Facebook, Twitter and LinkedIn may be available for anyone to see.
Don’t share information like your date and place of birth, mother’s maiden name and other standard identification questions. Make your profile private and only add friends you know.
To protect yourself while using social networking sites:
- Customise your privacy settings to make sure your profile pages are only accessible to people you know and trust and not to the general public
- Never publish personal or sensitive information such as your date of birth, driver’s licence number, tax file number or bank account details
- Don’t publish contact details such as your home address or phone number
- Use a different email address if you want to publish this online
Card skimming occurs when criminals attach illegal devices to ATM or EFTPOS machines that are designed to ‘skim’ the details of your card and capture your PIN. With this information a fake card is created and used along with your PIN to access your accounts and steal money.
Skimming is not always easy to detect – but there are some signs you should look out for. Apart from usual wear and tear, are there any markings on the ATM or changes in its appearance, like cuts or cracks, glue residue, exposed wires or the remnants of double-sided tape? Does the card entry slot appear to have an extra device attached to it? Does the keypad look normal or does there appear to be an extra layer over the pad?
If an ATM looks like it may have been tampered with, or makes you feel suspicious, do not use it. If there is a contact phone number on the machine, please phone to report it.
How to protect yourself
Use this guide to create stronger passwords and bank securely online:
- Create passwords using eight character or more upper and lower case letter, numbers and special characters.
- Never share passwords with anyone. Even close family or friends.
- Change your passwords at least every six months, or anytime you suspect your password has been compromised.
- Always access Internet Banking via our official website or mobile apps. We will never send you a link via email to access your accounts.
- Avoid accessing your Internet Banking on public computers or over public Wi-Fi networks.
- Always check login times and dates; if you see any inconsistencies tell us immediately.
- Install antivirus, anti-spyware and firewall software on your computer and mobile devices and keep them up-to-date.
Follow these simple guidelines to protect your personal information on your mobile device:
- Always set your smartphone to auto-lock after inactivity, and use PIN, password or fingerprint protection.
- Don’t use Internet Banking via unsecured and public Wi-Fi networks.
- Don’t use the same PIN that you use for your card to access Internet Banking.
- Don’t share your Internet Banking PIN.
- Ensure SMS codes are kept secret and secure.
- Ensure your operating systems and apps are up-to-date.
- If you lose your phone, block your SIM card immediately.
Always take steps to ensure your Visa Debit or rediCARD are secure to protect yourself from unauthorised card access.
- Never lend your card to anyone or disclose your PIN.
- Never give your card number to cold callers asking for card details over the phone.
- Never keep your PIN in an obvious place.
- Choose a unique PIN and don’t reuse old or existing PINs.
- Make note of when new and replacement cards may arrive. Call us if they don’t arrive on time.
We’re monitoring your card 24 hours, seven days a week for data protection purposes. Our card monitoring system provides you with early detection of suspicious card activity, and in some cases may block cards until we can verify the detected activity with you.
As technology becomes more advanced, so do the techniques used by scammers and fraudsters. Take the steps below to make sure you are being as secure as possible.
- Never give your personal information to someone you don’t know or trust.
- Your bin is a goldmine of personal information, shred or destroy personal or financial information such as bank statements or bills before binning. If filing personal documents, make sure they are kept in a secure place.
- Secure your letterbox with a lock, and follow up if you do not receive your regular expected mail.
- Keep your contact information with us current so we can contact you if we notice unusual activity.
- If you think you have come into contact with a scammer or believe you’re a victim of fraud or a scam, call us as soon as possible.
Email scams are now common. We’ll never send you an email asking to confirm any personal or banking details or to reset your password. Never click links or attachments contained within our emails and always log onto Internet Banking manually through your browser.
- Be cautious when you receive unsolicited phone calls. Scams offering to ‘fix’ your computer and other scams are also on the rise.
- Never give your log on details or account access to another person.
- Never give a stranger remote access to your computer.
- Never provide your SMS verification code to another person, or verify an unknown Internet Banking transfer using an SMS code.
- Be wary of emails from email addresses that you don’t know or trust.
- Never provide your personal or security details in response to an email or phone call. We never request this information from you via email or over the phone.
Be aware of information you share online via social networking websites and wary of anyone asking for your personal information on these networks. Follow these simple rules and learn how your social media platforms handle your personal information:
- Don’t use social networking sites without any privacy settings, or that allow anonymous user contact.
- Always protect social media accounts with strong passwords.
- Familiarise yourself with privacy settings to only share your information with people you want to share it with.
- Be selective when accepting friend requests. If you don’t know the person, don’t accept their request.
- Be wary of showing personal details (date of birth, phone number, contact details, etc.) on your social profiles and avoid posting pictures online that may give away personal information.
- Be careful if sending money overseas, particularly if its to someone new that you’ve just met online.
Be aware that every online purchase is an opportunity for people to access your information.
- If a website seems slightly suspicious don’t make your purchase.
- Personal information is like money, value it and protect it when shopping online.
- Use safe payment options such as PayPal or your Visa Debit card that come with built in consumer protection.
- Protect your money and check to be sure the site is security enabled by looking for web addresses starting with https://
Latest security alerts
Please note: MyState will never send you an email or SMS asking you to verify or provide Account Details, Financial Details, or login details for MyState Phone Banking, MyState Internet Banking, MyState Mobile Banking or MyState Apps.
We may send you emails and / or SMS, and these often contain hyperlinks. However, if we send you an email or SMS with a hyperlink, the link will take you to a page on our website where you can find out more information before logging in, applying or downloading.
Below are some examples of the latest phishing e-mail, SMS and cold calling scams claiming to be from MyState: