If you notice unusual transactions on your account, think you might have provided your bank details to a scammer, or are unsure if you’re being targeted, please call us immediately on 138 001 or Tasmania Police Fraud and eCrime Investigation Services on 131 444.

As a part of our commitment to our customers, MyState Bank is constantly working to ensure we have leading edge fraud monitoring systems designed to detect suspicious activity.

We’ve trained fraud analysts to protect our customers against fraudulent transactions, who are on guard 24/7, 365 days a year to protect your wealth.

What to look out for

Scammers are generally located overseas and regularly claim to be from genuine businesses, including: Australian Tax Office, PayPal, Australia Post, Microsoft, Telstra and even MyState Bank.

The scammer asks you to provide or confirm your personal details. For example, they may say the bank or organisation is verifying customer records due to a technical error that wiped out customer data. Or, they may ask you to fill out a customer survey and offer a prize for participating.

Alternatively, they may alert you to 'unauthorised or suspicious activity on your account'. You might be told that a large purchase has been made in a foreign country and asked if you authorised the payment. If you reply that you didn't, they will ask you to confirm your credit card or bank details so the 'bank' can investigate. In some cases the scammer may already have your credit card number and ask you to confirm your identity by quoting the 3 or 4 digit security code printed on the card.

MyState Bank staff members will never ask you to disclose your confidential PIN, Internet Banking password or phone banking access code over the phone, by email or in person. If someone contacts you asking for these details, do not provide them – they are very likely a scammer.

We may send you emails and / or SMS, and these often contain hyperlinks. However, if we send you an email or SMS with a hyperlink, the link will take you to a page on our website where you can find out more information before logging in, applying or downloading.

Phishing messages are designed to look genuine, and often copy the format used by the organisation the scammer is pretending to represent, including their branding and logo. They will take you to a fake website that looks like the real deal, but has a slightly different address. For example, if the legitimate site is 'www.realbank.com.au', the scammer may use an address like 'www.reallbank.com'.

If you provide the scammer with your details online or over the phone, they will use them to carry out fraudulent activities, such as using your credit cards and stealing your money.

Warning signs:

  • You receive an email, text message or phone call claiming to be from your bank, telecommunications provider or another business you regularly deal with, asking you to update or verify details.
  • You receive an unexpected pop-up on your computer or mobile device suggesting you have won a prize or redirecting you via an attached link.
  • You receive a friend request from somebody you don’t know on social media.

Protect yourself:

  • Do not open suspicious texts or emails – delete them.
  • Never send money or give your bank card details, online account details or personal information to anyone you don’t know and trust and never by email.
  • Be very careful about how much information you share on social networking sites. Scammers can use your information and pictures to create a fake identity or target you in a scam.
  • Never give a stranger remote access to your computer.
  • Never provide your SMS verification code to another person, or verify an unknown Internet Banking transfer using an SMS code.

If you are contacted by someone suspicious, we encourage you to hang up or terminate the communication, independently locate the businesses telephone number and give them a call to verify the legitimacy of the contact.

A scammer may contact you by phone, email, internet, mail, social media or in person and you should be wary of somebody that contacts you out of the blue.


If you are ever unsure of an email, delete it immediately and remove it from your deleted items. MyState Bank may contact you through secure mail within your Internet Banking – once you’ve logged in you can communicate with us securely. We will never ask you to provide personal information using your normal email address.

If you are ever unsure if an email is legitimate, please give us a call on 138 001 or send an email to alerts@mystate.com.au

Cold calls

One common type of scam is where cold callers, pretending to be from a reputable company or government organisation, coerce unsuspecting victims into providing or confirming personal or banking information over the phone, such as your name, date of birth, card details, account numbers or passwords and Access Codes. The scammers then use this information to process fraudulent transactions on the victim’s card or wrongfully access their banking services in some other way.

In many instances the caller already knows part of the victim’s card number and will ask for the remaining digits, or they may have the full card number and ask the customer to verify it and provide the confidential 3 digit CVV number and expiry date. This enables the scammer to process a transaction online even without the card being present.

Cheque fraud

Cheque fraud is the use of a cheque to gain a financial advantage by deception. This includes altering cheques, stealing cheques, duplicating or counterfeiting cheques.

Criminals also use false invoices to obtain legitimate cheques, deposit cheques into a different third party account without authority or deposit cheques for payment knowing that insufficient funds are in the account to cover the deposited cheques.

MyState Bank’s cheques contain a number of security features designed to make it difficult for fraudsters to alter cheques.

Social networking

Be aware that the information you share online via social networking websites, such as Facebook, Twitter and LinkedIn may be available for anyone to see.

Don’t share information like your date and place of birth, mother’s maiden name and other standard identification questions. Make your profile private and only add friends you know.

To protect yourself while using social networking sites:

  • Customise your privacy settings to make sure your profile pages are only accessible to people you know and trust and not to the general public
  • Never publish personal or sensitive information such as your date of birth, driver’s licence number, tax file number or bank account details
  • Don’t publish contact details such as your home address or phone number
  • Use a different email address if you want to publish this online
ATM skimming

Card skimming occurs when criminals attach illegal devices to ATM or EFTPOS machines that are designed to ‘skim’ the details of your card and capture your PIN. With this information a fake card is created and used along with your PIN to access your accounts and steal money.

Skimming is not always easy to detect – but there are some signs you should look out for. Apart from usual wear and tear, are there any markings on the ATM or changes in its appearance, like cuts or cracks, glue residue, exposed wires or the remnants of double-sided tape? Does the card entry slot appear to have an extra device attached to it? Does the keypad look normal or does there appear to be an extra layer over the pad?

If an ATM looks like it may have been tampered with, or makes you feel suspicious, do not use it. If there is a contact phone number on the machine, please phone to report it.

Flagging suspicious activity

We monitor card-based activity and check anything we think may be suspicious with your account. In some cases the system will halt suspicious payments before they reach your account.

What happens if we identify a suspicious transaction on your account?

If we notice a suspicious transaction on your account, we will contact you to verify it. This may be via phone or SMS to your mobile.

If you receive an SMS notifying you of a suspicious transaction please follow the instructions given in the message to contact us.

It is therefore extremely important that you:

  • Ensure your contact details are up-to-date: this will guarantee that we can contact you to validate transaction activity on your account.
  • Advise us if you are travelling overseas: this will certify that we know you are overseas and that transactions are legitimate based on your advised travel plans (departure/return dates, countries visited, etc.).
  • To update your contact details, advise overseas travel plans or simply request more information about our fraud monitoring system call:
    In Australia: 138 001
    Overseas: +61 3 6233 0679

Our Customer Care team is available between 8:00am and 6:00pm Monday to Friday except on public holidays and 9:00am to 1:00pm on Saturday.

Secure social networking

  • Don’t use social networking sites without any privacy settings, or that allow anonymous user contact.
  • Always protect social media accounts with strong passwords.
  • Familiarise yourself with privacy settings to only share your information with people you want to share it with.
  • Be selective when accepting friend requests. If you don’t know the person, don’t accept their request.
  • Be wary of showing personal details (date of birth, phone number, contact details, etc.) on your social profiles and avoid posting pictures online that may give away personal information.
  • Be careful if sending money overseas, particularly if its to someone new that you’ve just met online.

Security Guidelines