Phishing (hoax) emails

Phishing emails (pronounced fishing) are fraudulent email messages used to gain access to personal information for illegal purposes, such as transferring funds or purchasing goods.

These fraudulent messages appear to come from legitimate businesses such as banks and other financial institutions, but may also appear to come from your Internet Service Provider, a government agency, your university (if you are a student), or from another web mail provider separate to your ISP.

They are designed to trick people into disclosing personal data such as bank account details, passwords or credit card numbers. This information is then used to withdraw money from your account or make unauthorised purchases.

It is common for phishing emails to contain links to a website that is a convincing replica of your financial institution's home page. Never click on a link in an email of this kind.

Steps to avoid phishing emails

  • Stay alert for phishing emails. These emails give themselves away by telling you that there is some reason why you must provide personal details your internet banking log-on, password, credit card number or PIN by reply email or through a website. Phishing emails often try to create a sense of urgency by saying things like:
    • 'your account will be closed down unless you log on'
    • 'a recent security upgrade means that you have to log on to be protected', or 
    • 'a large sum has been debited to your account and you need to provide your account details to confirm that the charge is incorrect.'
  • Follow the guidelines for how to secure your computer especially the advice on passwords, anti-virus and anti-spyware software and firewalls.  
  • Always type your financial institution's website address into your browser. Never use a link to your bank or credit union that has been sent to you in an email—it might be a phishing website.

Worried that you have been caught by a phishing scam?

Contact your financial institution immediately.

Further information

Read the Stay Smart Online This link opens a document in Portable Document File format (PDF)Fact sheet on phishing (File size: 299Kb).

The Australian Securities and Investments Commission (ASIC) has financial tips and safety checks on their webpage This link will take you off the Stay Smart Online websiteFraudulent emails.

The Australian Competition and Consumer Commission provides information to help you recognise, report and protect yourself from scams on their This link will take you off the Stay Smart Online websiteScamWATCH website.
 
Last Updated: 15/06/2009