Hoax emails or ”Phishing” emails (pronounced fishing ) are fraudulent email messages used to gain access to personal information for illegal purposes, such as transferring funds or purchasing goods.

These fraudulent messages appear to come from legitimate businesses such as banks and other financial institutions. They are designed to trick people into disclosing personal data such as bank account details, passwords or credit card numbers. This information is then used to withdraw money from your account or make unauthorised purchases.

It is common for ”phishing” emails to contain links to a website that is a convincing replica of your financial institution's home page. Never click on a link in an email of this kind.

What you need to do…

  1. Stay alert for hoax or phishing emails. These emails give themselves away by telling you that there is some reason why you must provide personal details—your Internet banking logon, password, credit card number or PIN— by reply email or through a website.

    Phishing emails often try to instill a sense of urgency by saying things like:
    • "your account will be closed down unless you log on.";
    • "a recent security upgrade means that you have to log on to be protected"; or
    • "a large sum has been debited to your account and you need to provide your account details to confirm that the charge is incorrect."
  2. Follow the guidelines for securing your computer especially the advice on passwords, anti-virus and anti-spyware software and firewalls.
  3. Always type your financial institution's website address into your browser—never use a link to your bank or credit union that has been sent to you in an email—it might be a phishing website.

Worried that you have been caught by a phishing scam?

Contact your financial institution immediately.

Further information

This link will take you off the Stay Smart Online websitePhishing—don't take the bait! (File format: PDF, File size: 270Kb) was published by the Department of Broadband, Communications and the Digital Economy.

The Australian Securities and Investments Commission (ASIC) have a website called FIDO that presents financial tips and safety checks. Check out their information on This link will take you off the Stay Smart Online websitefraudulent emails.