NewsIs Your Bank Trying to Scam You?

Is Your Bank Trying to Scam You?

Every day it becomes easier for hackers and scammers to pose as your bank in an attempt to harvest your personal details and login credentials, and whilst your bank isn’t trying to scam you, people posing as your bank may be.

ANZ recently shared details of an online email phishing scam that will attempt to steal your login details by asking you to provide “challenge questions,” and directing you to an authentic looking ANZ login page where you’re prompted to enter your bank details.

People who send these of scams are professionals, and are getting better every day at sending convincing, seemingly legitimate emails.

I have put together a few starter tips on what to look out for when you receive a suspicious email based on the referenced ANZ scam.

  • Domain Name: Note this email comes from the domain ‘’. If I had received this email, that would have been the first red flag for me. ANZ operate under the domain, and their emails would not come from ‘,’ or anything similar. It's always best to make sure you check out where the email is coming from.
  • Pressure tactics: In the ANZ scam we referred to on the fake “challenge question” page it said “If you don’t follow these instructions, you may be liable for any loss arising from an unauthorised transaction.” This is a great scammer trick that you should always keep an eye out for. In my experience with bank emails, they almost never pressure you like this.
  • Asking for your details: According to the ASIC MoneySmart website, an email or text message is definitely a phishing scam if it redirects you to a page that asks you to enter your bank details. Note this was a large part of the reference ANZ scam.
  • Small mistakes: There is also a good chance an email is a phishing scam if it doesn’t address you by your first name, or has spelling/grammatical errors. The ANZ phishing scam doesn’t use a first name, instead opting to just say ‘hello.’ The spelling and grammar however isn’t bad, so make sure you keep an eye out.

These are just a few starting points based on what I picked up from the ANZ email.

For more advice on how to avoid scams, you can visit the following pages.

Read more on Scam Safety


Any advice contained in this article is general in nature and does not take account of your particular objectives, personal circumstances or needs. If in doubt about your own situation you should seek appropriate advice.

Join the conversation

FiftyUp Club
Is Your Bank Trying to Scam You?

Share your views with other members. 

Want to leave a comment? or .
Read our moderation policy here.
Archie from WA commented:

This isn't about a bank but I have been receiving emails in the last two weeks supposedly from large companies. Australia Post, they have a parcel to deliver Kmart, Harvey Norman, Walmart, Qantas all offering big prizes I haven't opened them but have scanned down the email and there is a place to click on to remove email and there is an address in Berlin that can also be clicked on. All of the headings on the emails are very professional. So be careful, as they say, if it sounds too good to be true.... Sue, Perth 

Joseph from SA commented:

I have received several emails from the Commonwealth bank saying I have a statement ready and need to arrange to get them online! The emails look genuine, but they are not! 

Trisha from NSW commented:

Yes. In July last year they said I was not entitled to a refund for fees for no service. 

john from VIC commented:

yes i received an email from ANZ it LOOKED so very real , only my natural caution saved me . it was supposedly from the bank's security department saying that they had blocked a doubtful transaction and gave a strange name and was asking if i did make it , if not i was to click one of the boxes yes / no . also there were grammar errors . 

George from NSW commented:

If you receive ANY email, no-matter how legitimate it appears no legitimate business EVER requests personal or log in information - EVER. On the other hand if YOU initiate the contact with a legitimate business (first checking the address in the address bar is 100% correct) and the connection is secure with a security lock then it's probably safe to enter your log in details to access your account. The key here is to make sure the web site address is 100% correct for the business you are dealing with and they are a legitimate and trustworthy business. The only time I ever enter my log in information is to access an account I have previously set up with that business, after making the appropriate checks. 

Comment Guidelines