Bendigo Bank is warning the communities like the Yarra Ranges about bank impersonation scams, which saw more than $20 million reported lost from 14,603 reports in 2022, according to ScamWatch. These scams impersonate bank brands, like Bendigo Bank, with criminals often posing as cyber security or fraud specialists.
Increasingly sophisticated and convincing, bank impersonations can come via phone call, SMS, email or via a social media post, search engine result or advertisement.
Head of Fraud at Bendigo Bank Jason Gordon said bank impersonation scams are the new wave of phishing scams designed to trick the recipient into transferring money, or into providing personal information or banking details such as account numbers, passwords, and one-time codes.
“Criminals are getting adept at carefully constructing often complex communications that convincingly mirror those of the brand they are impersonating,” he said.
Bendigo Bank is committed to educating customers and the wider community about the rising threat of bank impersonation scams and is urging customers to learn the signs of a bank impersonation scam:
There is a sense of urgency or threat to the message, like “your bank account has been accessed”, “your bank account has been locked” “a payment has been made from your account. If this was not you, please call (phone number)”.
The message looks different to other messages in the SMS thread, such as different wording or phrases used.
The message may contain a suspicious looking link. Never click on links you’re not sure of.
The SMS has a telephone number to call – always find your bank’s phone number independently.
A caller telling you to transfer money to a different account to ‘keep it safe’ or for ‘further investigation’. A bank will never ask a customer to do this. It is a scam.
Bendigo Bank alerts customers to active scams on its website. The Bank recently shared an example of scammers targeting customers via an email which included Bendigo Bank images and branding. The scam asked recipients to verify or update accounts, with links directing unsuspecting victims to a fake website where their details could be harvested by criminals for various fraud and scams.