Phishing websites impersonating Heritage Online

2 February 2023

Fake websites impersonating Heritage Online (internet banking) are currently doing the rounds.

Our Fraud team works around the clock to ensure these threats are managed quickly as soon as they are identified, but it’s a timely reminder about banking online safely. 

Scammers often use copies of an organisation’s branding to appear legitimate. These scammers take advantage of people by impersonating organisations, including Heritage Bank, through online ads, social media, text messages, emails and calls. 

We recently identified some phishing websites posing as Heritage that looked quite convincing as you’ll see below.

The scam websites use different URLs, that may include “LINK=” or “#open-modal” in the address. They may also ask for one-time passwords or card details during the login process.

Those who unsuspectingly click on these fakes links and share information may later discover their account has been accessed by unauthorised persons, money has been stolen, or malware has been downloaded onto their device.

Phishing scams impersonating Heritage

Phishing scams impersonating Heritage

Phishing scams impersonating Heritage

What you need to know:

  • ALWAYS check you are visiting the legitimate Heritage Bank website at This includes checking the spelling of the website as scammers may use website addresses that look similar.
  • While Heritage will use ads to promote our products and services. NEVER click on an ad within a search engine that takes you direct to login to internet banking. ALWAYS use a secure login button at 
  • Heritage Online will NOT ask you for your phone number, one-time password (OTP) or other card or banking details to log in.
  • When in doubt, do not click on any links contained within a website advert, email, or text message.
  • Be cautious of requests for sensitive data such as a one-time password, PIN, password, or personal details.
  • If you think you have visited a fake website, or clicked on a malicious link and provided sensitive information, change ALL your Heritage Online passwords and call us immediately on 13 14 22. 
  • Be wary of unsolicited emails and text messages containing links or attachments. Do not click on any links or share any personal information.

While Heritage may send information, or confirm receipt of items, by email, we will NEVER send requests for you to share personal security details such as your PIN, CCV number, internet banking passwords or credit card details. Heritage emails may contain links, however these will never lead you to a website that requires you to input personal details. 

Don't hesitate, report scams 24/7

If you suspect that you've fallen victim to a scam or if any unusual activity has occurred on your accounts, including while using Heritage Online or your Mobile Banking App, contact us immediately on 13 14 22. Our team is available 24/7 and will work quickly to protect your account.

For non-urgent scam reports you can send an email to our Fraud Team at with details of what has happened. You can also read more about the latest types of scams in Australia in our article Current Scams in Australia.

Current scams in Australia
Learn about current scams in Australia and how to avoid falling victim.
Contact us 24/7
Our local Australian contact centre is waiting for you. Call 13 14 22 or if overseas, call +617 4694 9000.
Scam alerts
Scam alerts & fraud protection
Fight scammers with our help. Learn how we protect you from fraud and become savvy at identifying scams with our help guides and security tips.