At Heritage, we’re committed to protecting you from fraud. Our Fraud Management and Information Security Teams are constantly updating our processes and technologies to keep you safe.
If you suspect any unusual activity has occurred while using Heritage Online or other services, please call the Heritage Bank Contact Centre on 13 14 22, or send an email to our Fraud Team at email@example.com with details of what has happened.
This page provides some more information about how we protect you from fraud, some tips on how you can protect yourself, and updates on some recent fraud examples.
Never disclose your personal or account information over the phone, unless you initiated the call.
Protecting your cheques is important to keep your funds safe. Heritage helps protect your finances by providing cheque books for personal cheque account members with the latest security features. Additionally, here are some more hints on protecting your cheque facility:
Heritage suggests the following tips for choosing and keeping a PIN:
Your password is the access key to your internet banking, so choose it carefully. A secure password is one that is difficult to guess, does not contain any identifying information (such as your name or telephone number), and is complex. Here’s some ideas to help make your password secure:
Identity fraud involves fraudsters using someone else’s personal information for things like opening bank accounts and applying for credit cards or loans. Those accounts and cards are then used illegally to incur debt, which can also ruin your credit rating.
Identity fraud is a growing problem worldwide, and costs billions of dollars a year in Australia. Fraudsters use a mixture of tactics to acquire information such as your date of birth, address, mother's maiden name and passwords. They could simply steal documents from a garbage bin or letter box, or they could use sophisticated computer-based software to get your data. They might then sell the data or use it themselves for identity fraud.
Heritage Bank uses your personal information to identify you when you open or update your Heritage accounts. We will only ever ask these personal identification questions over the counter in a branch, or when you phone our Contact Centre. Do not provide the answers to your personal identification questions under any other circumstances.
To protect your identity, and subsequently your personal reputation and credit rating, consider the following suggestions:
If you suspect someone has stolen your identity, please refer to the FAQ section at the bottom of this page for steps on resolving the issue.
Fraudsters can access your credit/debit cards details in many ways (e.g. data compromise or mail theft) and use this information over the phone or online to make purchases, or to create counterfeit cards to withdraw cash at ATMs. The following suggestions may help protect your credit/debit cards:
When using an ATMs and EFTPOS terminals consider the following:
When using a computer connected to the Internet, consider the following safe computing tips:
Don’t store your member numbers or passwords anywhere in your mobile device or in the web browser of your mobile device. If someone else accesses your phone, you do not want them having these details freely available.
Where possible, keep your mobile device’s system and application software up to date and run security software if it is available.
Fraudsters who have compromised your credentials may port or transfer your mobile phone number to another provider, allowing them to receive security codes and alerts sent to that phone via SMS.
Consider the following:
Wi-Fi networks can be very convenient and are becoming more common. You need to be aware that having or using an unprotected Wi-Fi network can expose your private information and potentially allow unauthorised persons to perform malicious activities to devices connected to it. Never assume free or public Wi-Fi networks are secure. Consider using the following on your own Wi-Fi network (you may need to reference your Wi-Fi router manual or seek advice when configuring your wireless router):
More and more fraudsters are trying to “scam” people out of their hard-earned money. Scammers usually offer a product or service via spam emails that seem too good to be true or cold call asking for your personal information such as PINs or account details. Heritage will never ring you and ask you for this information. It is impossible to list all scams currently being used as there are so many (and then, so many variations to the original scam).
Here are some tips on how to avoid being scammed:
Here are examples of some current scams:
Phishing’ refers to emails that trick people into giving out their personal and banking information. They can also be sent by SMS. These messages seem to come from legitimate businesses, normally banks or other financial institutions or telecommunications providers. The scammers are trying to get information such as bank account numbers, passwords and credit card numbers, which they will then use to steal your identity.
Spam emails, or other advertisements offering work-from-home opportunities are often fronts for illegal money laundering or attempts at identity theft. Participating in money laundering is a criminal offence.
For more detailed information go to the Australian Government ”Scamwatch” website. The Australian Competition and Consumer Commission (ACCC) runs this website to help you recognise, report and protect yourself from scams.
Your passbook is a visual record of your account with the bank. Heritage passbook accounts can be accessed via either a signature or PIN.
Encryption means converting information into a form that unauthorised parties cannot easily interpret, thereby protecting its confidentiality. Heritage Online uses Transport Layer Security (TLS) communications encryption to secure all information transferred between Heritage and our customers over the internet.
Heritage Mobile Banking is designed to be quick and easy to use on a wide variety of mobile devices. Because these devices have smaller screens, Heritage Mobile Banking has fewer features but still uses many of the same security features as our regular internet banking site. Your funds are also protected in the same way as offered by Heritage Online.
The same daily limits for transfers and BPAY that customers establish for their Heritage Online will apply when they are using Heritage Mobile Banking. Also, they will receive the same confirmation and alert email or SMS as they would for Heritage Online.
Among the ways Heritage protects customers using traditional banking systems are:
Fraud and identity theft come in many forms, so you need to be constantly vigilant about your financial account and personal information. In particular, Heritage suggests that you:
If you suspect someone has stolen your identify, please take the following steps:
The following are official Australian Web sites with more information about fraud:
If you believe your computer may have been compromised:
Any claims resulting from such activity will be assessed on the details of each individual incident.
The Heritage Fraud team monitors unusual transactions on our customer’s accounts. If you let us know that you will be overseas, we will be in a better position to determine if you are likely to be doing a transaction in a foreign country. Before leaving on your trip:
To help protect from card fraud, Heritage suggests its customers consider the following:
If you believe your card has been compromised, please contact us.
Heritage suggests customers consider the following when carrying out online transactions:
If you ever suspect any unusual activity when using Heritage Online or the Heritage website, please contact us.
We’re aware of hoax emails and phishing scams claiming to come from Heritage Bank or link to Heritage internet banking. These emails or messages ask the recipient to click on a link which goes to a forgery of the Heritage Online website.
These fake websites are designed to capture personal information such as your Heritage member number, passwords and contact information. Those who unsuspectingly login to these sites may later discover their Heritage Online account has been accessed by unauthorised persons.
If you have clicked on link in a suspicious email or logged into a fake Heritage Online website, it’s very important that you change ALL your Heritage Online passwords, and call us immediately on 13 14 22.
When in doubt, do not click on any links contained within the email and make sure to visit the Heritage Bank website directly. You can also call us to check whether or not any communications you receive are genuine.
REMEMBER: while Heritage may send informational or confirmatory receipt emails, we will NEVER send emails that ask you to share personal security details such as your PIN, CCV number, internet banking passwords, credit card details, or require you to click on links or attachments within the email to update or verify details.
We’ve received reports that some Heritage Bank customers may have recently been targeted by hoax telephone calls from people claiming to be from Telstra. The caller may suggest there is a problem with your internet connection or phone line. They may then request remote access to your computer to ‘fix’ the issue. Once they gain access to your computer, they will attempt to obtain personal information such as your Heritage account number, card numbers, passwords and PINs. They may even try to trick you into thinking you are receiving an account credit and request that you provide account details in order to receive funds. Those who unsuspectingly provide their information to the third party may later discover their Heritage account has been accessed by unauthorised persons.
If you receive a phone call out of the blue about your computer or phone requesting remote access - hang up – even if they mention a well-known company such as Telstra.
DO NOT provide any personal or sensitive information to the caller. If you have given information to the third party, it is most likely your device and possibly your account details have been compromised. Please immediately change ALL your Heritage Online and phone banking passwords, and call Heritage Bank immediately on 13 14 22.
Phone porting is a method used by scammers to hijack your phone number to try to gain access to your banking details.
What happens is that the scammers get hold of your mobile phone number, then arrange for it to be shifted across – “ported” - a different telco provider e.g. from Telstra to Optus. Once it is ported across, the scammer effectively gains control of your phone number. The victim loses all service to their mobile phone and will not be able to make or receive calls or text messages. Once the scammers take control of your phone number, they can also receive two-factor verification codes such as SMS One Time Passwords sent to your phone, which can also unlock access to your bank accounts.
If you do suddenly lose access to your phone number, you should take immediate steps to contact your telco to check whether the number has been ported. If it’s confirmed that the phone number has been ported without permission, you should immediately contact your financial institutions to reset passwords and check recent transactions.
Tips to stay cyber safe:
For more information specifically about phone porting scams go to this link: https://www.scamwatch.gov.au/news/phishing-scam-emails-and-sms-continue
Heritage Bank customers may have recently been targeted by hoax emails, claiming to come from Heritage Online and tempting the recipient to click on a link which goes to a forgery of the Heritage Online website. This fake website is designed to capture personal information such as your Heritage member number, passwords and contact information. Those who unsuspectingly login to this site may later discover their Heritage Online account has been accessed by unauthorised persons.
If you have received one of these emails (known as a "phishing" scam), please ignore it and simply delete it. The email in question is NOT from Heritage, do not click on the link or reply to the email. If you have followed the instructions in the hoax email and logged into the fake Heritage Online website, it is most likely your internet banking details have been compromised. Please immediately change ALL your Heritage Online passwords, and also telephone Heritage Bank immediately on 13 14 22.
REMEMBER: While Heritage may send informational or confirmatory receipt emails, Heritage will NEVER send an email that would request the disclosure of any personal security details such as your PIN, Internet Banking passwords, credit card details or require you to click on links or attachments within the email to update or verify details.