Online Security FAQs

Heritage suggests customers consider the following when carrying out online transactions:

• Be wary of opening, running files or clicking on links that are attached to unsolicited emails or on untrusted websites. Particularly if you're asked for personal details or asked to carry out an online transaction.
• Try not to do online financial transactions from public access computers, such as internet cafés. You have no way of knowing what software is on these machines or how secure they are.
• Before logging in to a web site using an account and password, ensure that the site is secure. Different Web browsers show this in different ways. For example, in Microsoft Internet Explorer you can check that ‘https://’ is displayed at the start of the web address. If your Web browser displays a padlock, this indicates a secure connection and that the issued digital certificate from the site is valid.
• Make sure you logout as soon as you have finished with your online transaction or when leave your computer.
• If you print statements or details from your online transaction, protect them appropriately and securely dispose of them when they are no longer required.
• Similar to PINs, don’t record or store your card’s CVV. CVV numbers are used for online purchases and are printed on the back of Credit Cards. The only record should be the CVV on your card.
• Consider registering for the Australian Government’s Stay Smart Online Alert Service 

The following are official Australian Web sites with more information about fraud: 

• Australian Government ”Scamwatch” Web site
• Australian Government’s “Stay Smart Online” Web site and email Alert Service.
• Your state Police Web site:
  • QLD
  • NSW
  • VIC

Fraud and identity theft come in many forms, so you need to be constantly vigilant about your financial account and personal information. In particular, Heritage suggests that you:

• Routinely check your statements for anything unusual and query the institution which issued the statement about any transactions you’re unsure of.
• In the case of Heritage accounts, please contact us with the details of any suspicious transactions.
• Note unusual emails or phone calls from organisations you haven’t contacted, particularly if they ask for information about your identity.

To help protect from card fraud, Heritage suggests its customers consider the following:

• Memorise your PIN. Don't use the same PIN for all your cards, and don't choose your date of birth or another number that might be recorded in your wallet or purse. 
• Regularly check Heritage Online and your account statements. Call your financial institution if you see anything suspicious on your account.
• Do not allow others to remove your credit/debit cards from your sight at anytime.
• Card fraud has no borders, so be even more vigilant when travelling.
• Know when your card is due to expire and look out for your new card. Call the card issuer if it doesn’t arrive. 
• Immediately sign any new or replacement cards as soon you receive it. Ball point pen is preferred. 
• Destroy old cards once they have expired.
• Be sure your mail box is secure, and that only authorised people can access it.
• Tear up/shred all credit card receipts and pre-approved card offers before you throw them away. Keep your account statements in a safe place until they are destroyed.
• When you use your cards online, make sure you are using a secure website. For example, using Microsoft Internet Explorer look for a small key or lock symbol at the bottom right of your Web browsers window.
• Consider using a separate card (with minimal limit/balance) for online purchases.
• Don't give any card details unless you initiate the call or transaction.

If you believe your card has been compromised, please contact us.

If you suspect someone has stolen your identify, please take the following steps:

1. Immediately inform your local police services police, giving them as much information as possible. In Queensland, you can get more information about this through their web site.
2. Please contact us, your other financial institutions and credit providers immediately. Ask them for assistance in managing and resolving the issue with any accounts held with them.
3. Maintain records of your conversations and correspondence with parties you contact about the matter for future reference.
4. Check that no-one has fraudulently established lines of credit in your name.
5. Request the reset of any code/passwords, including phone and Internet banking services. Ensure your financial institutions have your correct address and other contact details.
6. Notify the two main credit reporting agencies, Equifax Pty Ltd and Dun & Bradstreet Credit Bureau to obtain copies of your credit reports and advise them of your concerns. Both have specific services around dealing with fraud and identify theft. Arrange for a copy of your credit file from both agencies and review this for any fraudulent activity such as payment defaults that you have not incurred, or credit enquiries about fraudulent credit applications. Obtain new reports again a few months later to further check entries against fraud. Request that any information on the file relating to fraud be removed through the agencies’ resolution services.
7. If you think your regular postal address has been compromised, arrange a new one- such as a PO Box.
8. Be particularly alert to the details of your financial transactions. Continue to monitor your account statements, mail and bills for any irregular activity. Immediately alert the relevant credit provider(s) of any further fraudulent activity.

If you believe your computer may have been compromised: 

• Disconnect your computer from the Internet.
• Contact a reputable, local computer support company and have them fully remove any malicious software. Do not accept the assistance of someone contacting you where you haven’t initially asked for help. 
• Please contact us, as well as your other financial institutions as soon as possible.

Any claims resulting from such activity will be assessed on the details of each individual incident.

The Heritage Fraud team monitors unusual transactions on our customer’s accounts. If you let us know that you will be overseas, we will be in a better position to determine if you are likely to be doing a transaction in a foreign country. Before leaving on your trip:

• Check the expiry date of your card and that the magnetic strip on the reverse of the card is not damaged. If the card is due to expire while you plan to be away or is damaged, you may need to arrange with us for a new card prior to your departure.
• Advise the Bank when and where your are travelling. We don’t require a detailed itinerary, only when you plan to travel and which countries and regions you plan on visiting.

Heritage uses a “floating keyboard” for customers to enter their Heritage Online password to help protect customers from someone observing them enter their password.