All Security Alerts

 

Flubot scam text message
September 2021: Beware of Flubot scams
Beware of  “Flubot” scams targeting mobile phones across Australia via text message. 
July 2021: Fake Heritage Bank Google ad and website
We’ve received reports of a link to a fake Heritage Bank website appearing in Google search results.
Ways to bank securely
June 2021: Be aware of scammers impersonating well-known organisations
An increasing number of Australians are being targeted by scammers impersonating well-known organisations, including Heritage Bank.
March 2021: Scammers targeting flood-impacted communities
Heritage warns of scammers targeting flood-impacted communities in Queensland and New South Wales.
Online security when using computer
February 2021: Scam email and fake website awareness
Heritage encourages people to remain alert for email phishing scams.
Man looking at his smart phone on street
January 2021: Cold call scams from 'your bank'
Scammers imitate Heritage Bank advising there are unusual transactions on members' accounts.
December 2020: Cold call scams
Heritage Bank calls for public to remain vigilant to avoid being the victim of cold call scammers.
November 2020: Scam email awareness

Scammers are circulating another phishing email targeting Heritage Bank members.

Phishing scam November 2020
November 2020: Hoax email and phishing scam awareness
Heritage encourages people to remain alert for email phishing scams.
Ways to bank securely
August 2020: Phishing Scam Awareness
We’ve noticed an increase in reports of Heritage customers receiving cold calls from people claiming to be from an NBN company or a telecommunications company like Telstra.
Using the Heritage Bank Mobile Banking app
April 2020: COVID-19 Scam Awareness
With the spotlight firmly on the coronavirus (COVID-19), scammers are looking to capitalise on the increased media attention and public concerns to catch people unaware. 
Archive

March 2020: Fake Mobile Banking Apps

We’ve received reports of fake apps impersonating the Heritage Mobile Banking App. 

February 2020: Hoax emails and phishing scams

We’re aware of hoax emails and phishing scams claiming to come from Heritage Bank or link to Heritage internet banking. These emails ask the recipient to click on a link which goes to a forgery of the Heritage Online website.

These fake websites are designed to capture personal information such as your Heritage member number, passwords and contact information. Those who unsuspectingly login to these sites may later discover their Heritage Online account has been accessed by unauthorised persons.

If you have clicked on link in a suspicious email or logged into a fake Heritage Online website, it’s very important that you change ALL your Heritage Online passwords, and call us immediately on 13 14 22.

When in doubt, do not click on any links contained within the email and make sure to visit the Heritage Bank website directly. You can also call us to check whether or not any communications you receive are genuine.

REMEMBER: while Heritage may send informational or confirmatory receipt emails, we will NEVER send emails that ask you to share personal security details such as your PIN, CCV number, internet banking passwords, credit card details, or require you to click on links or attachments within the email to update or verify details.

January 2020: Hoax phone calls and phishing scams

We’ve received reports that some customers may have recently been targeted by a number of phishing scams including hoax phone calls, emails and text messages from people claiming to be from Heritage Bank.

A caller may suggest there is an issue with your account and may attempt to obtain personal information such as your Heritage account number, card numbers, passwords and PINs. Or, emails or messages may ask the recipient to click on a link which goes to a forgery of the Heritage Online website. Those who unsuspectingly provide their information may later discover their Heritage account has been accessed by unauthorised persons.

If you receive a phone call out of the blue about your account requesting personal information access - hang up – even if they claim to be from Heritage. DO NOT provide any personal or sensitive information to the caller.

When in doubt, do not click on any links contained within the email and make sure to visit the Heritage Bank website directly. You can also call us to check whether or not any communications you receive are genuine.

If you have clicked on a link in a suspicious email, logged into a fake Heritage Online website or given information to an unauthorised third party, it is possible your account details have been compromised. Please immediately change ALL your Heritage Online and phone banking passwords, and call Heritage Bank immediately on 13 14 22.

REMEMBER: while Heritage may send informational or confirmatory receipt emails, we will NEVER send emails that ask you to share personal security details such as your PIN, CCV number, internet banking passwords, credit card details, or require you to click on links or attachments within the email to update or verify details.

April 2019: Hoax phone calls - computer remote access

We’re aware that some customers have recently been targeted by hoax telephone calls from people claiming to be from Heritage Bank technical assistance.

The caller may suggest there is a problem with your internet connection to Heritage’s online services and request remote access to your computer to ‘fix’ the issue.  Once they gain access to your computer, they will attempt to obtain personal information such as your Heritage account number, card numbers, passwords and PINs. They may claim to have control over the personal information on your device and pressure you to provide them with funds or purchase gift cards on their behalf. Or, they may even try to trick you into thinking you are receiving an account credit and request that you provide account details in order to receive funds. Those who unsuspectingly provide their information to the third party may later discover their Heritage account has been accessed by unauthorised persons.

If you receive a phone call out of the blue about your computer and requesting remote access - hang up – even if they mention they are from Heritage Bank. DO NOT provide any personal or sensitive information to the caller. If you have given information to the third party, it is most likely your computer and possibly your account details have been compromised. Please immediately change ALL your Heritage online and phone banking passwords, and call Heritage Bank immediately on 13 14 22.

November 2018: Hoax emails and phishing scams

We’re aware of hoax emails and phishing scams claiming to come from Heritage Bank or link to Heritage internet banking. These emails or messages ask the recipient to click on a link which goes to a forgery of the Heritage Online website.

These fake websites are designed to capture personal information such as your Heritage member number, passwords and contact information. Those who unsuspectingly login to these sites may later discover their Heritage Online account has been accessed by unauthorised persons.

If you have clicked on link in a suspicious email or logged into a fake Heritage Online website, it’s very important that you change ALL your Heritage Online passwords, and call us immediately on 13 14 22.

When in doubt, do not click on any links contained within the email and make sure to visit the Heritage Bank website directly. You can also call us to check whether or not any communications you receive are genuine.

REMEMBER: while Heritage may send informational or confirmatory receipt emails, we will NEVER send emails that ask you to share personal security details such as your PIN, CCV number, internet banking passwords, credit card details, or require you to click on links or attachments within the email to update or verify details.

February 2018: Hoax phone calls - computer remote access

We’ve received reports that some Heritage Bank customers may have recently been targeted by hoax telephone calls from people claiming to be from Telstra. The caller may suggest there is a problem with your internet connection or phone line. They may then request remote access to your computer to ‘fix’ the issue. Once they gain access to your computer, they will attempt to obtain personal information such as your Heritage account number, card numbers, passwords and PINs. They may even try to trick you into thinking you are receiving an account credit and request that you provide account details in order to receive funds. Those who unsuspectingly provide their information to the third party may later discover their Heritage account has been accessed by unauthorised persons.

If you receive a phone call out of the blue about your computer or phone requesting remote access - hang up – even if they mention a well-known company such as Telstra. 

DO NOT provide any personal or sensitive information to the caller. If you have given information to the third party, it is most likely your device and possibly your account details have been compromised. Please immediately change ALL your Heritage Online and phone banking passwords, and call Heritage Bank immediately on 13 14 22.

November 2017: Phone porting

Phone porting is a method used by scammers to hijack your phone number to try to gain access to your banking details.

What happens is that the scammers get hold of your mobile phone number, then arrange for it to be shifted across – “ported” - a different telco provider e.g. from Telstra to Optus. Once it is ported across, the scammer effectively gains control of your phone number.  The victim loses all service to their mobile phone and will not be able to make or receive calls or text messages. Once the scammers take control of your phone number, they can also receive two-factor verification codes such as SMS One Time Passwords sent to your phone, which can also unlock access to your bank accounts.

If you do suddenly lose access to your phone number, you should take immediate steps to contact your telco to check whether the number has been ported. If it’s confirmed that the phone number has been ported without permission, you should immediately contact us as well as your other financial institutions to reset your passwords and check recent transactions. 

Tips to stay cyber safe:

  • If you lose service to your mobile phone take immediate steps to contact your telco to confirm if it’s a network issue or a phone port. If ported, contact your bank immediately to reset passwords and check recent transactions.
  • Keep your anti-virus up to date on all PCs and Mobile devices. Conduct regular scans.
  • Do not give out your personal details to third parties.
  • Do not click on links or responded to emails that ask for you persons information or user names and passwords.
  • Change your passwords regularly
  • Check your transaction activity regularly and report any unauthorised activity to your bank immediately.
  • Visit www.scamwatch.gov.au to report a scam or learn more about common scams and how you can protect yourself.

For more information specifically about phone porting scams, you can visit the scamwatch.gov.au website.