My Credit Union

Print

 


 


You may be aware that in the financial services sector there are a number of emerging scams and frauds. Working together we can better protect you from becoming a victim by doing the following:

It is important to remember that IMB will never ask you to disclose your access code or send a request to you with a link to our internet banking system, requiring you to enter your member number and access code for verification purposes.

In the event that IMB needs to contact you, we will do so by telephone, mail or secure e-mail which can only be accessed once you have signed into internet banking.

Emerging scams & frauds

The number of scams and phishing attempts on banking customers is increasing. IMB reminds you to be on the lookout for suspicious requests via phone, email or SMS requesting you to log in or update membership or banking information.

Scam and fraud trends have dramatically evolved, involving highly sophisticated means to compromise your personal information and steal your money. It’s important that you are familiar with the current types of fraud in circulation and how they occur.

If you think you have been a victim of fraud or something does not feel right, please contact IMB immediately on 133 462.

Listed below are the more common types of scams and frauds being reported

Investment Scam

Scammers target people with offers of high rate investments. The approaches can be made on the phone or via email, or by luring those looking for investment opportunities with fake trading identities, websites, social media news stories, Google search ads and more.

Remote Access Scam    

Also known as Technical Support Scams, usually involve a scammer contacting you directly to deceive you into giving them access to your device and personal data over the phone, through email or text or through pop-ups and chat functions on the internet.

Missed delivery, call or voicemail  (Flubot ) scam

Scam text messages being received about missed calls, voicemails or deliveries which asks you to tap on a link to download an app to track the delivery or listen to the voicemail. The message is in fact fake and instead installs malicious software named Flubot when clicked on.

Classified scams

A seller may post fake ads on classified websites or via social media platforms for products well below market value, often containing pictures and/or information from a genuine seller’s ad. The seller may be insistent on payment prior to arranging for goods to be delivered and payment via direct deposit or bank transfer their preferred means as it’s difficult to recover.

Types of Fraud and Scams

A more detailed explanation of the more common Fraud &and Scam scenarios you may encounter have been outlined below:

Remote Access Scams

With more people now working from home, the likelihood that you may become the victim of a Remote Access Scam (also known as Technical Support Scam) has dramatically risen.

How it works

In most scenarios, a scammer may contact you directly to deceive you into giving them access to your device and personal data over the phone, through email or text or through pop-ups and chat functions on the internet.

What to look for

Scammers usually pose as someone from a well-known and reputable organisation, such as your bank, a telecommunications provider, a government agency or even the police. They often play on their position of trust or may use fear and intimidation tactics to obtain your co-operation.

Remember: Never…

Give a stranger or unsolicited contact remote access to your computer and if ever concerned about the legitimacy of the caller, validate the call by looking up the organisation’s official website and calling the organisation’s advertised number.
 

Missed delivery, call or voicemail (Flubot) scam

The Flubot is so named as the scammers attempt to place virus or malware onto you mobile phone. Once installed, they can track and steal data.

How it works

You may receive a text message about voicemails, missed calls or, more recently, parcel deliveries from Australia Post, DHL or another reputable organisation. All messages will contain a link and instruct you to click the link or download an app to check a voicemail, track a parcel, schedule a delivery time etc.

Remember: Never…

Click on any links or call back the person who has sent the text. Delete the message immediatelyto ensure your personal and personal information isn’t put at risk.
 

Classified

This type of scam is designed to trick online shoppers into believing they’re dealing with a legitimate person when purchasing via classified websites but there is actually a scammer behind the advertisement.

How it works

The advertisement could be for any type of goods or service such as cars, boats, caravans, puppies, livestock or even things like rental properties or accommodation. The advertisement may appear legitimate and can often contain pictures and/or information from a genuine seller’s own ad.

What to look for

If the advertised price sounds too good to be true, it probably is so it’s worth investing some time and effort into performing your own background checks prior to entering into any agreement for purchasing the goods or service.

If the suggested payment method requested includes things along the lines of a wire transfer, international funds transfers, pre-loaded currency cards or in cryptocurrency such as Bitcoin, it’s an indicator to avoid proceeding with the transaction as it’s almost impossible to recover funds if sent via these means.
 

Dating and Romance

Scammers generally pretend to be a prospective partner by preying on people looking for a romantic companion. Australians lose millions of dollars annually as the result of Dating and Romance scams and the money sent is almost impossible to ever recover.

How it works

Interactions usually occur via online dating websites and now more commonly via social media or email. The scammers would typically create a fake profile but could often contain identities of real persons such as military personnel and the like and often indicate that they are currently working abroad.

What to look for

In some scenarios the scammer will work over several months to gain your interest and trust before asking for money for things such as medical expenses or a medical emergency. In addition to being asked to send money, you may be asked to receive and onforward money on their behalf which could then involve yourself in potential money laundering implications.
 

Malicious software (Malware) and Spyware

Quite often, the advertisements that 'pop-up' in a different browser window while you're on the web are not what they appear to be. They could be downloading 'spyware' or 'adware', which are programs used to monitor your internet activity and gather your user information which is usually for advertising use.

It is important that you have security software installed that detects and removes spyware.
 

Identity Theft

Some of the more common methods for falling victim to identity theft is via mail theft, phishing emails, hacking, data breaches and even when applying for jobs online.

How it works

You may receive an unsolicited phone call or email for personal information or a request to validate personal information by clicking on a link or opening an attachment. These are some of the tools scammers use to obtain your personal information which in turn they can use to steal your money, superannuation, take out phone plans or open bank accounts, loans or lines or credit in your name.

Remember!

Once your identity is stolen it can take years to rectify all the damage incurred so it’s important to keep your personal information safe and secure.
 

Investment Scams

The promise of great returns in a short amount of time are some of the empty promises scammers try to lure people in when facilitating an Investment Scam. Due to the high value people are willing to invest to get that good return, this is the scam type Australians lose the most money to every year.

Investment scams can be hard to spot so it’s best to seek independent financial advice prior to investing your hard-earned money into a scheme where higher risk exists.
 

Online Shopping Scams

With online shopping offering so much convenience to the public, it’s also created an ideal channel for scammers to deceive and rip off online shoppers.

How it works

This type of scam involves someone pretending to be a legitimate online seller, most commonly with a fake ad on a genuine retailer’s site.

What to look for

A key indicator that may highlight if an ad or website isn’t legitimate could be the method of payment. Requests to pay via pre-loaded cards or wire transfer are an unusual request and make it almost impossible to recover funds in the case of a scam. Looking for a URL starting with `https’ and a closed padlock symbol in the browser are some security features to be aware of and payments via secure payment platforms such as PayPal are a much safer option.
 

Phishing

Phishing is when fraudsters trick you into providing personal information such as your passwords or account details, enabling them to gain access to your funds.

A few ways they may try are:

If you suspect that you have received an email, phone call or SMS purporting to be from IMB that you are suspicious about, don’t click on anything or provide information and contact IMB immediately on 133 462.

Providing a Secure Online Environment

Since developing an internet banking facility, IMB has continued to install robust firewall technology to ensure all information held by it is protected from any attempted external intrusion. All IMB security systems are constantly reviewed and updated to avoid unauthorised access to IMB's internal systems and to member information.

IMB has invested a significant amount of money, time and effort to ensure that members undertaking financial transactions over the internet, do so in a secure and user friendly environment. IMB's internet banking product utilises 128-bit digital certificate encryption technology and secure e-mail to protect members' account information when members undertake online banking. IMB is committed to ensuring that our members have the ability to view their account details and undertake financial transactions in a safe and secure environment.

IMB has adopted the ePayments Code and complies with other requirements relating to the confidentiality, storage and appropriate destruction of members' details and account information.

IMB is a member of the Australian Association of National Advertisers and the Australian Direct Marketing Association, and as part of these memberships, IMB has voluntarily adopted and acts in accordance with the respective Code of Ethics and privacy guidelines relating to advertising and marketing on the internet.

If you believe any unauthorised access has occurred, then please contact IMB on 133 462, 8am to 8pm, Monday to Friday.

What can you do to protect against fraud?

Remember: IMB or any reputable organisation will never ask you to:

You may be held liable for any fraud losses where you have disclosed your PIN or access codes, so NEVER disclose your pin to anyone.

What to do if you think you have been targeted by fraudulent activity

If you think you have been defrauded or scammed, please contact us as soon as possible on 133 462.

Even in the scenario where you feel suspicious about a transaction or a call you may have received from someone purporting to be IMB, please contact us immediately.

We also strongly encourage you to report any scam incidents to Scamwatch.

URL shortening

URL shortening allows long website addresses to be displayed in a shortened form, allowing for more concise and professional looking communications with members. This is particularly true when using social media or other communication methods that have a character limit.

As an example, the IMB website would appear as follows:

http://www.imb.com.au  = http://bit.ly/1e0PYEz

IMB using bit.ly

To assist our members, IMB will now be using bit.ly’s url shortening service in some of our online communications.

Security

Below are the rules for when we would use URL shortening.


 

 

1 July 2022

Phone Spoofing Scams

Members are alerted about a type of scam currently occurring where scammers are impersonating IMB including by “spoofing” IMB’s trusted phone numbers. This means that you may receive a call that appears to be from IMB which is actually someone entirely different.

Caller ID spoofing occurs where the scammer displays a different phone number than the one they are really contacting you from to mislead you about who they are and where they are calling from.  We have received recent reports of scams using the number Ph: 4227 9111 and displaying a contact name such as ‘Local Shire Banking’.

These scams sometimes start with an SMS using a sender name or number that appears to be IMB advising you to expect a call. When a call is received, the number on screen may display like one of IMB’s public phone numbers.  Scams can follow similar procedures like asking you to confirm your details and information related to your accounts. The scammer may also ask you to input passwords and PINs into the key pad directly.

Some recent examples include:

In a legitimate call from IMB, we will NEVER ask you to make a payment, to share PINs or authentication or security codes or request remote access to your computer or device (using software like TeamViewer or AnyDesk).  

How you can protect yourself

Beware of suspicious calls and never give out your personal details. If you are unsure hang up and call us on 133 462 to confirm whether the call is legitimate.

IMB will never:

Be aware of scams and keep updated with the latest information from Scamwatch.

If you believe you have been targeted by a scam please contact us immediately on 133 462.

 

09 June 2022

Recent Investment Scams and Remote Access Scams

We are continuing to receive reports of both Investment Scams and Remote Access Scams.

Investment Scams

Scammers are offering fake government bonds purporting to be issued by reputable financial services entities in Australia. Scammers often make contact in connection with a customer’s online search activity including online inquiry forms, pops-ups, and webchat. This might occur where customers are searching for higher interest savings or term investment products online.

Scammers will provide documentation that purports to be on the financial services entity’s letterhead which is sometimes accompanied with the logos of government agencies.

IMB urges members to ask themselves to ‘Could this be a scam?’ when considering any investment opportunity, especially those that originate through unsolicited contact or online search activity.

Be rigorous in your independent research into any company or individual who claims to offer investment opportunities to determine whether they are legitimate. Ask questions about who owns the entity, obtain their financial services licence number and their address. Check the validity of any paperwork or documentation they issue and where it is sent from (e.g., their email address). If they can’t or won’t give you the answers, stop dealing with them.

Consult Someone You Trust - before you make an investment decision, or arrange a significant financial transaction, we strongly recommend that you talk to someone you trust or consult a financial advisor or accountant.

Remote Access Scams

Be wary of scammers who call pretending to be from a well-known company, directing you that they need access to your computer. We are aware of several recent cases where members received an unsolicited phone call or online contact from scammers purporting to be from reputable Australian telephone and internet service providers. Scams have also involved fake cryptocurrency traders and messages received in social media platforms.

In each case, members were deceived into downloading remote access software such as TeamViewer, AnyDesk or QuickSupport so that the scammer could ‘help fix a problem’ or to avoid having services restricted or incurring fines.

Once downloaded, remote access software allows the scammers to gain access to your computer or mobile device so that they can view your personal information including online banking login information, so that they can steal funds. They may ask you to reveal your online banking passwords and authentication codes.

If you think you may have been scammed call IMB immediately on 133 462. Find out how to avoid these scams at https://www.imb.com.au/about-members-your-security-beware-of-scams.html or go to https://www.scamwatch.gov.au/types-of-scams/attempts-to-gain-your-personal-information/remote-access-scams 

 

02 February 2021

We are aware of an increasing number of investment scams across industry. If it seems too good to be true – it probably is.

Be suspicious of anyone:

Do your own independent research on anyone you are dealing with to determine whether they are legitimate. Ask questions about who owns the entity, their financial services licence number and their address. Check the validity of any paperwork or documentation they issue and where it is sent from (e.g. their email address). If they can’t or won’t give you the answers, stop dealing with them.

Scammers offering fraudulent investments will often create false entities which appear in Google searches and appear legitimate, so closely examine and cross-reference all correspondence before arranging a financial transaction.

Before you make an investment decision, or arrange a significant financial transaction, we strongly recommend that you talk to someone you trust, or consult a financial advisor or accountant. Don’t be pressured to make a quick decision you could regret later.

If you think you may have been scammed call IMB immediately on 133 462.

Find out how to avoid these scams at: https://moneysmart.gov.au/investment-warnings/investment-scams

 

8 November – 12 November 2021

It's Scams Awareness Week

Scams Awareness Week is a national campaign by the Scams Awareness Network, a group of Australian and New Zealand government agencies with responsibility for consumer protection and policing in scams, cyber safety and fraud. The network aims to reduce the impact of scams by raising awareness and encouraging the public to talk about scams and report them.

This year, the theme of the ACCC’s Scams Awareness Week is ‘Let’s talk scams’. During Scams Awareness Week, IMB Bank encourages our members to talk to their family and friends about scams, and of course – to talk to us!

Many people who experience a scam never report it to anyone. There can be a few reasons for this, but one is that people can feel shame around talking about scams. We want to help reduce stigma around the topic, prevent scams from happening in the first place, and support members to get out of a scam sooner.

Talk - Talk to your friends, family, neighbours, and colleagues about a scam you have come

across or ask if they have come across any scams and want to share information.

Ask - Asking a simple question like “Have you ever been scammed?” or “How many scams a day do you get?” can get a conversation started. We encourage our members to ask or seek trusted advice about whether something could be a scam. If you receive something (like a text, email, friend request) out of the blue and are unsure about it, before doing anything (sending money or giving personal details), speak to IMB, or ask or talk to someone (friend/family member) about whether it’s a good idea.

Sometimes just asking for that second opinion can help to avoid a scam – we are here to help you.

Listen - Hearing about scam stories/experiences is helpful. You might share your own

scam stories or what you know about scams with others to prompt them to do the same. For those that may have friends or family or someone close that has fallen victim to a scam, by simply showing someone you care can improve their state of mind and comfort to open up.  We are always here to listen to any concerns you have about scam activity.

Keep talking - The more we talk about scams, the less likely we will get involved in one and the less stigma talking about scams will carry. Awareness is really our best defence against scams – so take the time to TALK with those around you about scams.

Scamwatch tools

The Scamwatch and ACCC websites contain a range of tools to assist consumers. Links to key information are included below:\

  1. The Little Black Book of Scams can assist in identifying a scam (also available in a range of languages).
  2. Consumers can report scams on the Scamwatch Report Form
  3. Advice for helping a friend or family member who is a victim to a scam
  4. The Be Safe, Be Alert Online publication provides information on a number of organisations who might be able to help when someone has been scammed.

2021 Key trends

To find out more about scams and fraud risks, and how to protect yourself here

 

23 September 2021
The number and frequency of scams is increasing. Here we detail the latest type of scams as they arise, so you can stay up to date.

Missed delivery, call or voicemail (‘Flubot’) scam

The ‘Flubot’ scam is a type of ‘phishing’ scam that was first reported in early August 2021. To date, the ACCC has received over 12,000 reports of the scam from the general public and IMB wants its members to be aware of how this scam works. The scam uses text messages (SMS) to download malware onto your phone, and in particular affects Android phones, although iPhones are also targeted.

You receive a text message about voicemails, missed calls or, more recently, parcel deliveries from Australia Post, DHL or another reputable organisation. All messages will contain a link and instruct you to click the link or download an app to check a voicemail, track a parcel, schedule a delivery time etc.

If you click the link and download the app presented, the phone will be infected with malware.

Once installed, the application is able to read and send text messages, make calls, access contacts and read passwords and sign-in details which may ultimately lead to cyber-criminals stealing from your bank accounts.

Find out more

What are Remote Access Scams?

Unlike hacking scenarios, which will usually occur without your direct involvement or prior knowledge, Remote Access Scams (also known as Technical Support Scams) involve a scammer contacting you directly to deceive you into giving them access to your device and personal data over the phone, through email or text or through pop-ups and chat functions on the internet.

The fraudster will try to convince you to give them to access your computer by downloading remote desktop software and providing them with other personal data such as passwords and authentication codes.

Scammers usually pose as someone from a well-known and reputable organisation, such as a bank, a telecommunications provider, a government agency or even the police. They often play on their position of trust or may use fear and intimidation tactics to obtain your co-operation.

Find out more



 

From time to time, IMB may communicate to you via email. It’s important to remember that:

If at any time, you are unsure of an email you receive from IMB, please call us on 133 462.


 

iconAsk a QuestioniconVisit a BranchiconCall 133 462