Joint Media Release

Australian High Tech Crime Centre

Hoax E-mail Warning

The Australian High Tech Crime Centre (AHTCC) is warning people to be on the lookout for a hoax email which claims the Reserve Bank of Australia (RBA) requires people to access a link and verify debit card account details. An example of the hoax email is available on the RBA's website.

The RBA does not require such verification, nor was this email issued or authorised by the RBA.

This warning was issued when the unsolicited email was brought to the attention of the AHTCC and the RBA.

AHTCC Director, Federal Agent Kevin Zuccato, said the AHTCC was currently investigating the hoax email and was making every effort to ensure that online users were adequately protected.

“We are also working alongside AusCERT, who are using their network of international contacts to support the AHTCC in responding to this matter to reduce the impact on the Australian public,” Federal Agent Zuccato said.

“Computer owners and internet users should always exercise the utmost caution by deleting suspicious or unsolicited emails, never clicking on hyperlinks and ensuring that firewalls, antivirus and intrusion detection software are properly installed and regularly updated,” he said.

The AHTCC and NSW Police Fraud Squad detectives are investigating the source of the email.

The AHTCC has some tips for protecting you online:

• Never provide personal details, including customer ID or passwords, in response to any e-mail. A bank will never ask you for your private password and this important information should never be shared with anyone.
• Never click on a link or attachment in an e-mail which purportedly sends you to a bank's website. Only access your bank's Internet banking logon page by typing the address into your browser.
• Be wary of any e-mail from someone you do not know or trust – delete without opening any e-mails that you think are suspicious.
• Always check your statements for any transactions that look suspicious. If you see any transactions that you did not undertake, immediately report this to your bank.
• Most ‘phishing’ e-mails do not address you by your proper name because they are sent out en masse to thousands of recipients. They sometimes contain typing errors and grammatical mistakes, even if they include the banks' registered logos.
• Install reputable anti-virus and firewall protection on your computer because this provides additional layers of protection that you need to reduce your risk of exposure from viruses that can rob your computer of valuable personal information.
• Remember that after you install virus protection you will need to regularly update the software, usually by installing patches (used to update or fix a bug in a computer program), so the protection remains current.
• Install any security patches for your operating system and other software installed on your computer and keep these up-to-date.
• Read your bank's Internet banking security guide, which can be found on the bank's website.
• Install software that will filter spam e-mail or use an Internet Service Provider (ISP) that will filter spam prior to delivery to your Inbox. Spam filters are often included in anti-virus software.

For more information visit the Australian High Tech Crime Centre website.