skip to log on skip to main content
VoiceOver users please use the tab key when navigating expanded menus
Find ANZ Support Centre
Find ANZ Support Centre

Latest scams, fraud and security alerts

Stay informed on the latest scams, fraud, and security alerts. Learn about emerging cyber threats and important online risks as they arise. If you are a business, make sure to stay updated with the latest business security alerts  that could impact you.

Explore the latest alerts below, and make informed decisions to help keep your personal and banking details safe.
 

 Businesses: See latest security alerts 

 July 2025

Latest alerts scam SMS

 Posted on 16 July 2025

Digital wallet scams

Type:     

We would like to remind our customers to be wary of scams involving digital wallets.

Digital wallets allow you to make transactions with your mobile or wearable device instead of a physical card.

While digital wallets are safe, if scammers have access to your card details and one-time passcodes (OTP), they can add your card to their own device (or third party) and spend or withdraw your money without your permission.

  • Be cautious of unexpected emails or SMS messages, or phone calls,
  • Do not click on any links, or open any attachments that are unfamiliar or appear suspicious.
  • Never enter credit/debit card information on any unknown, suspicious or untrustworthy websites.
  • Never provide your passwords, account numbers, PINs, or OTP to anyone.
  • Regularly check your transactions. If you notice anything unusual, contact us right away.
  • Contact your provider/bank immediately on a trusted number if you’re contacted by someone saying your account is at risk, under review, or locked, or if you enter personal details on a website that you suspect is suspicious.
  • Only use trusted app stores and avoid third-party app downloads.

If you suspect fraud on your account or have shared financial information or transferred money as a result of this scam, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.

You can also report scams to the Australian Government’s Scamwatch and the Australian Cyber Security Centre’s ReportCyber.

Latest alerts critical vulnerability

 Posted on 10 July 2025

Bank Impersonation scam alert

Type:     

We have been made aware of an increase in bank impersonation scams. Be cautious of SMS messages or phone calls, claiming to be from ANZ. They may ask you to transfer money, open another account, provide your sensitive banking details or click on a link.

Remember, we will never ask you to:

  • Share sensitive information like your One Time Passcode (OTP), verification code, PIN or card details.
  • Click in a link to install software for live chat, remote access purposes, or access our official website.
  • Transfer money to another account.
  • Open a new account.
  • Share sensitive banking details like your access PIN or card details.

Impersonation scams imitate not only banks, but government agencies, organisations and even friends or family members. Here are some tips to help you protect yourself:

  • Be cautious of unexpected emails or SMS messages, or phone calls, and do not click on any links, or open any attachments.
  • Contact your provider/bank immediately on a listed number if you receive a message from someone saying your account is at risk, under review, or locked or if you enter personal details into a link that you suspect is a scam.
  • Do not share personal or financial details, and never provide your passwords, account numbers, or one-time passcodes to anyone.
  • Always pause and reassess the situation. Scammers often create a sense of urgency, pressuring you to act quickly.

For more information about bank impersonation scams, visit ANZ Security Hubtypes of scamsbank impersonation scams.

If you suspect fraud on your account or have shared financial information or transferred money as a result of this scam, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.

You can also report scams to the Australian Government’s Scamwatch and the Australian Cyber Security Centre’s ReportCyber.

bank impersonation scams example

 June 2025

Latest alerts critical vulnerability

 Posted on 30 June 2025

ATM Cheque Fraud

Type:     

Although cheque usage is less common today, there are still instances where fraudsters deposit fake cheques into ATMs as part of schemes targeting individuals selling goods.

In these scenarios, a fake cheque is deposited into the seller’s account which may temporarily make it appear that funds have been received. However, the cheque has not actually cleared. This can lead the seller to believe the payment is valid and release the goods, only to later discover that the cheque was dishonoured.
 

  • Understand the difference between ‘Funds’ and ‘Balances’ in your ANZ account. ‘Funds’ indicate the amount of money you may be able to use, whereas, ‘Balance’ is reflective of the amount in your account, including transactions that are not yet processed (e.g. cheque deposits). Learn more about your ‘funds’ versus your ‘balance’.
  • Do not release any goods to the buyer until you are certain the cheque payment has cleared.
  • Use PayID when performing transactions. Transactions through PayID can be fast and allow you to cross-check the person buying is who they say they are.

If you suspect fraud on your account or have shared financial information or transferred money as a result of this scam, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.

You can also report scams to the Australian Government’s Scamwatch and the Australian Cyber Security Centre’s ReportCyber.

Latest alerts scam SMS

 Posted on 17 June 2025

Watch out for Investment Scams

Type:     

Investment scams are on the rise, and they’re becoming more convincing than ever. Many of these scams begin with ads on social media that appear to be endorsed by well-known and trusted public figures.

Once you engage, the scammer may introduce what sounds like an incredible opportunity to grow your money —often promising returns that are far higher than what you’d expect from a genuine investment. Sometimes, though, the offer might only seem slightly better than what you're currently getting, making it even more convincing and harder to detect.

Here’s what to look out for:

  • You’re asked to share personal or financial details
  • You’re encouraged to download software or apps
  • You’re told to transfer money to unfamiliar accounts
  • You may even see small “profits” at first, but then be asked to pay a fee or tax to withdraw your funds

  • Do your research: Look up the company or platform independently. Check for reviews, complaints, or warnings from official sources.
  • Verify endorsements: Just because a public figure appears in an ad doesn’t mean they support it. Scammers often use fake or stolen images.
  • Be cautious with high returns: Legitimate investments rarely offer guaranteed or unusually high profits.
  • Don’t rush: Scammers often pressure you to act quickly. Take your time to think and consult someone you trust.
  • Use secure channels: Never share sensitive information or transfer money through unofficial or unverified platforms.

For more information visit, What is an investment scam, and how can you protect yourself?

If you suspect fraud on your account or have shared financial information or transferred money as a result of this scam, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.

You can also report scams to the Australian Government’s Scamwatch and the Australian Signals Directorate’s ReportCyber portal.

Screenshot from Instagram showing a scam message promoting unrealistic investment returns.

Screenshot from a social media platform showing a scam message promoting unrealistic investment returns.
 

Screenshot from Facebook advertising a false investment scheme

Screenshot from a social media platform advertising a false investment scheme.
 

Screenshot from US Securities and Exchange Commission showing a message of a sign up page of an investment platform

Screenshot from US Securities and Exchange Commission showing a message of a sign up page of an investment platform.

 May 2025

Latest alerts scam call

 Posted on 06 May 2025

End of Financial Year Scams

Type:    

Individuals and businesses should be aware of increased scam activity as sophisticated cyber criminals take advantage of the busy tax period. During this busy time, scammers may use sophisticated tactics to try and catch you off guard. There are various types of scams, and the intent is clear - they want to steal your money or personal information.

Cyber criminals attempt to take advantage of this time of year with tax-related impersonation scams, namely those appearing to originate from the Australian Tax Office (ATO) or other government services such as myGov.

If you are unsure about the authenticity of a call or message, contact the ATO or applicable government service to verify.

For more information about rebate, refund and EOFY scams visit Rebate and refund scams online.
 

SMS tax time scam example

SMS tax time scam example

If you’ve received and responded to a message that you now believe is a scam, have shared your ANZ banking details, or you’re concerned your personal details have been compromised, please contact us straightaway

You can also report scams at Scamwatch.

For more information on how to protect yourself online, please visit the ANZ Security hub.

 Business alerts

Latest alerts critical vulnerability

Posted on 21 July 2025

Critical alert from the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)

Type:  

The ASD's ACSC has published a critical alert regarding vulnerabilities affecting Microsoft Office SharePoint Server products (CVE-2025-53770).

According to the ASD’s ACSC, the vulnerability may allow an unauthorised attacker to execute code over a network.
 

ASD’s ACSC encourages Australian organisations to:

  • Review their networks for use of vulnerable instances of the Microsoft Office SharePoint Server products
  • Consult Microsoft’s customer advisory (CVE-2025-53770) for mitigation advice.

For more information, please read the Australian Cyber Security Centre’s alert, Vulnerability in Microsoft Office SharePoint Server products.

Latest alerts critical vulnerability

Posted on 10 July 2025

Critical alert from the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)

Type:  

The ASD's ACSC has published an alert regarding 2 vulnerabilities affecting Citrix Netscaler ADC and NetScaler Gateway Products.

The following vulnerabilities have been identified:

  • CVE-2025-5777: Insufficient input validation.
  • CVE-2025-5349: Improper access control on the NetScaler Management Interface.

According to the ASD’s ACSC, these vulnerabilities can lead to memory overflow issues, resulting in unintended control flow and Denial of Service due to insufficient input validation.
 

ASD’s ACSC encourages Australian businesses, organisations and government entities to:

  • Review their networks for use of vulnerable instances of the NetScaler ADC and NetScaler Gateway products
  • Follow Citrix Security Advisory for mitigation advice.
  • Ensure affected products are updated to versions that address this vulnerability.

For more information, please read the Australian Cyber Security Centre’s alert, Critical vulnerabilities in Citrix Netscaler ADC and NetScaler Gateway Products.

Latest alerts critical vulnerability

Posted on 23 June 2025

Critical alert from the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)

Type:  

The ASD's ACSC has sent a critical alert relevant to Australian organisations using Citrix Netscaler ADC and NetScaler Gateway Products (CVE-2025-5349 and CVE-2025-5777).

Citrix has identified the following vulnerabilities affecting Netscaler ADC and NetScaler Gateway Products:

  • CVE-2025-5777: Insufficient input validation leading to memory overread, potentially leading to the exposure of sensitive data.
  • CVE-2025-5349: Improper access control on the NetScaler Management Interface.

Australian organisations should review their networks for use of vulnerable instances of the NetScaler ADC and NetScaler Gateway products and consult Citrix's customer advisory Citrix Security Advisory for mitigation advice.

For more information, please read the Australian Cyber Security Centre’s alert: Critical vulnerabilities in Citrix Netscaler ADC and NetScaler Gateway Products

Latest alerts critical vulnerability

 Posted on 19 May 2025

Critical alert from the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)

Type:  

The ASD's ACSC has published an alert regarding 2 vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM).

The 2 vulnerabilities the ASD's ACSC is tracking in Ivanti EPMM are:

  1. CVE-2025-4427: Medium severity Authentication Bypass, and
  2. CVE-2025-4428: High severity Remote Code Execution

When chained together, these vulnerabilities can provide unauthenticated attackers Remote Code Execution.

All versions of Ivanti EPMM prior to and including 12.5.0.0 are vulnerable.
 

ASD’s ACSC encourages Australian organisations to:

  • Review their networks for the use of Ivanti EPMM and apply the latest patches available through Ivanti’s download portal, and
  • Review Ivanti’s advisory for mitigation advice until they are able to implement the required patches.

For more information, please refer to the Australian Cyber Security Centre’s alert: Multiple Vulnerabilities In Ivanti Endpoint Manager Mobile (Ivanti EPMM) | Cyber.gov.au

View older alerts 

Important information

App Store is a service mark of Apple Inc. Google Play and the Google Play logo are trademarks of Google LLC

Top