Phishing and Internet Banking

• 'Phishing' is the term used to describe the wide net cyber-spammers use to generate messages asking recipients to reveal personal details or depicting an urgent scenario, offer or event to entice them to click a link. Links contain dangerous payloads which can not only upload dangerous code to computers but capture personal details.
• Some banking websites have been ghosted or 'spoofed' in the past to appear as if they are a real estate, you should always check for the https in the address which denotes you are at a secure site. If the site looks strange or different in any way disconnect and report to us immediately.
• If you receive an email message from a sender unknown to you or with content unknown - delete it immediately including deleting it permanently from deleted items.
• Perpetrators will use immediate alerts or urgent response mechanisms to entice you to reveal details, always confirm any message reportedly from your banking provider with them BEFORE responding even if the message is headed urgent or stresses your banking links or cards will be rendered inactive.
• Do not use public access internet terminals to conduct internet banking or another source where you cannot verify virus protection is current and firewalls are installed.
• Email spam messaging can contain dangerous payloads in the form of computer viruses that capture personal banking details. If you suspect you have had this occur or suspect your details may have been compromised you should tell us immediately.
• If you suspect your personal banking details have been compromised you should discontinue using internet banking until you have contacted us to reset your password and verified with you all recent transactions.
• You should change your internet banking password regularly and install firewalls, anti-spy-ware and virus protection ensuring you always run ‘live updates’. There are many different types of vendor programs, information is available from Internet Association of Australia at www.iia.net.au on various programs and vendors.
• There is also a government website which features a wide range of information on all types of internet fraud and how to prevent becoming a victim. The site can be found at www.staysmartonline.gov.au.

  While The Rock Building Society has not been the target of such criminal activity, we are alerting our clients to the possibility of such scams. The Rock Building Society will NEVER ask you, via email, or telephone, or any other way to divulge your internet banking Access Password.

  Your internet banking Access Password is like a PIN for an ATM card - it controls access to your account(s) and should never be revealed to anyone.

  Account Aggregation Services
  There are a number of financial services and portal sites who offer you the convenience of displaying all of your account details on your own personalised web page. These sites need your client number and access password to your Rock accounts so that they can interrogate our system and display your details back to you.

  The Rock can take no responsibility for unauthorised transactions that may arise as a result of you disclosing your client number and access password to other parties. It is your risk if you give your access password to an account aggregation service.

  PayPal

  PayPal is a payment service used extensively by (in particular) the EBay on-line auction site. One of the options offered is to authorise payments from your Rock account when goods are purchased. Your PayPal account is also subject to compromise and after you have given this authority. The Rock will not take any responsibility for fraudulent withdrawals from your account at PayPal.

  More information on on-line safety can be found at Stay Smart Online