The Australian Securities and Investment Commission (ASIC) are warning Internet banking customers about the rise of fraud occurring via SPAM emails and fake Web sites.
Electronic payments over the Internet are being targeted in a hope of reducing the number of consumers being tricked into revealing private details to fake Web sites.
Private banking details, such as account and PIN numbers, are being used by conartists who establish fake Web sites and lure consumers by sending false emails, pretending to be the financial institution or provider.
The fraudulent emails and fake Web sites appear genuine because often the names of real people are used, there are links to pages on the real site, the logos and branding are the same, and the fine print looks official.
ASIC director of communication, Dr Michael Dunn, said in the past few weeks, customers of well-known financial institutions including the Commonwealth Bank and AMP Banking have been targeted.
ASIC said that although banking sites have been the latest targets, any financial or shopping Internet site could just as easily be subject to this kind of fraud.
Dr. Dunn told ARN that most fraud associated with the sites is fairly straight forward, and many of the culprits leave what he described as fingerprints. These fingerprints give the banks and other money transaction sites the ability to track the criminals, even if they are abroad.
“ASIC has relationships with the police and the financial institutions, so any reported crimes can be directed to the relevant authorities,” he said.
Dunn said the fraud can occur on any site around the world, but banks especially, will never ask for a customer’s PIN number in an email.
“Banking and making payments over the Internet can be convenient and safe so long as you take a few precautions,” he said.
There are a number of measures that customers can take to ensure their transactions will be safe. The most effective way of determining the legitimacy of a site is by checking that a padlock icon appears at the bottom right-hand corner of the browser.
Dunn also recommends that users save their bank's official Web page in their Favourites folder to avoid being lured into phoney sites. By accessing their banking sites using this method, consumers are protected against fraud under Australia’s Electronic Funds Transfer Code of Practice.
Australian Internet procedures require anyone registering a .au domain to show a link between the proposed URL and an Australian trading entity. At this stage, ASIC has not come across a fake .au site, but said this does not mean it will never happen.
Many of the major banks and financial institutions have contacted and warned customers of the problems.
The Commonwealth Bank advised that some NetBank customers had been deceived into providing their client number and password as a result of a SPAM email which was widely circulated within Australia.
Head of group security, John Geurts, said the Commonwealth Bank is encouraging customers to monitor their accounts and notify the bank if there seems to be anything untoward.
“We are working closely with the relevant authorities to identify the persons behind these attempts to defraud,” he said.