 |
|
|
beware of illegitimate emails and SMS messages
|
Smishing is a social engineering technique and a form of criminal activity. The technique is similar to phishing (emails that deceive people into giving their personal and banking information).
Smishing comes from SMS (Short Message Service) which is the technology used for text messages on mobile phones.
Similar to phishing, smishing uses mobile phone text messages to deliver messages to get you to divulge your personal information. The "hook" (the method used to actually "capture" your information) in the text message may be a web site URL, however it has become more common to see a phone number that connects to automated voice response system.
The smishing message usually contains something that wants your "immediate attention", such as:
|
- "We’re confirming you've signed up for our dating service. You will be charged $2/day unless you cancel your order on this website (URL): www.??.com.";
- "(Name of bank, credit union or financial institution) is confirming that you purchased a $1500 computer from (name of popular computer company). Visit www.?????.com if you did not make this online purchase"
- "(Name of a financial institution): Your account has been suspended. Call ####... immediately to reactivate".
|
|
The "hook" will be a legitimate looking website that asks you to "confirm" (enter) your personal financial information, such as your credit/debit card number, CVV code (on the back of your credit card), your ATM card PIN, email address, and other personal information.
If the "hook" is a phone number, it normally directs to a legitimate sounding automated voice response system, similar to the voice response systems used by many financial institutions, which will ask for the same personal information.
The following is an example of a current smishing message which is being circulated: "Notice - this is an automated message from (a local credit union), your ATM card has been suspended. To reactivate call at 1300-###-#### urgently."
In many cases, the smishing message will show that it came from "5000" instead of displaying an actual phone number. This usually indicates the SMS message was sent via email to the mobile phone, and not sent from another mobile phone.
This information is then used to duplicate credit/debit/ATM cards. There are documented cases where information entered on a fraudulent web site was used to create a credit or debit card that was used halfway around the world, within 30 minutes.
Big Sky would never send an SMS of this nature to our members, which request your password or account details to be disclosed via an automated message or website which isn't Big Sky's.
Contact Big Sky promptly, if you suspect any communication requesting for your personal and banking details from us is a hoax, or if you think that your SMS banking, Internet Banking security or password has been compromised. You can telephone 1300 654 321 or contact us via email.
|
Internet Banking alert!
|
Big Sky members may have heard of scam emails relating to the Internet Banking services of some financial institutions recently. You may have even received one of these emails yourself, as they appear to have been sent randomly to various email addresses, not necessarily customers of the financial institution involved. Please disregard and immediately delete these emails from your computer.
Big Sky would never send emails of this nature to our members, which request your password or account details to be disclosed via a link within an email message. You should never access any Internet Banking service from a link in an email sent to you.
The following steps will assist you to ensure safe Internet Banking:
|
- Check for the padlock symbol, located at the bottom right hand corner of your screen
|
- When you log into Internet Banking, confirm the details of your last log-in date and time, which is displayed in the welcome screen on Internet Banking after your log in
|
- Install virus protection and firewall software on your PC. Ensure you regularly download patches and program updates so you have the latest protection available
|
- Always disregard and delete hoax and spam emails. If you do not know the identity of and email sender, it is best to delete it from your PC without opening it
|
- Only enter Internet Banking from the Big Sky website, by typing in the address www.bigsky.net.au or by clicking on this address from your “favourites” list
|
- After finishing Internet Banking, always end by using the LOGOUT function, rather than just closing the application down
|
|
Never disclose your password to anyone or allow anyone to observe you logging on to Internet Banking.
Avoid logging onto Internet banking on “public” PC’s in places like Internet Cafes. If you are uncertain about the security of a PC, it is best not to access Internet Banking from that machine. There have been examples of keystrokes being recorded, for later use by criminals to gain access to accounts.
Contact Big Sky promptly, if you suspect any communication from us is a hoax, or if you think that your Internet Banking security or password have been compromised. You can telephone 1300 654 321 or contact us via email.
|
> back to top
|
