Security

We take the protection of your information and transaction data extremely seriously. We have a range of tools and support available to help keep you safe, as well as tips on how you can protect yourself from scams and fraud.

Lost & Stolen Cards

If your card is lost, stolen or you think your PIN has been compromised, please call us immediately. Our lost/stolen cards team is available 24/7.

Australia wide: 13 95 00 (Option 4)
International: +61 2 8262 9102 (Option 4)

Transaction Dispute

If you think unauthorised transactions have been made using your card, to review a BPay transaction or ATM short pay, please submit a Transaction Dispute here.

Scams & Fraud

To report cases of suspected fraud or scam messages from someone pretending to be from Bank of Sydney, please contact us on
13 95 00 (Mon-Fri, 9am-5pm AEST) or via our enquiry form here.

How you can protect yourself

There are steps you can take to protect yourself and your accounts from scams and fraud.

  1. Keep passwords, PINs and any other security information secret, including covering your card PIN when using ATMs or Internet Banking in a public place. Bank of Sydney will never ask you to provide your PIN to a Bank of Sydney staff member.
  2. Protect all your other personal information, including destroying your bank statements securely, collecting your mail promptly and not giving your details to anyone you don’t trust.
  3. Keep your computer safe by having up to date security software, checking you’re only using trusted sites for purchasing items and not opening emails you’re unsure about.
  4. Keep your computer internet browser (e.g. Google Chrome, Microsoft Edge), and product software (e.g. Microsoft Office, Adobe) up to date. Software providers frequently develop updates and patches to address new and developing security threats.
  5. Report anything you are suspicious of immediately, especially if you think your card has been stolen, a suspicious transaction is on your bank statement, or your mail has been accessed by someone.

When using the internet, including Internet Banking, always try to use hard-to-guess passwords. Don't share your password, and don't use the same password in more than one place.

  1. Don’t choose a password that’s easily identified with you (e.g. your date of birth, phone number, name or any part of it).
  2. A Bank of Sydney Internet Banking password should have a minimum of eight characters, be as meaningless as possible and use uppercase letters, lowercase letters and numbers.
  3. Change passwords regularly.
  4. Don’t give your password to anyone. Be wary of unsolicited calls or emails requesting personal information or card numbers. Bank of Sydney will not ask you to disclose PINs or password information.
  5. Do not write your password down even if it’s disguised.
  6. Take extra care in unknown areas such as internet cafes and hotels. Make sure you take steps to prevent others from seeing your Customer ID or password.

Let us know immediately if you believe your password has become known or used by someone else. Call us on 13 95 00 to have your password reset.

Phishing is a scam where hackers 'fish' for your personal details by using hoax emails claiming to be from financial institutions.

Hoax emails claiming to be from banks are often generated overseas and are sent in bulk. The email asks the recipient to provide sensitive information such as their username, password, customer registration number or PIN by providing a link leading to a fake website, enabling thieves to gather the details for later fraudulent use.

If you receive an email requesting you to re-register or re-enter sensitive details, delete it immediately and notify us on 13 95 00.

You can minimise your chances of being a victim of phishing scams by:

  1. Typing www.banksyd.com.au into your internet browser to log onto Internet Banking.
  2. Treating all emails requesting personal login information such as username, password or PIN with extreme caution. Bank of Sydney will not send you an email asking for your Account Details, Financial Details, or login details.
  3. Immediately deleting emails of unknown origin, no matter how innocent or provocative the subject headings sound.
  4. Changing your Internet Banking password on a regular basis.
  5. Keeping your anti-virus and firewalls up-to-date and perform regular scans of your computer.

If you receive a hoax email:

  1. Delete the email immediately. Do not click on any links and do not open any attachments in a hoax email. Bank of Sydney will not send you an email or SMS asking you to verify or provide your account details, financial details, or login details. Bank of Sydney’s email and SMS policy is set out below.
  2. Report hoax email incidents related to Bank of Sydney to us on 13 95 00.
  3. Scan your computer for viruses. Many hoax emails contain viruses or Trojan Horses (key logger), which are downloaded to your computer when you open any attachments or select any included links.
  4. Reset your Internet Banking password after scanning your computer and ensuring it is free of viruses or Trojan Horses.
  1. Only log into Internet Banking by using the Internet Banking ‘Login’ link available on the top right of our website.



  2. While bookmarking webpages is convenient, it may mean that you are not accessing the most up to date page. Remember to manually type our website address (www.banksyd.com.au) into your internet browser.
  3. Never access Internet Banking from a link in an email. If in doubt, contact us.
  4. Always log out after using Internet Banking and close the browser after you have finished. We recommend not accessing your Internet Banking via public computers like internet cafes, universities, hotels etc.
  5. When using Internet Banking, check to see that you are correctly accessing our secure site by looking at the address bar at the top of your browser. Check to see that the web address begins with "https://". Web addresses that begin with "https://" are secure sites (unsecured sites start with "http://").
  6. Look for the closed padlock symbol at the bottom or at the top right corner of your web browser. You can double-click the padlock symbol to view the server security certificate details. The certificate informs your browser that the web site you are connected to is in fact our website and not a ‘fake’ site. The padlock may be located in a different location, depending on your internet browser, however examples are pictured below for reference.





  1. We recommend installing a 'firewall' to protect your computer from unauthorised access over the internet. A firewall is a software program that filters all internet traffic between your computer and the outside world. It works to either block or permit internet traffic to and from your computer. You can use the firewall to protect your home or business computer and any personal information it holds from offensive websites, spam and unauthenticated logins by potential hackers.
  2. Control spam by using filtering software, being selective about who you share your email address with and by creating an online form for website enquiries rather than by disclosing the email address.
  3. Update your virus/spyware software and your computer software to ensure they are current and reduce their vulnerability.
  4. Disable password auto-complete settings on your internet browser.

Viruses

A computer virus is a program that attaches itself to another program, but changes the action of that program so that the virus is able to spread. While active, the virus attempts to reproduce and attach itself to other programs. This can tie up resources such as disk space and memory, causing problems on any home computer.

A worm is similar to a virus. It exploits computers in a network that contain security holes. Once a security hole is found, the worm will attempt to replicate itself from computer to computer. Like viruses, worms can be extremely destructive.

You can increase your chances of ensuring your computer is free from worms and viruses by:

  1. Installing anti-virus software, and keeping it updated with the latest virus definitions.
  2. Downloading and installing security patches for your operating system as soon as they become available.
  3. Not accepting attachments from emails of unknown sources.
  4. Installing software from trusted sources only.

Spyware

Spyware is the collective name given to software that is installed on your computer to secretly obtain information and send it back to another source.

You can minimise your chances of unintentionally downloading spyware onto your computer by:

  1. Being wary of banners, ads and pop-ups while surfing the internet. Do not click on them no matter how enticing they may appear.
  2. Reviewing terms and conditions when you install free programs or subscribe to services from the internet.
  3. Using up-to-date anti-spyware program to regularly scan your computer.
  1. Check whether the online store you’re buying from is reputable.
  2. Never email your financial details. Email isn’t a secure way of transmitting financial information like your bank details or credit card numbers.
  3. If you are making payments through an online store’s website, look for signs that the website protects your data. You should look for a lock icon on the browser's status bar or a URL for a website that begins ‘https:’.
  4. Make sure the computer you use for online shopping has the latest anti-virus software and firewall protection.
  5. Keep paper copies of all online receipts. This will make it easier to check your account. 

As a customer you may be seen as a potential target for fraudulent activities. However by arming yourself with information and tools you can protect yourself from becoming a victim of fraud.

Card Fraud

Credit or Debit card fraud can occur when your card is lost or stolen and used by a third party to purchase goods with those cards or to remove cash from the cards. Here’s how you can protect from such frauds:

  1. Choose a unique PIN that is difficult to guess and is different to numbers used for other purposes.
  2. Never tell your PIN to anyone and never write it down.
  3. Do not let your Credit or Debit card out of your sight at any time – for example, at a restaurant – go with the card.
  4. Never give your card number to strangers or telemarketers who call you on the phone unless you initiated the call.
  5. Keep track of when new and reissued cards should arrive, and call Bank of Sydney on 13 95 00.
  6. Check your statements and call Bank of Sydney immediately on 13 95 00, if you see anything suspicious.
  7. When you use your Credit or Debit card online, make sure you are using a secure website. Look for a small key or lock symbol at the bottom right of your browser window.

Electronic Fraud

A number of customers from Australian financial institutions have been targeted with hoax emails. These emails appear to be genuine bank emails but in reality they are fake.

Bank of Sydney will not send you an email asking for your Account Details, Financial Details, or login details for Bank of Sydney Mobile or Internet Banking.

If you have any concerns, call the Internet Banking Help Desk on 13 95 00 or forward the suspicious email to us via phishing@banksyd.com.au

Identity Theft

Identity theft can occur when a fraudster gets access to your personal information such as your date of birth, your address, your driver’s licence number and information from utilities, phone and credit union/bank account records. Customers should:

  1. Be responsible and take care of all your personal information to minimise the risk of loss/theft (e.g. by keeping tax records and other financial documents in a safe place).
  2. Minimise the risk of mail theft by securing your mailbox.
  3. Cancel unused credit union/bank/utility/phone accounts.
  4. Securely dispose of any documents that may contain personal details (such as account statements, card transaction slips, bills, etc.).
  5. Regularly obtain a copy of your personal Credit File to make sure there is no unusual activity on your file.
  6. Promptly report any loss or theft of personal documents to the police.

How we protect you

We have a number of tools and practices in place to protect our customers. These include:

  • Firewalls which protect our internal network from external attacks.
  • Fraud detection system to monitor transactions and identify suspicious activity. If we detect fraudulent activity, we’ll contact you and temporarily freeze your Internet Banking access.
  • High grade encryption which ensures only the Bank can receive information in an understandable format.
  • Automatic time-outs on Internet Banking and incorrect password access locks. After three incorrect attempts, your Internet Banking login will be locked to prevent unauthorised access to your accounts. If your account is locked, please contact us to unblock your access.
  • Two-factor authentication for an extra level of protection against Internet Banking fraud.

We’ll never ask for your password details or account details to be disclosed via a link within an email message. If you get an email of this nature please disregard and forward a copy to phishing@banksyd.com.au

To safeguard your personal information, we have the following communication practices in place:

  • We will never ask for your Internet Banking login details or card details via phone or email.
  • We will never send you a link to Internet Banking via email.
  • We will never request that your Internet Banking password or PIN be communicated to us in any form (not even our staff know your password).
  • Any changes to the web address or to our access sites will only ever be communicated via our authorised website or other formal means.
  • We will always identify external links to third party websites; we’ll make these links explicit so that you can see what you’re clicking on.

Bank of Sydney abides by the Spam Act 2003 and will ensure that:

  • We have your express or inferred consent to receive any commercial electronic messages (as defined by the Spam Act 2003).
  • Our emails to you contain clear and accurate identification of who is responsible for sending the message, and how they can be contacted.
  • Our emails to you contain an unsubscribe facility, allowing you to indicate that such messages should not be sent to you in the future.

Bank of Sydney will not send you an email or SMS asking you to verify or provide Account Details, Financial Details, or login details for Internet Banking or Mobile Banking.

We send emails, and these often contain hyperlinks. However, if we send you an email with a hyperlink, the link will take you to a page on our website, where you can find out more before logging in, applying or downloading.

Our Guarantee to You

When using Bank of Sydney Internet or Mobile Banking, we've got security measures in place designed to protect you against any unauthorised transactions. In the unlikely event that an unauthorised transaction does occur on your account, we guarantee that you won’t be liable for any unauthorised transaction carried out provided you meet your obligations under our Terms and Conditions, and you haven't contributed to the loss.

You may also like...

Spot the signs of a scam.

It is our priority to help protect you from fraud and scam activity. And while there’s no need to be alarmed, it’s important to be careful. So here are some helpful tips to help identify and avoid scams.

FAQs

Find the answers to frequently asked questions.

Customer Support

We’re committed to supporting all of our customers – including those who are going through a tough time. We have a range of measures and resources available to help.

We're here to help

Visit our friendly staff at one of our branches

Secure message via Internet Banking

Talk to one of our friendly staff Mon-Fri, 9am-7pm AEDT (Excluding Public Holidays).