Scams that convince consumers to provide their personal banking details by email have increased significantly and become more sophisticated, prompting ASIC to issue a consumer warning.

Known as ‘phishing’, fraudsters gain personal information for identity theft purposes, using deceptive email messages that appear to come from legitimate businesses.

More than one in five of all consumer scam complaints received by ASIC related to phishing in the 2005-06 financial year, with the number of phishing complaints increasing by 25 per cent over the past two financial years.

‘The techniques adopted by phishing scammers are becoming more sophisticated and are always changing, mostly due to the rapid increases in modern technology’, ASIC’s Executive Director of Consumer Protection, Mr Greg Tanzer said.

‘In the past financial year, we found that scammers used a more targeted and personalised approach to request personal details. For example, emails and website links mirrored legitimate bank websites, and bogus job offers were used to coax people into providing bank account details. We also found cases where requests were made for personal information through Ebay, and for online share trading accounts where scammers would ask for password details via telephone.’

‘It has never been more important for people to be wary of emails requesting personal details. These scammers or ‘phishers’ are technically sophisticated and savvy, with the range of online fraud methods and systems constantly changing.

‘I can’t stress it enough, never give your personal banking and other financial details by email’, Mr Tanzer said.

‘People, as well as banking institutions, must remain vigilant and look at how they can secure their online environment, and will need to continue to do so as these scams and threats are not, unfortunately, going to go away.’

‘What’s more, phishing attacks are, these days, often hybrid in nature, employing multiple technologies and combining elements of trickery with technical attack.’

Mr Tanzer offered the following tips to consumers to prevent people being defrauded:

• change your passwords frequently and use passwords that are hard to guess;
• ensure you have anti-virus and anti-spy software on your computer and a personal firewall, and update the software regularly;
• only log on to your internet banking account from your bank’s website;
• never respond to any email that requests your account details and passwords - delete these emails immediately;
• avoid using computers in public places such as internet cafes to do your online banking; and
• exit from your account as soon as you finish your banking.

More information on phishing and other financial matters for consumers is available from FIDO, ASIC’s consumer website, or by calling 1300 300 630.