Scam alerts archive

View the current and historical scam and security alerts issued by Heritage.

2022
December: Fake QR codes scam alert
A new wave of scamming Australians is spreading rapidly – QR code tampering. 
October: Stay aware of impersonation scams
Scammers may use our proposed merger with People’s Choice as a way to try to fraudulently obtain sensitive financial information.
September: Optus data breach
The recent data breach at Optus is not related to any Heritage systems, but Optus customers should stay vigilant for scams.
September: Scammers impersonating our fraud team
Scammers are contacting members claiming to be from the Heritage Fraud Department and that their account is at risk. 
September: Phishing scams impersonating Heritage
Be on the lookout for scammers impersonating Heritage through online ads, social media, text messages, emails and calls.
August: Hi Mum Scam Alert

Be aware of scammers posing as friends or family members to steal your funds or personal information.

August: Linkt Road Toll Scam Alert
People are being sent scam messages via SMS, Email or Whatsapp saying they have an outstanding road toll to pay.
August: Stay aware of extortion scams
Be aware of scammers trying to extort your private information for their own personal gain.
May: Scam messages impersonating Heritage

Be on the lookout for scam phishing text messages and emails impersonating Heritage.

March: Scams during natural disasters
Scammers are targeting people in the wake of recent floods impacting South East Queensland and New South Wales, and the ongoing crisis in Ukraine. 
2021 & earlier

February 2020: Hoax emails and phishing scams

We’re aware of hoax emails and phishing scams claiming to come from Heritage Bank or link to Heritage internet banking. These emails ask the recipient to click on a link which goes to a forgery of the Heritage Online website.

These fake websites are designed to capture personal information such as your Heritage member number, passwords and contact information. Those who unsuspectingly login to these sites may later discover their Heritage Online account has been accessed by unauthorised persons.

If you have clicked on link in a suspicious email or logged into a fake Heritage Online website, it’s very important that you change ALL your Heritage Online passwords, and call us immediately on 13 14 22.

When in doubt, do not click on any links contained within the email and make sure to visit the Heritage Bank website directly. You can also call us to check whether or not any communications you receive are genuine.

REMEMBER: while Heritage may send informational or confirmatory receipt emails, we will NEVER send emails that ask you to share personal security details such as your PIN, CCV number, internet banking passwords, credit card details, or require you to click on links or attachments within the email to update or verify details.

January 2020: Hoax phone calls and phishing scams

We’ve received reports that some customers may have recently been targeted by a number of phishing scams including hoax phone calls, emails and text messages from people claiming to be from Heritage Bank.

A caller may suggest there is an issue with your account and may attempt to obtain personal information such as your Heritage account number, card numbers, passwords and PINs. Or, emails or messages may ask the recipient to click on a link which goes to a forgery of the Heritage Online website. Those who unsuspectingly provide their information may later discover their Heritage account has been accessed by unauthorised persons.

If you receive a phone call out of the blue about your account requesting personal information access - hang up – even if they claim to be from Heritage. DO NOT provide any personal or sensitive information to the caller.

When in doubt, do not click on any links contained within the email and make sure to visit the Heritage Bank website directly. You can also call us to check whether or not any communications you receive are genuine.

If you have clicked on a link in a suspicious email, logged into a fake Heritage Online website or given information to an unauthorised third party, it is possible your account details have been compromised. Please immediately change ALL your Heritage Online and phone banking passwords, and call Heritage Bank immediately on 13 14 22.

REMEMBER: while Heritage may send informational or confirmatory receipt emails, we will NEVER send emails that ask you to share personal security details such as your PIN, CCV number, internet banking passwords, credit card details, or require you to click on links or attachments within the email to update or verify details.

April 2019: Hoax phone calls - computer remote access

We’re aware that some customers have recently been targeted by hoax telephone calls from people claiming to be from Heritage Bank technical assistance.

The caller may suggest there is a problem with your internet connection to Heritage’s online services and request remote access to your computer to ‘fix’ the issue.  Once they gain access to your computer, they will attempt to obtain personal information such as your Heritage account number, card numbers, passwords and PINs. They may claim to have control over the personal information on your device and pressure you to provide them with funds or purchase gift cards on their behalf. Or, they may even try to trick you into thinking you are receiving an account credit and request that you provide account details in order to receive funds. Those who unsuspectingly provide their information to the third party may later discover their Heritage account has been accessed by unauthorised persons.

If you receive a phone call out of the blue about your computer and requesting remote access - hang up – even if they mention they are from Heritage Bank. DO NOT provide any personal or sensitive information to the caller. If you have given information to the third party, it is most likely your computer and possibly your account details have been compromised. Please immediately change ALL your Heritage online and phone banking passwords, and call Heritage Bank immediately on 13 14 22.

November 2018: Hoax emails and phishing scams

We’re aware of hoax emails and phishing scams claiming to come from Heritage Bank or link to Heritage internet banking. These emails or messages ask the recipient to click on a link which goes to a forgery of the Heritage Online website.

These fake websites are designed to capture personal information such as your Heritage member number, passwords and contact information. Those who unsuspectingly login to these sites may later discover their Heritage Online account has been accessed by unauthorised persons.

If you have clicked on link in a suspicious email or logged into a fake Heritage Online website, it’s very important that you change ALL your Heritage Online passwords, and call us immediately on 13 14 22.

When in doubt, do not click on any links contained within the email and make sure to visit the Heritage Bank website directly. You can also call us to check whether or not any communications you receive are genuine.

REMEMBER: while Heritage may send informational or confirmatory receipt emails, we will NEVER send emails that ask you to share personal security details such as your PIN, CCV number, internet banking passwords, credit card details, or require you to click on links or attachments within the email to update or verify details.

February 2018: Hoax phone calls - computer remote access

We’ve received reports that some Heritage Bank customers may have recently been targeted by hoax telephone calls from people claiming to be from Telstra. The caller may suggest there is a problem with your internet connection or phone line. They may then request remote access to your computer to ‘fix’ the issue. Once they gain access to your computer, they will attempt to obtain personal information such as your Heritage account number, card numbers, passwords and PINs. They may even try to trick you into thinking you are receiving an account credit and request that you provide account details in order to receive funds. Those who unsuspectingly provide their information to the third party may later discover their Heritage account has been accessed by unauthorised persons.

If you receive a phone call out of the blue about your computer or phone requesting remote access - hang up – even if they mention a well-known company such as Telstra. 

DO NOT provide any personal or sensitive information to the caller. If you have given information to the third party, it is most likely your device and possibly your account details have been compromised. Please immediately change ALL your Heritage Online and phone banking passwords, and call Heritage Bank immediately on 13 14 22.

November 2017: Phone porting

Phone porting is a method used by scammers to hijack your phone number to try to gain access to your banking details.

What happens is that the scammers get hold of your mobile phone number, then arrange for it to be shifted across – “ported” - a different telco provider e.g. from Telstra to Optus. Once it is ported across, the scammer effectively gains control of your phone number.  The victim loses all service to their mobile phone and will not be able to make or receive calls or text messages. Once the scammers take control of your phone number, they can also receive two-factor verification codes such as SMS One Time Passwords sent to your phone, which can also unlock access to your bank accounts.

If you do suddenly lose access to your phone number, you should take immediate steps to contact your telco to check whether the number has been ported. If it’s confirmed that the phone number has been ported without permission, you should immediately contact us as well as your other financial institutions to reset your passwords and check recent transactions. 

Tips to stay cyber safe:

  • If you lose service to your mobile phone take immediate steps to contact your telco to confirm if it’s a network issue or a phone port. If ported, contact your bank immediately to reset passwords and check recent transactions.
  • Keep your anti-virus up to date on all PCs and Mobile devices. Conduct regular scans.
  • Do not give out your personal details to third parties.
  • Do not click on links or responded to emails that ask for you persons information or user names and passwords.
  • Change your passwords regularly
  • Check your transaction activity regularly and report any unauthorised activity to your bank immediately.
  • Visit www.scamwatch.gov.au to report a scam or learn more about common scams and how you can protect yourself.

For more information specifically about phone porting scams, you can visit the scamwatch.gov.au website.