Important information

Security threats and how to protect yourself

Threats to Macquarie's clients and customers continue to evolve and impact users of financial services through various methods, and in different ways. Being aware of the different threats that exist, and what you can do to prevent them, is the best way of avoiding them.

Online threats can refer to any type of fraud or scam generated through the internet or via email. Most online threats are designed to steal personal information such as credit card numbers, user names and passwords. These are typically executed through social engineering scams. The main intent is to gain a financial benefit via fraud.

Here are five simple precautions you can take to help to protect yourself online:

  1. Use strong passwords and keep them secret

    A good password should be at least eight characters and contain a mix of letters, numbers and symbols in upper and lower case. Avoid using your name, username or something easily identifiable. Remember to use different passwords for logging into different sites and if you become aware of a password of yours being compromised, change it as soon as possible. Never use your internet banking password to access other websites. Protect your online password in the same way you would protect your ATM PIN. Never disclose your passwords and don't write them down or carry them together with your cards or in your wallet or bag. If you believe your password may have been compromised contact Macquarie as soon as possible. 

  2. Adopt two-factor authentication

    Two-factor authentication gives you an extra layer of protection on your online accounts. When logging in or processing some transactions, you’ll be asked to authenticate yourself through another mechanism such as a One Time Pin sent to you via SMS message or a push notification to your mobile device. Macquarie has launched Macquarie Authenticator, which can be downloaded to your mobile device and utilises push notifications to verify you and your transactions. You can use a pin code, biometric such as facial or fingerprint recognition (if supported by your mobile device) or a rolling code that can be used whilst travelling overseas where you may not have phone service to receive a SMS.

  3. Check you are on a secure website

    When performing online transactions always ensure the website is secure. This can be done by checking the browser bar starts with 'https://' or you will see a padlock either on the browser bar or in the bottom right corner of the web page. 

  4. Limit the information you make public on social networking sites

    Restrict personal information such as date or birth, phone number and address as this may lead to identity theft.

  5. Be aware of email/phishing scams

    Macquarie will never ask you to verify or confirm any personal information or passwords via an email. If you receive any request purporting to be from Macquarie please send to scams@macquarie.com.

How we protect you

Macquarie Group (Macquarie) is committed to providing a secure banking environment for all our clients and customers. We use the latest technology to ensure a safe and secure environment to protect your personal information and privacy.

We protect your accounts with us against loss as a result of fraud. When conducting your online banking with us, we provide you with peace of mind knowing that we will protect you against losses for unauthorised fraudulent transactions where you have not contributed to the loss. Macquarie works closely with law enforcement agencies to ensure fraud matters are handled with proper care and due diligence.

Interested in learning more?

Is that email really from your boss?

How to protect yourself from email scams

Protect yourself from fraud

How to report a threat

If you have experienced an online threat or have fallen victim to phishing or any other type of online fraud, please contact your local Macquarie office immediately on 1800 806 310 (or +61 2 8232 3333 from overseas).

You can also notify us by email at scams@macquarie.com. If possible please send your contact phone number and the suspicious email as an attachment, rather than forwarding the email. This helps to identify the author and source and will be used to help reduce online fraud.

For more information pertaining to online threats and how to protect yourself you can visit:

Computer security

It is important to secure your computer properly to prevent putting yourself and possibly your family and friends at risk. There are simple measures you can take to protect your computer and your personal information.

Protect your computer

  • Operating system – Regularly check your operating system is up-to-date. (You can do this by ensuring "auto updates" are enabled.) This will help protect you against online security threats such as malware.
  • Anti-virus software – Up-to-date anti-virus software is key in helping prevent online threats and protecting your details while performing online banking
  • Web browser – An up-to-date web browser will help protect you against security threats such as malware. The latest browser version can be downloaded from your browser providers' website.
  • Anti-spyware – Spyware is a form of online snooping. You can help prevent spyware by using up-to-date anti-spyware software
  • Wireless connection – If you are using a home wireless network, make sure this has been set up securely. If you are using a third party network, ensure you only use a trusted and secure wireless network connection.

Phishing

Phishing is a technique used by fraudsters to obtain sensitive information such as passwords, internet banking logons and credit card details by sending an email or message pretending to be from a trustworthy source. This contact may also take place in the form of a phone call ('Vishing') or a text message ('SMSishing'). Communications claiming to be from banks, popular social websites and auction sites are commonly used to trick the unsuspecting web user.

Fraudsters send out millions of these fraudulent emails to random e-mail addresses in the hope of luring unsuspecting innocent persons into providing their personal banking details. More commonly now, fraudsters are narrowing their attacks (spear phishing) in an attempt to target specific groups and/or individuals.

Macquarie Group does NOT send such emails to their clients to confirm or verify any personal information.

If you receive an email, text message or phone call and you are unsure whether it is legitimate, you should never respond or provide your personal details. Instead, contact Macquarie directly using a number or method you know is genuine.

Emails and text messages

You may receive emails or text messages, directing you to websites that ask you to enter your personal information. The aim of many of these email scams is to take you to websites that may look like the genuine site but are in fact a clone website. When you click on a link or enter your personal details, the information may be sent to someone other than your bank or other service providers. This means that someone else may be able to access your accounts.

Phone calls

You should be cautious when receiving unsolicited phone calls from people claiming to represent your bank or another business, especially when you are asked to provide information about your login credentials or card details. 'Vishing' is the term used for this process, where the caller's objective for contacting you is attempting to obtain these details for their financial gain.

Protect yourself against phishing scams

  • Never access the Macquarie website from links in an e-mail
  • Always log into to internet banking by typing in Macquarie's full web address into your browser bar e.g., www.macquarie.com.au
  • When you are on a banking website, look for the padlock icon and "https://" to make sure you are on a secure site.

Report any phishing attempts to Macquarie Group Limited at scams@macquarie.com.

Viruses and trojans

Spam or electronic 'junk mail' is unsolicited commercial messages sent to a person's email account or mobile phone. Spam messages may contain offensive material, promotions for fraudulent services, solicitations of personal information and bank details. They may also contain malware or link to a website which contains malware which may make you vulnerable to attack or compromise.

Your internet service provider can often provide spam-filtering software. This flags emails as spam, so that you do not receive as many in the future. You can end up on a spammer's mailing list by:

  • signing up to a newsletter from an unscrupulous website, which then on-sells the email addresses of its subscribers
  • providing your email address on a newsgroup, message board or your personal web page as well as social networking sites such as Facebook
  • choosing an email address which is then guessed (automatically generated) by software used by the spammers.

Protect yourself against spam

  • If you are unsure about whether an email is genuine, assume it isn't and delete it
  • If you receive an attachment you weren't expecting, or from someone you don't know, don't attempt to open it
  • Never respond to a spam message as this will confirm your email address as genuine to the spam sender.

If the email looks like it's from Macquarie requesting personal information or account details, report it to us on scams@macquarie.com.

Identity theft

A large part of online crime is now centred on identity theft. This specifically refers to the theft and use of personal identifying information of an actual person, as opposed to the use of a fictitious identity. This practise can include the theft and use of personal information of persons either living or deceased.

Trust your instincts when people contact you online or over the phone. Make sure you verify who it is you are speaking to and don't be afraid to say 'no' or to simply hang up and end the conversation without giving a reason.

Protect yourself against identity theft

  • Secure your home letterbox
  • Don't share personal information in an email, online communication or over the phone with people you do not know nor trust
  • Use strong passwords, with a combination of letters, numbers and symbols, and keep them secret. The password should contain a minimum of eight characters
  • Don't provide your internet banking logon or password to anyone
  • Never use you internet banking password to access other websites
  • Delete spam and scam emails. If the offer sounds too good to be true – it probably is
  • Keep your anti-virus and firewall software up-to-date
  • Always logon to internet banking by typing in your bank's full web address, ie the URL (www.macquarie.com)
  • Don't use public computers for internet banking eg internet cafes, libraries or hotels
  • Do not install software or run programs of unknown origin
  • Guard your date of birth, current address, driver's licence number and passport details carefully and only provide them to trusted people and entities.

The ABA, ASIC and the AFP have worked together to produce a website called www.protectfinancialid.org.au which also provides tips on how you can avoid becoming a victim.

Scams

Scams have existed for centuries, however the internet allows scammers to reach a much larger audience.

A scam might come in the form of an email, contact from an unknown person through websites such as dating sites, online forums or social networking sites. Scams are usually designed to either steal your money or trick you into revealing personal information. They use techniques to manipulate you and appeal to your good nature, and are constantly evolving.

'Cold calling' scams are an unexpected or unsolicited telephone call offering investments or financial advice. The investments they offer usually guarantee high returns or encourage you to invest in overseas companies.

The scams sound professional and may have other resources to support their claims. Cold callers often claim to be stock brokers or portfolio managers.

Generally speaking, it is illegal for anyone to offer you financial advice or a financial product, such as shares, without an Australian Financial Services licence (AFSL) issued by the Australian Securities and Investments Commission (ASIC).

Protect yourself against scams

  • Do not transfer money for or provide credit card/bank account details to anyone you do not know and trust
  • Verify or research any offer, company or charity before agreeing to proceed
  • If it sounds too good to be true, it probably is
  • If you receive a phone call out of the blue, always ask for the name of the person you are speaking to and who they represent
  • If someone offers you an investment or other financial service, ask for their Australian Financial Services Licence number: check this with ASIC.
  • Do not let anyone pressure you into making decisions about money or investments: always get independent financial advice
  • Be wary of investments promising a high return with little or no risk.

For more information on suspected scams go to www.scamwatch.gov.au.

You may also report any scam to this site as well to your local police.

Report any scam attempts to Macquarie at scams@macquarie.com

Cheques

Cheque fraud may be committed by:

  • altering details such as the payee or the amount without authority
  • theft of legitimate cheques and altering details or forging signatures
  • duplication/counterfeit of cheques.

Protect yourself against cheque fraud

  • Ensure your chequebook is secured in a safe place
  • Do not pre-sign cheques
  • Cheques should be endorsed not negotiable where possible
  • Don't leave any gaps in the completion of the payee name, amount in words or in figures
  • If cheques are lost or stolen contact Macquarie immediately and ask them to stop payment on the cheque.

If you suspect that you may be a victim of cheque fraud please contact Macquarie immediately on number 1800 806 310 (or +61 2 8232 3333 from overseas).

Credit card fraud

Macquarie has a state of the art fraud detection system that monitors credit card transactions for suspicious activity 24 hours a day, seven days a week. You may be contacted from time to time to confirm recent transactions on your credit card.

To avoid any inconvenience whilst travelling overseas ensure that you notify Macquarie of your travel arrangements prior to leaving Australia on 1300 150 300 or the number on the reverse of your credit card.

Protect yourself against credit card fraud

  • Always keep your credit card in sight during a transaction
  • Never keep your PIN and card together
  • Ensure that your PIN is kept secure, do not disclose to anyone
  • Always sign your card as soon as you receive it
  • Never let anyone else use your credit card.

If you believe that you may be a victim of credit card fraud, or your card has been lost or stolen, please contact us on 1300 150 300 or the number on the reverse of your credit card.

Protect yourself from ATM and EFTPOS scams

  • Always ensure that no one can observe you whilst entering you PIN, you can do this by covering you hand whilst entering the PIN
  • Always be discreet when withdrawing large amounts at an ATM
  • If you believe that an ATM looks suspicious or may have been tampered with, do not use it and contact the relevant bank to advise them of your suspicions
  • Never let your card out of your sight whilst performing a transaction
  • Always insert the chip where possible, as this helps mitigate risk of card skimming.

To find out more about ATM and Card skimming please refer to www.scamwatch.gov.au.