CommSec Phishing Messages: What to Watch For and How to Stay Safe

• commsec-phishing
• banking-security
• scam-alert

New phishing scams are impersonating CommSec to steal your login credentials. Learn how to recognise fake messages and protect your personal data.

Beware of Phishing Scams Targeting CommSec Customers

Scammers are currently circulating fake messages that appear to come from CommSec, aiming to steal sensitive personal and financial information. These phishing attempts may arrive via SMS or email and can be highly convincing.

Victims are prompted to click on links, reply with personal details, or unknowingly disclose information such as CommSec Client IDs, NetBank IDs, passwords, and account numbers. Responding to these messages or following links can result in compromised accounts and financial loss.

What These Scam Messages Look Like

The messages are often formatted to appear official, using CommSec branding, urgent language, or fake login portals. Common themes include:

• Account Suspended: Claims your CommSec or NetBank account will be locked unless you take immediate action.
• Unusual Login Detected: A fake alert that someone accessed your account from a new location.
• Payment or Transfer Issues: Messages claiming an issue with a recent transaction, prompting you to ‘verify’ details.

Red Flags to Look Out For

To protect yourself from phishing scams, be alert to the following signs:

• Unexpected Messages: If you weren’t expecting a message from CommSec, treat it with suspicion.
• Requests for Login Information: CommSec will never ask you for your Client ID or password via SMS or email.
• Login Links in SMS: Legitimate messages will not contain direct login links or attachments.
• Generic Greetings: Be wary of messages that don’t address you by name or contain spelling and grammar errors.

How to Stay Protected

• Do Not Click Suspicious Links: Always access CommSec via the official website or app.
• Enable Two-Factor Authentication (2FA): Adds an extra layer of protection to your account.
• Monitor Your Accounts: Regularly check your CommSec and NetBank accounts for any unusual activity.
• Report Suspicious Messages: Forward phishing emails to hoax@cba.com.au and delete them immediately.
• Use Trusted Sources: Never respond to messages with personal information or login credentials.

What CommSec Will Never Do

• Send an SMS or email requesting your Client ID or password
• Include a login link in a message
• Ask you to confirm personal information through unsolicited contact

By staying vigilant and informed, you can keep your personal information safe and out of the hands of cybercriminals. Always access CommSec services through trusted and verified channels.