Phishing is one of the ways scammers are trying to steal personal information from unsuspecting Australians. Scamwatch reports that in April 2023 Australians lost over $2.4 million dollars to phishing scams, with 47% of phishing scams delivered by text message and 22% delivered by email.


What are phishing scams?

Phishing scams are designed to genuinely look like a communication from a known and trusted organisation. Phishing scammers will copy messages, formats, branding, and logos encouraging victims to click on a link. The links direct victims to legitimate looking websites and forms trying to trick the victim into giving out personal information, such as account numbers, passwords, or personal identifying information.


What should you be looking out for?

These are some of the common methods scammers use to trick you into giving them your details:

  • Email, text or phone call claiming to be from a bank, telecommunications provider or other trusted business, asking to you to update or verify personal details.
  • Email or text message not using your proper name, and that may contain typing errors and grammatical mistakes.
  • The website address does not look like the address you usually use and is requesting details the legitimate site does not normally ask for.
  • New icons on your computer screen, or your computer is not as fast as it normally is.


How can you protect yourself?

  • Do not click on links or open attachments in emails claiming to be from your bank or another trusted organisation and asking you to update or verify your details – just press delete.
  • Do a Google search using the names or exact wording of the email or message to check for any references to a scam – many scams can be identified this way.
  • Look for the secure symbol. Secure websites can be identified by the use of ‘https:’ rather than ‘http:’ at the start of the internet address, or a closed padlock or unbroken key icon at the bottom right corner of your browser window. Legitimate websites that ask you to enter confidential information are generally encrypted to protect your details.
  • Check the internet address. G&C Mutual Bank uses the ‘.bank’ domain in our internet address. Unlike a traditional ‘.com’ domain, a ‘.bank’ domain name has strict verification requirements, reducing the risk of cyber threats and offering a more secure environment for members to easily identify that is legitimate.
  • Never provide your personal, credit card or online account details if you receive a call claiming to be from your bank or any other organisation. Instead, ask for their name and contact number and make an independent check with the organisation in question before calling back.


If you receive a message like this or an unsolicited call from anyone claiming to be from G&C Mutual Bank, do not click on any suspicious links and/or provide personal information. Please contact us to report any suspicious activity.



Need help?

If you believe someone has gained access to your personal information, even if the scam appears unrelated to your finances, you should contact your bank immediately. A timely response can be critical in giving you the best chance to stem any loss.


  • If you have concerns about your G&C Mutual Bank account contact us on 1300 364 400.
  • You can find out how scams work, how to protect yourself, what to do if you’ve been scammed or report a scam to the Australian Competition and Consumer Commission (ACCC) via the Scamwatch


As always, G&C Mutual Bank remains committed to your security and privacy online. To understand how we help to keep you safe, please refer to our Security page and for information on common scams and how to protect yourself, please visit the News section of our website.