skip to log on skip to main content
Find ANZ Support Centre
Find ANZ Support Centre

Latest scams, fraud and security alerts

Stay informed on the latest scams, fraud, and security alerts. Learn about emerging cyber threats and important online risks as they arise. If you are a business, make sure to stay updated with the latest business security alerts  that could impact you.

Explore the latest alerts below, and make informed decisions to help keep your personal and banking details safe.
 

 Businesses: See latest security alerts 

 April 2025

Latest alerts critical vulnerability

 Posted on 17 April 2025

ANZ urges customers to stay alert to malware infection on their devices

Type:  

Malware is any kind of malicious software or code designed to exploit a computer, including computer viruses, worms, trojans, spyware or other malicious programs. Malware can be installed on a device without the user's knowledge or permission, often through email attachments, malicious websites, or compromised software.    To help protect our customers, ANZ uses security software to detect if any malware may be present in your Internet Banking session, and if malware is detected, ANZ might lock your CRN from accessing Internet Banking. To get your CRN unlocked and proceed with Internet Banking, you will need to call our call centre on 13 33 50.

 

  • Be wary of unexpected messages or calls that ask you to click on a link, download a file, or provide remote access. Never follow through with these requests without verifying the sender.
  • Research any apps before you download to triple-check that they are not malware.
  • Avoid using public Wi-Fi, as malware can easily spread across public networks.
  • Use Multi-factor authentication (MFA) on all of your accounts.
  • Ensure all device and security software is up to date.
  • ANZ offers our customers access to IBM Trusteer Rapport. For more information on accessing and downloading this software, please visit the ANZ Security Hub https://www.anz.com.au/security/protect-devices/trusteer-rapport/.  Please ensure that this product meets your needs.

ANZ’s customer protection teams and systems operate 24/7. Customers who believe they may have been a victim of a scam should contact us immediately, on 13 33 50 or visit us at https://www.anz.com.au/security/report-fraud/ for more information.

Report the scam to the Australian Signals Directorate’s ReportCyber portal. This resource is there for reports of scams where money or personal information has been lost.

Help others by reporting to Scamwatch to help them prevent future losses, monitor trends and educate the population about emerging threats.

 March 2025

Latest alerts scam SMS

 Posted on 12 March 2025

ANZ Warns of Scammers Exploiting ex-Tropical Cyclone Alfred's Aftermath

Type:  

ANZ urges Australians to stay alert to cyber criminals attempting to exploit Ex-Tropical Cyclone Alfred's aftermath by impersonating trusted organisations through fake emails, texts, or calls. Cyber criminals may pose as banks, insurance companies, non-profit organisations, or disaster relief services to exploit those impacted by the natural disaster and deceive them into revealing personal information or making payments. Vigilance and caution is highly encouraged to protect personal information and ensure donations go to verified relief efforts.

Visit ANZ Media Release for more information.

In a genuine ANZ call, SMS message or email, we will never ask you to:

  • Share sensitive information like your One Time Passcode (OTP), verification code (for payment), PIN or card details.
  • Transfer money to another account.
  • Provide access to your device or download software.
  • Click a link to log in to your account or type a particular website address into your browser.
  • Join an online “chat” with an ANZ team member.

  • STOP - Don’t give money or personal information to anyone if unsure.
  • CHECK - Verify Requests – Contact your provider/bank immediately on a listed number if you receive a message from someone saying your account is at risk, under review, or locked, or if you enter personal details into a link that you suspect is a scam.
  • PROTECT - If a scammer has taken your money or personal details, contact your bank or card provider immediately to report the scam. Ask them to stop any transactions.
  • Be wary of fake charity appeals – scammers may pretend to represent charities helping cyclone victims. Always verify the organisation by researching its official website or checking its registration on the Australian Charities and Not-for-profits Commission (ACNC) Charity Register.

ANZ’s customer protection teams and systems operate 24/7. Customers who believe they may have been a victim of a scam should contact us immediately, on 13 33 50 or visit us at https://www.anz.com.au/security/report-fraud/ for more information.

Report the scam to the Australian Signals Directorate’s ReportCyber portal. This resource is there for reports of scams where money or personal information has been lost.

Help others by reporting to Scamwatch to help them prevent future losses, monitor trends and educate the population about emerging threats.

 February 2025

Latest alerts critical vulnerability

 Posted on 21 February 2025

ScamWatch Alert - Investment Bonds 

Type:  

ScamWatch has published an alert advising that criminals posing as legitimate businesses are offering fake investment bonds, claiming that they offer high returns that are protected by the government. They encourage people to register their personal details on fake websites, steal money by getting people to buy fake investment bonds, and also use your personal details to commit other scams.

 

According to ScamWatch, there are steps you can take to help avoid investment scams:

If you suspect fraud on your account or have shared personal or financial information, or transferred money as a result of this scam, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.

Report the scam to the Australian Signals Directorate’s ReportCyber portal. This resource is there for reports of scams where money or personal information has been lost.

Help others by reporting to Scamwatch to help them prevent future losses, monitor trends and educate the population about emerging threats.

For more information, please read Scam alert: Investment bonds scam | Scamwatch

Latest alerts scam call

 Posted on 05 February 2025

Australian Signals Directorate's Australian Cyber Security Centre (ASD’s ACSC) impersonation phone and email scam

Type:  

The ASD's ACSC has published an alert advising of emails and phone calls from cybercriminals claiming to be them.

The content of the scam emails and phone calls vary but typically ask you to give personal information (such as passwords or bank details), money or ask you to download software.

To make the scam emails appear legitimate, cybercriminals have been using the ASD’s ACSC logo and signature block.
 

Remember, never click on unknown or suspicious links, and always verify unexpected callers, emails or SMS requests through official channels.

If you suspect fraud on your account or have shared personal or financial information, or transferred money as a result of this scam, please contact us straightaway. Our Customer Protection Team is available 24/7 to help you.

Report the scam to the Australian Signals Directorate’s ReportCyber portal. This resource is there for reports of scams where money or personal information has been lost.

Help others by reporting to Scamwatch to help them prevent future losses, monitor trends and educate the population about emerging threats.

For more information, please read the Australian Cyber Security Centre’s alert.

 Business alerts

Latest alerts critical vulnerability

 Posted on 17 April 2025

Critical alert from the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)

Type:  

The ASD's ACSC has published a critical alert regarding vulnerabilities affecting exploitation of existing Fortinet Vulnerabilities.

Customers are encouraged to update their devices and investigate for potential compromise. 

Fortinet has released information regarding their observation of active exploitation of previously known vulnerabilities affecting Fortinet devices, including:

  • FG-IR-24-015: Out-of-bound Write in sslvpnd
  • FG-IR-23-097: Heap buffer overflow in sslvpn pre-authentication
  • FG-IR-22-398: Heap-based buffer overflow in sslvpnd.

Fortinet have previously released patches for these vulnerabilities.

The observed post exploitation activity relates to either unpatched devices or those that were compromised prior to patching.
 

ASD’s ACSC encourages Australian businesses, organisations and government entities:

  • Follow Fortinet’s published advice relating to this activity.
  • Upgrade to the latest versions of affected products.
  • Review configuration of all affected products for potential modification and compromise.
  • Monitor and investigate for suspicious activity in connected environments.
  • Further information can be found at Fortinet’s advisory page Analysis of Threat Actor Activity | Fortinet Blog

For more information, please read the Australian Cyber Security Centre’s alert: Exploitation of existing Fortinet Vulnerabilities | Cyber.gov.au

Latest alerts critical vulnerability

 Posted on 08 April 2025

Critical alert from the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)

Type:  

The ASD's ACSC has published a critical alert regarding vulnerabilities affecting Pulse/Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457).

Ivanti has released information regarding a critical unauthenticated buffer overflow vulnerability in Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457).

Ivanti has observed active exploitation associated with this vulnerability.

Affected products include:

  • Pulse Connect Secure 9.1.X 
  • Ivanti Connect Secure (version 22.7R2.5 and earlier)
  • Ivanti Policy Secure
  • Neurons for ZTA gateways

Pulse Connect Secure 9.1X is end of support as of 31 December 2024.
 

ASD’s ACSC encourages Australian businesses, organisations and government entities:

  • Follow Ivanti’s Security Advice for affected products.
  • Ensure affected products are updated to patched versions that address this vulnerability.
  • Ensure affected devices are configured in line with Ivaniti’s guidance to mitigate exploitation. 
  • Investigate for potential compromise of these products. 
  • Monitor and investigate for suspicious activity in connected environments.

For more information, please read the Australian Cyber Security Centre’s alert: Critical vulnerability in Pulse/Ivanti Connect Secure, Policy Secure and Neurons for ZTA gateways (CVE-2025-22457) | Cyber.gov.au

Latest alerts critical vulnerability

 Posted on 28 March 2025

Critical alert from the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)

Type:  

A critical alert has been published regarding vulnerabilities affecting Next.js authentication bypass.

The vulnerability could allow a remote attacker to bypass security checks, including many forms of authentication.

Affected versions/applications:

  • Next.js 15.x versions prior to 15.2.3
  • Next.js 14.x versions prior to 14.2.25
  • Next.js 13.x versions prior to 13.5.9
  • Next.js 12.x versions prior to 12.3.5

It is recommended that individuals, business, organisations and government to:

  • Follow Next.js advice for affected versions.
  • All self-hosted Next.js deployments should consider updating immediately.

For more information, please read the Australian Cyber Security Centre’s alert: Next.js authentication bypass vulnerability (CVE-2025-29927)

Latest alerts critical vulnerability

 Posted on 28 March 2025

Critical alert from the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC)

Type:  

A critical alert has been published regarding vulnerabilities affecting Ingress-NGINX Controller for Kubernetes.

The vulnerabilities could allow unauthenticated remote code execution and full cluster takeover.

The following vulnerabilities are:

  • CVE-2025-1097
  • CVE-2025-1098
  • CVE-2025-1974
  • CVE-2025-24513
  • CVE-2025-24514

It is recommended that businesses, organisations, and government entities:

  • Review the advice and monitor the guidance at the official Kubernetes maintainer’s Ingress-NGINX Github Repository Kubernetes - Ingress-NGINX Releases
  • Update to the latest version of Ingress-NGINX Controller.
  • Ensure the admission webhook endpoint is not exposed externally.

For more information, please read the Australian Cyber Security Centre’s alert: Critical vulnerabilities in Ingress-NGINX Controller for Kubernetes

View older alerts 

Important information

App Store is a service mark of Apple Inc. Google Play and the Google Play logo are trademarks of Google LLC

Top