Help us improve our website by completing a quick survey. Start survey now

You’ll need to update your browser so you can continue to log on to your online banking from 28th February. Update now.


Email is a great way to stay in touch with friends, send and receive documents, register for online services and subscribe to news and other alerts.

Observing a few simple practices will help ensure that you can stay safe while getting all of the benefits that email has to offer.

How to detect phishing

Phishing is bogus emails created by fraudsters. The aim of these emails is to trick you into clicking on links to fake websites, opening malicious attachments or revealing personal information.

Signs of a phishing email include:

  • They may not address you by your name.
  • Misspelling and inconsistent graphics/ images are common.
  • They may ask for sensitive information.
  • Creating a sense of urgency – scammers may try to test your better judgment by stating that something needs your immediate attention.
  • Sender address – does it look unfamiliar or peculiar?
  • They may contain unfamiliar or unexpected attachments – don’t open them as they may contain malicious software.

A typical example of a phishing email:


If you’re unsure about an email, contact the company using a phone number from their website (not from the email) before you reply.

Check that links in emails are legitimate by ‘hovering’ your mouse over the link to view the URL without clicking.

Never open an attachment that you’re unsure about as it may contain malicious software designed to infect your computer.


Other examples of phishing emails can be found on ScamWatch

Reporting a hoax or scam

The Commonwealth Bank may at times email customers with important updates, but we’ll never send emails asking customers to confirm, update or disclose personal or banking information. Most financial institutions follow the same practice.

If you receive an email that looks like it’s from Commonwealth Bank that you believe may be a hoax, please forward it as an attachment to

It’s important you never click on links or attachments in an email you think is a hoax. If you did click on a link and you are worried, use your security antivirus/anti-malware software to run a scan of your computer or device.

Learn more about examples of hoaxes and scams.

Managing your email accounts

Using the same email address for everything from banking to signing up to a gossip newsletter is a risk. It may make it difficult to manage your inbox and quickly identify emails that are legitimate. You are also at increased risk of your email being compromised when you use the same email to sign up for lots of services.

Consider having different email addresses for different purposes; one email address for your bank to use, another for family and friends and perhaps a different address for online newsletters.

  • Be alert to scams and phishing emails
  • Don’t reply to requests for personal or financial information
  • Consider using multiple email accounts for different purposes
  • If you didn’t expect it, suspect it

Talk to us

Report fraud

Report fraud

If you notice any suspicious activity on your bank account, notify us immediately
on 13 2221.

Learn more
Report hoaxes

Report hoaxes

If you receive or suspect you have received a hoax email, contact

Learn more


Need an answer? Here are quick and easy ways to get the help you need.

Learn more