Examples of a hoax sent by SMS: (SMiShing)

account suspended smish hoax 2018
Call CommBank urgently sms hoax smish
Your account was funded sms hoax smish
update your profile smish
Verify your identity sms hoax smish
confirm your phone number smish hoax
Error processing credit card sms hoax smish

Examples of a hoax sent by email (Phishing)

hoax email confidential documents
hoax email new message
hoax email new message
hoax email bpay

How to spot a scam

Tips to avoid SMS scams:

  • Commonwealth Bank will never send an SMS that asks you to confirm, update or disclose personal or banking information, and most financial institutions follow the same practice. Never click on a link provided in such an SMS.
  • Instructions on how to send these messages to Commonwealth Bank for further investigation is listed below.
hoax email new message

Pronounced ‘fishing’, emails are used by fraudsters to trick people into entering their personal information, such as bank account details, on a website controlled or monitored by the attacker. The fraudster can then use this information for illegal purposes, such as transferring funds or purchasing goods. Phishing emails are often designed to imitate your most trusted service providers - a bank, cloud service provider or other financial institution, and may include links to a convincing replica home page.

Tips to avoid email scams:

  • We will never send messages via email that ask you to confirm, update or disclose personal or banking information, and most financial institutions follow the same practice.
  • Hard as they might try, these emails don’t always get the branding and design of your service provider quite right. If you’re in any way unsure about a message that purports to be from an organisation you transact with, compare it to previous correspondence from the same organisation.
  • If you’re still unsure, contact the organisation directly using a phone number from their website (not from the email) before you reply.
  • Never open an attachment that you’re unsure about as it may contain malicious software designed to infect your computer.
  • You can typically check that links in emails are legitimate by ‘hovering’ your mouse over the link to view the destination URL (web address), without risking having to click it. On your smartphone, you need to tap and hold on the link and wait for the URL to appear.

Tips to avoid these scams:

  • If an offer seems too good to be true, then it probably is.
  • For further information on how to detect phishing, try our Tips to stay safe when using email.
  • Be aware of other scams, such as spam e-mails, chain letters and persons purporting to be representatives of government departments, financial institutions or other businesses.
  • Do not give or send your name, bank account details, copies of your passport, birth certificate or any other personal details to anyone other than for legitimate purposes.
  • Be suspicious of any correspondence received from overseas where you have been advised to forward large sums of money or that you have won a prize.

If you receive a scam or hoax email/SMS: 

  • Commonwealth Bank works closely with law enforcement and other authorities to shut down fake/malicious websites as quickly as possible. You can help stop these scams by sending a sample of any hoax email or SMS you receive to the bank at hoax@cba.com.au. You will receive a confirmation that we have received your email.
  • If possible, please send the hoax email as an attachment, and avoid using the ‘forward’ feature in your email software. If your email program does not support attachments and you have to use the "forward" feature, please ensure you refuse any prompts to open attachments or download pictures and files.
  • Please send any hoax SMS as an attachment by taking a screenshot of the message and attaching it to your email.
  • After sending a sample of a scam email to hoax@cba.com.au, you should delete the email or SMS immediately from your inbox and from your deleted items folder.
  • You should never click on a suspicious link or provide any information requested by a phishing email or SMS.
  • If you have provided your confidential information after receiving a suspicious email or SMS, please call 13 2221 immediately.
  • If you have clicked on such a link or opened an attachment accidentally, run a security scan of your computer (to check your computer isn’t infected with malicious software). For more information, please view our Security Tools page.
  • You can find other useful checklists at ProtectYourFinancialID and StaySmartOnline.
  • The Bank supports the Australasian Consumer Fraud Taskforce in the promotion of ScamWatch, a website dedicated to the prevention of scams.
hoax email new message

Talk to us

Report fraud

Report fraud

If you notice any suspicious activity on your bank account, notify us immediately
on 13 2221.

Learn more
Report hoaxes

Report hoaxes

If you receive or suspect you have received a hoax email, contact hoax@cba.com.au

Learn more


Need an answer? Here are quick and easy ways to get the help you need.

Learn more

Important information

As the advice on this website has been prepared without considering your objectives, financial situation or needs, you should, before acting on the advice, consider its appropriateness to your circumstances. View our Financial Services Guide. Terms and Conditions for these products and services are available online or from any branch of the Commonwealth Bank. The Terms and Conditions should be considered before making any decision about these products.