Important information for PayID customers

We are aware that a number of customer PayIDs and the associated identifier (customer name) have been accessed through another financial institution. Be reassured that your CommBank personal banking details were not affected and remain secure.

The ability to see the associated identifier (e.g. customer name) is an intentional feature of PayID so you can make sure you’re paying the right person, however your name and the mobile number linked to your PayID may be used as part of scams and phishing attempts.

You may have received a fraudulent SMS.

This is known as SMiShing, an SMS that looks convincing and includes a link to a fraudulent website, e.g. posing as a bank that requests your personal information. 

The PayID scam SMS may have your name in it, like this example:

If you have clicked a link on a suspicious SMS, contact us or the other bank your PayID is registered with, urgently.

SMS scam example: Dear customer, your account may be suspended. Please complete verification

Is that really from CommBank?

The below emails and SMS messages, which have been reported, are not from the Commonwealth Bank and are not authorised by us. 

  • Remember, we will never ask you for your banking information by email or text message
  • Stop and think before you click
  • To be safe, always navigate directly to NetBank yourself and log on from the site you know to be genuine, rather than using any links in communications
  • Report suspicious emails to hoax@cba.com.au then delete them straight after. Do not reply or engage with them

Keeping your accounts safe is our priority. Find out more about how to recognise hoaxes and what to do if you see one

SMS scam examples

Scam example: "Your account may be suspended. Please complete verification: www.cba.icu"
Scam example: "IMPORTANT MESSAGE FROM COMMBANK - Your NetBank access has been locked. We've had to lock your NetBank to help protect your security. To unlock hyour account please visit your nearest Commonwealth branch with photo ID or go to... "
Scam example: "We have detected some unusual activity in your account. Please login via ... to secure your account"