phishers: Government/banking taskforce targets online fraudsters
Joint Media Release
Minister for Communications, Information Technology and the Arts
The Hon Daryl Williams AM QC MP
Minister for Justice and Customs
Senator Hon Chris Ellison
The Australian Government is teaming up with Australia's finance
industry to crack down on cyber-criminals using bogus emails to
defraud online banking and finance customers.
staff from Australia's major banks will be seconded to the Australian
Tech Crime Centre (AHTCC) to help investigate
cases of "phishing," where online criminals use apparently legitimate
emails to trick people into divulging passwords, credit card numbers
and bank account details.
Support for the Joint Banking and Finance Sector Investigation
Team has also been provided by the Australian Bankers' Association
(ABA), Mastercard, Visa International and the Credit Union Services
Corporation Australia Limited (CUSCAL).
The increasing use of Internet banking by business and consumers
is providing a new potential avenue for high-tech fraud.
This joint initiative between the AHTCC and the banking and finance
sector is an important step in combating cyber-fraud and ensuring
that the growing number of Australians who use Internet banking
can continue to do so with confidence.
The Government and the banking and finance sector will also explore
ways to educate consumers about phishing.
The Office of the Information Economy in the Department of Communications,
Information Technology and the Arts has already prepared a background
document on phishing for consumers. Phishing - Don't Take the
Bait! contains practical advice on steps for consumers to
protect themselves from phishing.
In addition, a National Response Plan to fight cyber crime will
provide a mechanism for financial institutions to report phishing
incidents to the AHTCC and the Australian Computer Emergency Response
Team (AusCERT) for analysis and investigation.
This will enable police to swiftly contact the public, banks,
telecommunications companies and Internet service providers to
issue alerts on the potential threat.
Today's announcement builds on the Government's tough approach
to fighting email scammers by outlawing unsolicited email under
the Spam Act. The AHTCC is also working with the Australian Communications
Authority to attack the problem of spam - a common vehicle for
delivering phishing emails.
The AHTCC is hosted by the Australian Federal Police and was established
last year to coordinate a national approach to fighting serious,
complex and multi-jurisdictional high-tech crimes.
particularly directed at the business sector, is a threat to
community and the economy.
The Government is working on a multi-faceted approach to protect
consumers and businesses from a broad and increasingly sophisticated
range of illegal activity in this sector, including:
- Credit and debit card offences: New offences will
be introduced in the winter sittings of Parliament to cover credit
and debit card skimming, whereby legitimate credit and debit
card data is illicitly captured or copied, usually by electronic
means. This offence will also cover Internet banking fraud, including
phishing activity where that activity involves capturing personal
- National Card Skimming Database: The Australian Crime
Commission in partnership with financial institutions has established
a National Card Skimming Database to identify organised crime
groups committing card skimming crimes; and
- Infrastructure protection:
The Trusted Information Sharing Network (TISN) includes Government
and industry representation to improve critical infrastructure
with the ABA chairing TISN's Banking and Finance Infrastructure
Assurance Advisory Group.
Carina Tan-Van Baren (Mr Williams' office) (02) 6277 7480/(0439)
Simon Troeth (Senator Ellison's office) (02) 6277 7260/(0439) 300 335
Background Paper - Phishing
are increasingly using the Internet for shopping, banking and
with online access providing
an easy and efficient avenue to resources and services.
of the Internet for fraudulent purposes is also growing. This
the use of bogus emails to trick people into revealing
personal information to enable the commission of a crime, or "phishing."
a technique used to gain personal information for the purposes
theft by using fraudulent e-mail messages
that appear to come from legitimate businesses, commonly financial
Phishers send authentic-looking messages are designed to lure
recipients into divulging personal data such as account numbers,
passwords and credit card numbers. These emails often copy legitimate
logos and message formats and even include links to a website that
is a convincing replica of the company's home page.
Phishing emails often attempt to instil a feeling of urgency by
- Accounts will be closed down unless a log-on is completed;
- A recent security upgrade means that you have to log-in to
be protected; or
- That a large sum has been debited to your account and you need
to provide your account details to confirm that the charge is
Australians can avoid phishing scams by being alert and employing
sound practices for Internet use. These include:
- Taking time to think about what you are being asked to do -
is it a message that you would expect to receive, and are there
related announcements on the website of the business which purported
to send the message?;
- Double-checking with the business before responding;
- Not automatically clicking on the website link providing in
- Accessing websites by checking the correct address with your
financial institution and typing it directly into your Internet
- Checking authenticity of messages by telephone, using the contact
number that is in the phone book for your bank, not the number
listed in the email (often the numbers listed can be false or
lead to you incurring costs);
- Reporting phishing scams to the business and to the police
in your State or Territory as soon as possible; and
deleting phishing emails, which may include viruses as well
Australian High Tech Crime Centre: http://www.ahtcc.gov.au
Australian Bankers' Association (ABA): http://www.bankers.asn.au
National Crime Prevention Programme: http://www.crimeprevention.gov.au
© 2004, Commonwealth of Australia