How can we help?
Popular searches
back to results
Related Questions
If you can't find your answer, contact us:
Message us

Reach out or reply anytime, anywhere with convenience. Your banking needs, answered in 24 hours by logging into the ING app or your online banking. To find Messages, look in the left hand menu to leave us a message.

Security

  1. Home
  2. Security

Security at ING

Welcome to your line of defence for all things security, scams and protection.

Let's keep you safe

Does something look off in your account activity? Call the ING dedicated scams line on 1800 052 743 available 24/7.

Please remember we will never ask for your PIN or password by phone or email and will never ask you to download any software and apps or access your device remotely.

Security alerts

Latest scams and security alerts

We want to keep you up to date with all the latest common security alerts. The faster you can recognise a scam, the better you can dodge it.
To access an easy read format of information on how to avoid scams click here.

ING Phishing SMS Scams - May 2026

We're aware of fake SMS' currently circulating which claim to be from ING. These SMS' claim that the customer’s account has been locked, and that they need to restore access by following a link included in the message. These links have complicated structures such as:

  • https://payment-review.site/u/UEpKhAEn
  • https://payment-review.site/u/CVl3eC9A

These links take the customer to a fake ING website which prompts the customer to enter their login ID (CIF) and password. Once these details have been entered, the customer receives an error message while at the same time, the scammers have the customers login details and are able to access the customer’s account.

While ING has taken steps to have these malicious websites taken down, there will be additional websites created to replace those that have been removed.

Be mindful of the following to help reduce your risk of being scammed:

  • ING will never send you an SMS asking you to urgently complete an action through a link.
  • Never click on links to log in your Internet banking, always use the ING app or the secured log in page
  • Check for spelling mistakes in the SMS, or the information doesn't make sense
  • Always be wary of unsolicited messages from unknown numbers or numbers posing as a known company or business
  • Contact ING via a trusted number to verify if the message is genuine, do not use the number in the suspect SMS

Stay up to date with current scams targeting Australians via the ASIC Scamwatch website at: www.scamwatch.gov.au

If you have any concerns relating to a suspected scams, call us on 1800 052 743.

You can also report suspicious messages to fraud@ing.com.au

Learn more about the latest scams

Stay up to date: www.scamwatch.gov.au | More tips oaic.gov.au | Been scammed? Call 1800 052 743

Common scams

Spot the most common scams

Scams come in all shapes and sizes. Learn about the most common here.

Phishing

Scammers send an email or SMS pretending to be from a trustworthy source such as your bank, charity, government, etc.

These scams may ask you to:

Enter personal information

Verify a payment

Say you're eligible for a refund

That your internet, account, or computer has been hacked

Direct you to a website and hack into your details

Never click on any links. Instead, call the company using a trusted number to confirm whether the communication was genuine.

Online shopping

Scammers pretend to be real online shops, either by using a fake website or a fake ad for a genuine retail site.

Fake online shopping sites will often request unusual payment methods such as upfront payment by money order, wire transfer, international funds transfer or giftcards.

Scammers also often pose as genuine sellers or buyers using reputable sites, such as Gumtree and Facebook Marketplace, to try sell you goods that you will never receive, or to deceive a genuine seller into forwarding funds for postage, or have a third-party collect the item before the payment falls through.

If goods are advertised at unusually low prices or you're engaged by a buyer offering you more than your original asking price, it could also be a warning sign!

Investment scams

Scammers claim to be stockbrokers, crypto brokers or portfolio managers offering financial or investment opportunities over an email or phone call.

This can also include bond or share investments that will use prospectus documents that appear to be legitimate or impersonate legitimate financial intuitions.

The scammers will ask you to hand over money for an investment opportunity that offers a high rate of return. There's also a need to act fast so you don't miss out.

If you come across an investment opportunity, always seek independent financial advice before investing in such opportunities.

Remote access

Scammers claim there's something wrong with your computer or internet so you give them access to your computer.

Scammers will cold-call and pose to be from your bank, your telco or even claim to be law enforcement officials. They will often say you're computer has become infected with malware, or if claiming to be law enforcement, need your help to catch a hacker.

They will try to convince you to install an application and give them access to your computer. Scammers will use this to access your personal information or demand a ‘fee' for fixing a fake problem.

Remember to keep your internet banking login details and any SMS codes secure and do not share them with anyone.

More

Relationship and dating scams

Relationship and dating scams are where scammers form a relationship with you, usually through social media, in order to get money or gifts. They develop the relationship over time and may ask you to transfer assets into their name or ask to become a beneficiary of your will. Often they'll ask for money to assist with a health, travel or family problem and, in many instances, they will find reasons to only communicate by email and avoid any live video chats. In many instances the person is not who they claim to be and these scams may be used to fund organised crime.

Invoice scams

Invoice scams are where scammers intercept a legitimate invoice or payment you were expecting and change the payee bank account details. Beware, as the sender's email account may have been hacked. Often the emails will indicate they have recently changed their bank details or are having issues with their current account. To avoid this scam, always call the person or company using a trusted number to make sure the details are correct before processing the payment.

Threat scams

Threat scams are where scammers pretend to be from an Australian or international governing body, such as the Australian Taxation Office (ATO) or Australian Federal Police (AFP), and demand you pay a fine to avoid jail. They might ask you to pay these fines in gift or prepaid cards. Do not engage with these callers and hang up. Search the company's website and find their number directly. Speak with a representative and check if they have called.

Overpayment scams

Overpayment scams are where scammers claim they have sent you too much money and ask you to ‘refund' the overpayment. In some instances, the scammer may produce falsified evidence of the funds transfer and have not sent you any funds.

Inheritance scams

Inheritance scams are where scammers trick you into handing over money or your personal details in order to receive an inheritance, prize, lottery winnings or competition that you have never entered. Be mindful of these scams because if it's too good to be true, it usually is.

How we protect you

How ING is protecting you

ING has loads of security features to help protect your personal info and bank accounts from scammers.

Extra website protection

Our website uses SSL (secure Sockets Layer) encryption. This ensures others can't read your personal info when surfing the internet. You can confirm this by checking for a padlock in the address bar.

Login security

Our virtual keypad feature prevents hackers from capturing your access code during your log in. You will be automatically logged out of online banking if you are inactive for over 8 minutes. After 3 failed logins, your access is suspended. Call us if this wasn't you.

Security codes

We have once-only security codes that are sent to your mobile device and expire after 5 minutes. This two-factor authentication method asks that you verify your access code and the security code sent to your mobile device.

Email alerts

Email alerts are sent to you registered email address. They're used to confirm certain transactions on your account and changes to your account profile. Take a moment to review each email alert you receive to see whether any suspicious transactions have been made.

Report security issues
Please help by reporting vulnerabilities to us, so that we can improve the safety and reliability of our systems together.
You can responsibly disclose suspected vulnerabilities to the ING Cyber Security Team by following the instructions available here.
What you can do

Some simple ways to protect yourself

Received a suspicious call or online link?

If the call doesn't sound right, hang up. Find the company's official website and call their official number. Speak with a representative and confirm whether the call was genuine.

Received a suspicious link in an SMS or email?

Never click on links and enter your login details. Always log in through a company's trusted website. Sometimes marketing and promotional emails we send contain links, but we won't ask you for your login or personal details.

Never share your personal details

Never share details over the phone, even if you're comfortable with the caller. Never share your PIN, mobile security codes or passwords online. If you are using a public computer, never save passwords and log out of any active sessions.

If you think you have experienced a scam that could impact your ING account or noticed unusual activity on your ING account, call us immediately on our dedicated scams line on 1800 052 743.

Report suspicious activity
Report all suspicious activity to the Australian Cyber Security Centre at https://www.cyber.gov.au/acsc/report or to Scamwatch at https://www.scamwatch.gov.au/.
Suspicious emails mentioning ING
Forward it to fraud.au@ing.com then delete it.
Our team can determine whether the email is a scam.
Card security

Card security

This is almost too simple, but make sure your card and PIN are protected from unauthorised use.

Choose a unique PIN that is difficult to guess

Never write down or tell anyone your PIN

Ensure the website is reputable and secure when you shop online

If you have misplaced your card, you can place a temporary hold on your card using the ING app by:

going to the 'Transaction Details' page

selecting the dropdown menu next to the 'Pay' button

choosing 'Temporarily Hold Card'

If your VISA card has been used without your permission or you suspect someone else knows your PIN, contact us immediately on 1800 052 743.

To report suspicious transactions on:

Orange Everyday accounts and arrange a replacement card:

Log into your account at ing.com.au

click on the suspicious transaction in the transactions list

select ‘Dispute transaction'.

Orange One accounts;

Please call us to discuss the dispute process and assist with unauthorised transactions.

Our Customer Care Specialists are available 24/7 for unauthorised transaction enquiries on 133 464 or +61 2 7242 1974 (if you are overseas). Please note, the Orange One team are available between 8am and 6pm AEST/AEDT Monday to Friday, and 9am and 5pm AEST/AEDT Saturday and Sunday.

Find out more