How can we help?
Popular searches
back to results
Related Questions
If you can't find your answer, contact us:
Message us

Reach out or reply anytime, anywhere with convenience. Your banking needs, answered in 24 hours by logging into the ING app or your online banking. To find Messages, look in the left hand menu to leave us a message.

Security

  1. Home
  2. Security

Security at ING

Welcome to your line of defence for all things security, scams and protection.

Let's keep you safe

Does something look off in your account activity? Call the ING dedicated scams line on 1800 052 743 available 24/7.

Please remember we will never ask for your PIN or password by phone or email and will never ask you to download any software and apps or access your device remotely.

Security alerts

Latest scams and security alerts

We want to keep you up to date with all the latest common security alerts. The faster you can recognise a scam, the better you can dodge it.
To access an easy read format of information on how to avoid scams click here.

Buying and Selling App Scams - February 2026

Scammers are setting up fake profiles on buying/selling apps, such as Depop, and use these platforms to gain your trust and steal your money.

We have recently seen cases of customers being lured off the official app platform to pay through external methods (like bank transfers) to fake buyers who then claim non-receipt, and also buyers receiving counterfeit goods or no goods at all. The National Anti-Scam Centre advises users to use secure payment methods, keep communications within the platform and to check the details of the person you are paying matches the account or PayID.

Some of the more common scam types are:

  • Counterfeit goods scam: where a seller lists fake designer items as authentic, tricking buyers into purchasing them
  • Goods not received: where an order is made from a site that looks legitimate, but the item never arrives and the seller vanishes
  • Fake payment links: scammers send links to pages that look like official sites, such as Depop or PayPal, but are designed to steal banking details

How to Protect Yourself

  • Never give out personal details including your phone number, email, or bank details
  • Be wary of ‘Overpayment’ scams where a buyer accidentally sends too much and ask you to refund the difference via a separate transaction
  • Conduct all communication within the official platform app or website
  • Using the ‘In-App’ payment channel will ensure you're covered by the site's protection measures
  • Report suspicious activity using the in-app reporting tool for strange messages or users
  • Check seller/buyer reviews to help identify red flags with user profiles Also remember that if a deal looks too good to be true, it probably is a scam!

Stay up to date with current scams targeting Australians via the ASIC Scamwatch website at www.scamwatch.gov.au

If you have any concerns relating to a suspected scams, call us on 1800 052 743.

Learn more about the latest scams

Stay up to date: www.scamwatch.gov.au | More tips oaic.gov.au | Been scammed? Call 1800 052 743

Common scams

Spot the most common scams

Scams come in all shapes and sizes. Learn about the most common here.

Phishing

Scammers send an email or SMS pretending to be from a trustworthy source such as your bank, charity, government, etc.

These scams may ask you to:

Enter personal information

Verify a payment

Say you're eligible for a refund

That your internet, account, or computer has been hacked

Direct you to a website and hack into your details

Never click on any links. Instead, call the company using a trusted number to confirm whether the communication was genuine.

Online shopping

Scammers pretend to be real online shops, either by using a fake website or a fake ad for a genuine retail site.

Fake online shopping sites will often request unusual payment methods such as upfront payment by money order, wire transfer, international funds transfer or giftcards.

Scammers also often pose as genuine sellers or buyers using reputable sites, such as Gumtree and Facebook Marketplace, to try sell you goods that you will never receive, or to deceive a genuine seller into forwarding funds for postage, or have a third-party collect the item before the payment falls through.

If goods are advertised at unusually low prices or you're engaged by a buyer offering you more than your original asking price, it could also be a warning sign!

Investment scams

Scammers claim to be stockbrokers, crypto brokers or portfolio managers offering financial or investment opportunities over an email or phone call.

This can also include bond or share investments that will use prospectus documents that appear to be legitimate or impersonate legitimate financial intuitions.

The scammers will ask you to hand over money for an investment opportunity that offers a high rate of return. There's also a need to act fast so you don't miss out.

If you come across an investment opportunity, always seek independent financial advice before investing in such opportunities.

Remote access

Scammers claim there's something wrong with your computer or internet so you give them access to your computer.

Scammers will cold-call and pose to be from your bank, your telco or even claim to be law enforcement officials. They will often say you're computer has become infected with malware, or if claiming to be law enforcement, need your help to catch a hacker.

They will try to convince you to install an application and give them access to your computer. Scammers will use this to access your personal information or demand a ‘fee' for fixing a fake problem.

Remember to keep your internet banking login details and any SMS codes secure and do not share them with anyone.

More

Relationship and dating scams

Relationship and dating scams are where scammers form a relationship with you, usually through social media, in order to get money or gifts. They develop the relationship over time and may ask you to transfer assets into their name or ask to become a beneficiary of your will. Often they'll ask for money to assist with a health, travel or family problem and, in many instances, they will find reasons to only communicate by email and avoid any live video chats. In many instances the person is not who they claim to be and these scams may be used to fund organised crime.

Invoice scams

Invoice scams are where scammers intercept a legitimate invoice or payment you were expecting and change the payee bank account details. Beware, as the sender's email account may have been hacked. Often the emails will indicate they have recently changed their bank details or are having issues with their current account. To avoid this scam, always call the person or company using a trusted number to make sure the details are correct before processing the payment.

Threat scams

Threat scams are where scammers pretend to be from an Australian or international governing body, such as the Australian Taxation Office (ATO) or Australian Federal Police (AFP), and demand you pay a fine to avoid jail. They might ask you to pay these fines in gift or prepaid cards. Do not engage with these callers and hang up. Search the company's website and find their number directly. Speak with a representative and check if they have called.

Overpayment scams

Overpayment scams are where scammers claim they have sent you too much money and ask you to ‘refund' the overpayment. In some instances, the scammer may produce falsified evidence of the funds transfer and have not sent you any funds.

Inheritance scams

Inheritance scams are where scammers trick you into handing over money or your personal details in order to receive an inheritance, prize, lottery winnings or competition that you have never entered. Be mindful of these scams because if it's too good to be true, it usually is.

How we protect you

How ING is protecting you

ING has loads of security features to help protect your personal info and bank accounts from scammers.

Extra website protection

Our website uses SSL (secure Sockets Layer) encryption. This ensures others can't read your personal info when surfing the internet. You can confirm this by checking for a padlock in the address bar.

Login security

Our virtual keypad feature prevents hackers from capturing your access code during your log in. You will be automatically logged out of online banking if you are inactive for over 8 minutes. After 3 failed logins, your access is suspended. Call us if this wasn't you.

Security codes

We have once-only security codes that are sent to your mobile device and expire after 5 minutes. This two-factor authentication method asks that you verify your access code and the security code sent to your mobile device.

Email alerts

Email alerts are sent to you registered email address. They're used to confirm certain transactions on your account and changes to your account profile. Take a moment to review each email alert you receive to see whether any suspicious transactions have been made.

Report security issues
Please help by reporting vulnerabilities to us, so that we can improve the safety and reliability of our systems together.
You can responsibly disclose suspected vulnerabilities to the ING Cyber Security Team by following the instructions available here.
What you can do

Some simple ways to protect yourself

Received a suspicious call or online link?

If the call doesn't sound right, hang up. Find the company's official website and call their official number. Speak with a representative and confirm whether the call was genuine.

Received a suspicious link in an SMS or email?

Never click on links and enter your login details. Always log in through a company's trusted website. Sometimes marketing and promotional emails we send contain links, but we won't ask you for your login or personal details.

Never share your personal details

Never share details over the phone, even if you're comfortable with the caller. Never share your PIN, mobile security codes or passwords online. If you are using a public computer, never save passwords and log out of any active sessions.

If you think you have experienced a scam that could impact your ING account or noticed unusual activity on your ING account, call us immediately on our dedicated scams line on 1800 052 743.

Report suspicious activity
Report all suspicious activity to the Australian Cyber Security Centre at https://www.cyber.gov.au/acsc/report or to Scamwatch at https://www.scamwatch.gov.au/.
Suspicious emails mentioning ING
Forward it to fraud.au@ing.com then delete it.
Our team can determine whether the email is a scam.
Card security

Card security

This is almost too simple, but make sure your card and PIN are protected from unauthorised use.

Choose a unique PIN that is difficult to guess

Never write down or tell anyone your PIN

Ensure the website is reputable and secure when you shop online

If you have misplaced your card, you can place a temporary hold on your card using the ING app by:

going to the 'Transaction Details' page

selecting the dropdown menu next to the 'Pay' button

choosing 'Temporarily Hold Card'

If your VISA card has been used without your permission or you suspect someone else knows your PIN, contact us immediately on 1800 052 743.

To report suspicious transactions on:

Orange Everyday accounts and arrange a replacement card:

Log into your account at ing.com.au

click on the suspicious transaction in the transactions list

select ‘Dispute transaction'.

Orange One accounts;

Please call us to discuss the dispute process and assist with unauthorised transactions.

Our Customer Care Specialists are available 24/7 for unauthorised transaction enquiries on 133 464 or +61 2 9028 4077 (if you are overseas). Please note, the Orange One team are available between 8am and 6pm AEST/AEDT Monday to Friday, and 9am and 5pm AEST/AEDT Saturday and Sunday.

Find out more