- Sorry, I'm a bit nervous and embarrassed to talk about this. Honestly feel like such an idiot but if I can help one other person then, you know, it's worth it. I live in Melbourne and I'm studying a Master's in Marketing and Communications. I was just so surprised to get caught out by this scam, I'm still kicking myself. Anyway, I got an SMS from NAB. Well, it looked like it was from NAB, but turns out it was a phishing message, but I didn't know that at the time. It said I needed to provide my details as there was a security issue with my account. I remember it was in between class and we were all sitting outside in the sun and I wanted to get it sorted before we went back to class. We were going to the movies after, so I didn't want any hassle in getting tickets. I just clicked the link and followed the steps, put in my NAB ID and password, and then I needed to do some extra security checks by providing my driver's license, Medicare card, mobile number, and address. About half an hour later, I got another SMS with a security code and a call from an unknown number, which I didn't answer. And then got another message from NAB asking me to call them. I was still in class so I called as soon as I was out. They told me someone had logged into my account and tried to transfer 6K to another bank, and I could not believe it. The first SMS I got was the fake. The way they got my details and accessed my account was so fast. Thankfully, NAB blocked the transactions and reset my password. So the account was safe, but it's been a big job working out what to do with the driver's license and everything. I was able to speak to IDCARE and they've been a big help with that side of things. Honestly, I still can't believe it happened to me. It was something so simple and I consider myself to be relatively intelligent. I think if I can fall for this, then anyone can.

- Unfortunately, Eva's story is one we hear all too often. Every day in Australia, criminals are targeting Australians to steal credentials and money. So it pays to make sure you know how to spot the red flags. Phishing messages are created to look like genuine messages from legitimate organisations. You can see a NAB example here. These messages can appear to be from any genuine business or organisation and they could be an email, SMS, or even a phone call. They are looking to get credentials or personal information which they can then use to open bank accounts, services like PayPal, and even apply for credit cards, unsecured lending, or a mobile phone account. A few tips NAB recommends to help spot phishing messages. Firstly, does the message trigger a sense of urgency or offer a reward? Secondly, is the message asking for personal information or does it require you to click a link or download a file? Third, can you confirm where the message has come from? Does the email address match the sender's name? Fourth, is the message unusual or unexpected? Do you know how to spot the red flags? If you get a message that asks you to take action or provide details to go to that organisation directly, log into your mobile app, log in via your tablet or laptop or call them on a known or publicly listed number to confirm the request. To learn more and to help make yourself a hard target for the criminals, visit nab.com.au/security for more information.