Rising bank impersonation scams are forcing mortgage brokers to put scam education front and centre in client conversation
New information from the Australian Federal Police (AFP) and Commonwealth Bank (CBA) shows criminals are posing as banks, cryptocurrency providers, and other trusted organisations, often using stolen personal details to sound legitimate and bypass security checks.
AFP Detective Superintendent Marie Andersson said offenders are becoming more organised and convincing, noting that “Scammers approach victims armed and ready using secure information such as their name, date of birth, account details, and bank balances, acquired through previous cyber-attacks or data breaches.” This allows them to build a sense of trust before escalating pressure.
The Joint Policing Cybercrime Coordination Centre (JPC3) reports scammers are now copying bank hold music and coordinating multiple calls to create “proof” that appears credible.
Once contact is made, victims may be pushed to share one‑time passcodes, approve transactions in their banking app, download remote‑access software, or move money to so‑called “safe accounts” – all of which can drain savings or redraw limits linked to home loans and lines of credit.
Authorities say many scams follow a similar pattern: a cold call, text or email claiming there are unauthorised transactions, locked or compromised accounts, or new payees added without permission. From there, the scammer insists immediate action is needed to “protect” the account.
Andersson stresses that pressure itself is a major warning sign.
“Cold contact from a banking provider via call, text or email, combined with an extreme pressure to act quickly and hand over personal information, should be treated as a potential scam,” she said.
For mortgage and finance brokers, that is a crucial message to reinforce with first‑home buyers and property investors who may be anxious about protecting deposits or offset balances.
According to ACCC, reported combined losses to phishing scams – including bank impersonation – reached $97.6 million in 2025, up from $84.5 million a year earlier. And that is just one slice of the problem.
CBA executive general manager of group fraud and scams James Roberts said scammers are becoming more convincing, but that there are still a few simple steps people can follow to help keep themselves safe.
“Banks won’t rush you – and we will never ask you to share passwords, PINs or one-time codes, or move money to a ‘safe account’,” Roberts said in a media release.
CBA has also stepped up its technology response, becoming the first bank to plug into a new “anti‑scam intelligence loop” that lets banks, telcos, internet providers, and social platforms share scam data more quickly and take faster action. The bank is pairing that with multi‑factor authentication in NetBank, near real‑time scam intelligence, AI‑driven scam checking tools and scam‑indicator technology developed with partners.
For brokers, the message is clear: encourage clients to pause, verify any unexpected contact using official channels, and never share codes or move funds on the say‑so of an unsolicited caller – no matter how convincing they sound.
Get the hottest and freshest property and mortgage news delivered right into your inbox. Subscribe now to our FREE daily newsletter.
