An executive from National Australia Bank says the country’s four major banks are under constant attack, with threat actors launching a barrage of attacks every minute of every day.
According to Chris Sheehan, National Australia Bank’s executive for group investigations, “every bank is being attacked all the time.” The aim of these attacks is to steal sensitive information and money from unsuspecting customers.
The four major banks in Australia include ANZ Bank, Commonwealth Bank, National Australia Bank (NAB), and Westpac. These banks are officially recognized to be the largest within the country and are prohibited from mergers or acquisitions between each other as part of the “Four pillars policy.”
This relentless barrage of cyber assaults targets not only the banks’ systems but also their customers, leaving millions potentially vulnerable to sophisticated scams and financial theft. Threat actors may employ various forms of attacks, including the distribution of malicious code, security breaches, and denial of service campaigns, making it a daunting task for banks to stay ahead.
The cyber attacks on Australian banks are not isolated incidents but a stream of continuous attempts to breach security, deny services, and steal sensitive information. Sheehan describes the situation as “asymmetrical warfare,” with threats ranging from amateur hackers to highly organized transnational crime groups and even malicious nation-state actors. Sheehan stated:
From, being colloquial, Larry the loser, in the basement at home that’s having a bit of a chop away at the laptop and trying to steal money from people or hack into a system, all the way to highly sophisticated, ruthless and resilient transnational organised crime groups and they’re the ones that are driving 90 per cent of the scams that are hitting Australian victims.
Criminals perceive online attacks as lower risk compared to traditional bank robberies, with the potential for much higher rewards. The extent of the problem is staggering, with Australians losing an estimated $3 billion annually to cyber scams.
The official’s statements come shortly after customers observed the bank’s own website being down for several hours. NAB’s website temporarily informed visitors that its services were not working and directed them to use the NAB app or telephone banking instead.
While the bank’s services appear to have been restored, it is unknown if the downtime was the result of an attack or routine maintenance. Several customers expressed frustration over not being alerted of the downtime via email or text and concerns over pending transactions.
In response to this relentless assault, Australian banks have ramped up their defenses. The banks are working hard to stay ahead of the scammers, with NAB employing a dedicated call center and operations team to fight fraud and scams. The team consists of 350-400 people working around the clock and is available 24/7. Banks have also implemented new policies, such as eliminating hyperlinks in official communications with customers, to help distinguish legitimate messages from scams.
Despite these efforts, the battle against cyber crime remains an uphill struggle. Once a customer falls victim to a scam and initiates a payment, recovery of funds is often impossible. Chris Sheehan advises, “if it looks or sounds too good to be true, or if someone’s applying pressure to you that you’re going to miss out on something, or you’re going to suffer a penalty, if you don’t make that payment, they are massive red flags.”
The Australian Banking Association acknowledges the severity of the situation, describing it as a “scams war.” The banks are also implementing extra safeguards to prevent money from being lost to international criminal gangs. Amidst this persistent threat, it is crucial for customers of the major banks to remain vigilant against the tactics used by these scammers.
The organization stated that there is no need for affected patients or healthcare professionals to take any specific action as…
The NTA acknowledged that the restriction affects users who rely on Telegram for educational, professional, and personal communication.
Advait Patel discusses how SRE and security are converging in cloud systems, from IAM and DevSecOps to AI-driven observability and…
The attackers, tracked as "UNC6508," did not write new malware to steal emails. They created an administrator rule inside Google…
The campaign relies on a constantly changing phishing infrastructure.
The SearchLeak vulnerability let attackers steal data from Microsoft 365 Copilot Enterprise through a malicious link before CVE-2026-42824 was fixed.
This website uses cookies. By continuing to use this website you are giving consent to cookies being used.
Read More