Tips for safe online banking

SafeWise experts have years of firsthand experience testing the products we recommend. Learn how we test and review

Online banking is an incredibly convenient feature that makes it easy to access funds on the go. But that convenience comes at the expense of security. Still, online banking doesn’t have to be scary if you follow these tips to keep the process safe.

General online banking safety tips

The Australian Competition & Consumer Commission (ACCC) outlines six basic steps to help protect yourself whenever you use online banking. Note that some of their advice can also be applied to safe online practices outside of banking.

1. Securing devices

Start by ensuring that the device you use for online banking has software that helps protect against online threats. This means keeping any firewall, antivirus, and anti-malware software updated. We also recommend ensuring that the operating system on your device is up to date. When you finish banking, the ACCC advises you log out and clear your browsing history.

Compare antivirus software

Best for
Initial annual price
Number of devices
Threat protection
Learn more
Best antivirus software overall1, 3, 5, or 1099.9%
Best cheap antivirus software1, 3, 5, 10, or 2099.6%
Best antivirus for families5 or 3099.6%
Best antivirus for enhanced security5100%
Best antivirus for first-timers1 or 1099.6%
Best runner-up597.4%
Best for infected devices1 or 599.9%
Best for device diversity2, 4, or 6100%
Best for fewest false positives1 to 10 98.4%

Prices are accurate as of post date. Read full disclaimer.

2. Password complexity

Use a strong password that’s unique and utilises a combination of letters and numbers; ideally, something that someone can’t guess. We’d advise using a password manager to generate and store secure passwords for online banking.

3. Password security

Don’t share your online banking password or PIN with anyone. Additionally, don’t keep paper records of these types of credentials. Password managers like LastPass and 1Password can store passwords as well as secure notes if you need to jot things down. Additionally, consider two-factor authentication for participating banks to further boost security.

4. Web address accuracy

Ensure the online banking web address you’re using is correct and not linked to a fake site. The easiest way to do this is by manually entering the web address every time (bookmark the site if you like). Keep an eye out for the padlock symbol in the website address bar (or ‘https’ in front of the address) for a secure website. Also, never click on an email link that claims to lead to online banking as this is a common tactic used by scammers looking to capture your online banking credentials.

5. Bank statement diligence

Regularly go over your banking statements to keep an eye out for suspicious activity. If a transaction is unfamiliar, contact your bank to discuss options. Note that sometimes fraudulent transactions may only be for small amounts (a form of probing for online scammers).

6. Money transfer safety

Don’t transfer money from your account to people you don’t know. Scam attempts may involve people contacting you out of the blue, potentially claiming to be from a legitimate company, and asking for funds. Always independently verify money requests from companies, friends, or family members in some way outside of contact out of the blue.

The importance of protecting your personal details

Outside of the six steps above, the ACCC also advises you never hand out personal details, including online account credentials or credit card details. This includes via email, online chatting, or over the phone, with the only exception being a phone call you instigated with a trusted source.

Remember that legitimate banks will never ask for your account details unexpectedly, so treat any email or call asking for such details as suspicious. Bank staff are very sympathetic to the reality of scams, so they won’t have any issue with you verifying details. Scammers, on the other hand, tend to try to steer you away from these topics or get upset when you seek verification.

If you receive an email with links asking to verify your online banking details, delete it without clicking on any links. Report the email to your bank. If you’re called out of the blue by someone claiming to be from your bank and asking for details, the ACCC advises asking for their name and number. Afterwards, independently source your bank’s number and call to confirm the details. Instead of asking a potential scammer for their name and number, we advise ending the call and contacting your bank directly.

Online banking scams
The ACCC uses Scamwatch to track scams and advise the best ways to them. Be particularly wary of phishing scams, card skimming, and credit card scammers. Phishing scams use emails or text messages claiming to be your bank and request you provide details via a link. Card skimming is where ATM card details are captured and used. Credit card scammers seek to have you provide your card details. Pause misplaced or lost credit cards and cancel them if they’re stolen, then contact your bank for next steps.

Online safety tips from popular banks in Australia

Some of the biggest banks in Australia offer advice on how to stay safe when using online banking. Westpac advises you don’t sign into online banking on a device with shared access and never to share security codes or passwords with anyone. If you’re asked to share these details, contact Westpac on 132 032.

ANZ advises its customers to always type in the address into the browser to ensure you’re heading to the correct online banking portal. Avoid online banking while using public WiFi, plus choose strong passwords and regularly update them. Remember to log out once you’ve finished banking.

Bankwest advises its customers to avoid public WiFi and protect social media accounts while using online banking. Also ensure devices are up to date, plus use strong and unpredictable passwords for accessing online banking.

NAB reinforces the idea of not sharing passwords, PINs, passcodes, or pattern locks with anyone else, and ensure these protective measures are hard to guess. Use the address to access NAB online banking, and don’t write down credentials for your account.

St George advises its customers use McAfee (with a six-month free trial) to safeguard devices that use online banking. To better protect yourself, St George recommends updating contact details, adding additional mobile banking security, and changing your password.

If your bank isn’t listed above, use a search engine to look for ‘online banking safety tips’ with the name of your bank for specific guidance.


For safe internet banking, use a strong password and change it regularly. Try to avoid using public computers or public WiFi, type in the online banking URL every time, and consider using a VPN while using online banking.
All banks that use HTTPS website addresses (keep an eye out for the padlock in the address bar) offer safe online banking. For additional security, seek out a bank that offers two-factor authentication.
You should never voluntarily provide your bank username and password (and your bank shouldn’t ask you for your password). Instead, always manually enter your online banking URL or use a corresponding legitimate online banking app.

Product prices and availability are accurate as of the date/time of publish and are subject to change. Any price and availability information displayed on the retailer’s website at the time of purchase will apply to the purchase of this product. SafeWise Australia utilises paid affiliate links.
Nathan Lawrence
Written by
Nathan Lawrence

Recent Articles