Finder makes money from featured partners, but editorial opinions are our own.

What to do if your bank account is hacked

If you notice any strange or unusual activity on your bank statement, freeze your card and notify your bank immediately.

What to do if your bank account has been hacked

  1. Freeze or block your card. Many mobile banking apps and Internet banking portals have a card-freezing feature which allows you to temporarily freeze or block your debit card from making transactions. If you can do this with your account, do this right away to prevent any further purchases by the hacker.
  2. Notify the bank. Call you bank and tell them you suspect your account has been hacked. If you haven't already done so, they'll be able to freeze your account to prevent further purchases.
  3. Block pending transactions. The bank may also be able to block any purchases that are still pending, so check your transaction history for pending purchases made by the hacker.
  4. Check your other accounts. It's a good idea to check your other accounts if you have any (e.g. joint bank accounts, credit cards) to make sure these haven't been hacked as well. For extra safety, update your account passwords and/or PINs.

How will you know if you’ve been hacked?

Strange purchases that appear on your bank statement may be the first clue that a hacker has got into your account. Make a habit of checking your transaction history regularly in your mobile banking app, or ready your bank statements.

Sometimes the people that steal your card will make seemingly insignificant purchases to test and see if your card works before going to larger transactions. So make sure you don't disregard any small transactions that you don't remember making - these could be by a hacker.

For larger purchases, your bank may notify you of suspicious activity and automatically cancel fraudulent charges.

If you notice any errors or suspicious activity or believe you have become a victim of identity theft, you should make a report with the Australian Cyber Security Centre... Your report will be directly referred to the appropriate state or territory law enforcement agency.

⚠️ Visit the Australian Cyber Security Centre website to report an issue now.

Finder survey: Which age groups experience the most card fraud in Australia?

ResponseGen ZGen YGen XBaby Boomers
No - I have never experienced card fraud53.93%58.97%59.21%58.24%
Yes - on my debit card22.47%13.86%10.86%8.24%
Yes - on my credit card20.22%21.2%26.32%31.53%
Yes - on both a debit card and a credit card3.37%5.98%3.62%1.99%
Source: Finder survey by Pure Profile of 1113 Australians, December 2023

Lost or stolen card numbers

Don’t wait for your bank to realise. It's your account, so you're in charge of managing it. Check it regularly in order to avoid a mishap.

The first step the bank will take is freezing your account so no-one can access it. If you go to your local bank branch, they will give you a temporary card, otherwise it will be sent to you in the mail.

Most banks will refund your lost money after you complete a form admitting that you didn't take part in the theft.

Are banks liable if I've been hacked?

If a hacker steals any funds from a bank, the bank is liable to pay the money back to the customer. However, it may be difficult to prove that you weren't party at fault (e.g.: if you've been careless with your account, you may not be eligible for a refund).

Since banks are constantly under attack, they need to improve every aspect of their security so they have the latest software designed to protect you and your money. Every attack doesn’t make the news, but generally the big ones do. Rest assured, banks are constantly improving their systems for detecting and dealing with these problems.

Ensure your account is not vulnerable

Most banking websites allow you to activate a feature called "remember your password" when you log in via the Internet. You can then skip several layers of security the next time you log in since the bank recognises your computer’s IPv4 address - a unique identifier for each Internet connection.

But malware is a tool that hackers use to imitate your IPv4 address so they can gain access to your bank account. Often you don't even know that they have control over your bank account. For this reason, it’s best to disable the “remember your computer” feature.

If you've been hacked, it's also a good idea to change all your online passwords and login details, and also your PIN for your mobile banking app and debit card.

Beware of social engineering

Email software is pretty good at getting rid of spam the majority of the time, however, you may see something that resembles an official bank email that asks you to go to the bank's website to confirm your information. In reality, this could be a scam and the hacker has designed a site that mimics your bank's website. If something like this happens to you, don't enter your details such as a password unless you're sure it's a secure website.

You can often verify a website's validity since the Internet monitors the security certificate of that said website, so your mind can be at ease.

Similarly, you should never respond to a text message claiming to be from your bank asking you to click on a link or provide your bank account details. If you're ever not sure, the best thing to do is cal you bank and check if the message is from them.

Have you been hacked while overseas?

If you believe you have fraudulent transactions on your debit card – whether the transactions came from overseas, or you're currently overseas – you will definitely need to block the card and lodge a dispute investigation. Before you go on holiday, it's always handy to have a list of phone numbers on hand in case of issues like this. Otherwise, a simple Google search should be able to find you the right number. If your bank finds the transaction to be fraudulent, it will most likely refund the money.

Before you go overseas make sure to let you bank know what country you'll be in and when, so they can keep an eye on any suspicious transactions that are made elsewhere.

Need a new bank account? Check out our bank account comparison to find the right bank account for you today.

More guides on Finder

Ask a Question

You are about to post a question on

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder only provides general advice and factual information, so consider your own circumstances, or seek advice before you decide to act on our content. By submitting a question, you're accepting our 1. Terms Of Service and 6. Finder Group Privacy & Cookies Policy.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

6 Responses

    Default Gravatar
    BethOctober 31, 2022

    Hi Alison I was hacked in 2020 my bank AMP said they won’t give me my 9,999 00 back.
    What can I do?

      AlisonNovember 11, 2022Finder

      Hi Beth,

      Sorry to hear that you’re a victim of hacking. It would be best to contact your bank to know the reason why your claim is denied. It would also help to read their terms and conditions.


    Default Gravatar
    MikeOctober 19, 2021

    somehow someone gained access to my bank account has made 3 unauthorized and fraudulent Osko transactions, of course it is after banking hours, ive made contact, changed my details and had the account blocked. But now I am left to wait and stay up all night fearing the absolute worst……is there anything else i can do, have i lost all the money, can i get it back or is it gone.

      AlisonOctober 24, 2021Finder

      Hi Mike,

      We are very sorry to hear about the ordeal you’ve gone through. You’ve done the right thing by contacting your bank and blocking the account right away.

      Banks will generally be liable to recover your lost money if you can prove that the unauthorised transaction didn’t occur because of an error on your part. For example, if you haven’t kept your account PIN and passwords secure the bank might not be liable to recover your money. You’ll need to work with your bank directly on this.

      In the meantime, we recommend changing your passwords and PINs for any other accounts you have open, just in case.

      Thanks, and we hope you’re able to get your money back.

    Default Gravatar
    SowjanyaApril 6, 2017

    Is money get back in your account after hacking?

      HaroldApril 6, 2017Finder

      Hi Sowjanya,

      Thank you for your inquiry.

      Typically, if a hacker steals any funds from a bank, the bank is liable to pay the money back to the customer. The customer will never lose money. If you experienced a hacking issue please coordinate immediately with your bank provider to settle your concern.

      I hope this information has helped.


Go to site