ANZ's Internet banking service has been infiltrated by a fake "personal details" form that seeks to leech private information from the bank's customers.
The fraudulent form appears onscreen masquerading as a "security authentication" from ANZ, which requires customers to enter personal details such as username, password and personal identification number before being allowed to access their accounts.
Bank customers have been urged not to respond to the bogus form should it appear during their Internet banking log-in.
"This is not a legitimate form. Customers who receive it should close all their Internet browser sessions immediately," read a security alert issued by the company.
ANZ has also warned against responding to emails from the bank that request personal details.
"No ANZ emails would ask customers for their personal information. We have identified this early and want to ensure that our customers are aware of the issue,'' the company said, indicating a computer virus could be to blame for the disturbance but denying ITS Web site had been hacked.
Despite the intrusion of the mysterious fake form, customer details contained on the bank's legitimate computers should be kept quite safe, according to Joe Postin, an expert in mainframe computing for banks.
"Anything going from the PC server network to their mainframe would have to be encrypted,'' he said. "I can't see it being an issue other than the fact that [ANZ could] have to lose service and their whole front end would be affected.''
ANZ reports only a handful of people fell for the trap before it was discovered, but urges any other affected customers to contact its internet banking help desk on 13 33 50.