Sign on to Virgin Credit Cards


•print •close

Protecting yourself

Customer Alert:

Beware of suspicious telephone calls. We won't contact you by phone with the offer of a preapproved credit card. If you receive a phone call from someone offering you a preapproved credit card - on the basis you supply them with personal information such as drivers licence, address details, income details - report it to the police or contact us on 13 37 39.

Protect your identity by keeping your personal data in the right hands. For more information view the Australian Bankers Association fact sheet on protecting your identity

Tips to "Spot" and "Avoid" Scams

Internet Banking Security Tips

Before Logging On to Virgin Money Online

It's important you protect your computer and information with some easy-to-use tools such as firewall programs, email filters, anti-virus software and spyware filters

Review your account statements as soon as you receive them and notify us immediately of any unauthorised transactions

Always type my.virginmoney.com.au into your browser when signing on to Virgin Money Online.

While Logged On to Virgin Money Online

We will never send you emails containing links. It's important not to click on any links to Virgin Money Online from an email

Keep your ATM PIN secure and never disclose it to anyone

Do not select an easily identifiable ATM PIN like 1111, 1234 or dates of birth

Before submitting information through a website, look for the "padlock" icon on your browser's status bar or that the website address starts with "https://" and not just "http://"- when such security details are present, your information is in a secured session

Contact us immediately on 13 37 39 (+61 2 8288 2222) if calling from overseas) if you notice a discrepancy in the date and time of your last sign in. This information is found at the top of the "My Home" page after you login to Virgin Money Online

Misspelled words either in the email message or within the website may signal a potential scam

Always exit Virgin Money Online by clicking on the "sign-off" option, do not just close your browser

If you suspect your account has been compromised in any way, call us immediately on 13 37 39 (+61 2 8288 2222 if calling from overseas).

We will never send emails to you to verify personal and/or account information.
It is important you disregard and report emails which:
	Request any customer information - including your ATM PIN or account details. Therefore, you should not reply to emails that request such information
	Ask you to contact a phone number to verify your card or account details. Always call us on 13 37 39 (+61 2 8288 2222 if calling from overseas)

Protect your personal computer

Protect your personal and account data

How we are protecting you

We are committed to providing a secure online transaction environment for our customers. We use the latest technology and systems to deliver a range of security initiatives as part of an ongoing program to enhance the security of our online website.
	All communication sent from your computer to our secure systems is encrypted to ensure the confidentiality of all data sent and received
	Our dynamic on-screen keyboard, found on the sign on page of Virgin Money Online, is a means of protecting your password when you enter it. This sign on method consists of an on-screen keyboard from which your password is entered with your computer's mouse, rather than a keyboard which can be more easily targeted by key logging software
	A digital certificate (found by clicking on the Padlock Icon in the Status Bar at the foot of the page ) is used to verify the identity and authenticity of our websites
	Immediately upon signing in to Virgin Money Online, the "My Home" page details the date and time of your last sign in. Contact us immediately on 13 37 39 (+61 2 8288 2222 if calling from overseas) if you notice a discrepancy in the date and time of your last sign in
	The Virgin Money Online website is constantly monitored by dedicated personnel 24 hours a day who review the website to identify opportunities to enhance the site's security and to maintain all the internet banking services available for our customers
	You can contact us 24/7 for assistance with any queries.

If you believe your account has been compromised in any way, call us immediately on 13 37 39 (+61 2 8288 2222 if calling from overseas)

For more information the following websites are also available:

Australian High Tech Crime Centre
Australian Competition and Consumer Commission - Scamwatch Australian Securities & Investment Commission

What could happen

Email fraud - spoof (also known as phishing or hoax)

A spoof website is one that mimics a popular company's website to lure you into disclosing confidential information. To make spoof sites seem legitimate, thieves use the names, logos, graphics and even code of the real company's site.

Although they can be difficult to spot, these sites generally ask you to click a link to a spoof website and request you provide, update or confirm sensitive personal information. As bait, they may allude to an urgent or threatening condition concerning your account.

Signs of a spoof email

There may be a sense of urgency. Example: Your account will be closed or temporarily suspended or you will be charged a fee if you do not respond

Advise customers to contact a phone number to verify your card or account details

There are embedded links that look legitimate because they contain all or part of a genuine company's name. These links may take you to spoof sites that ask you to enter, confirm or update sensitive personal information

There may be obvious spelling errors. These errors enable spoof emails to avoid the spam filters that internet service providers use.

If you've received one of these emails, please call us on 13 37 39 and forward it to expert@virginmoney.com.au. As email spoofs continuously evolve, providing us with examples will help our ongoing investigations. Email spoofs can continually evolve, and even slight variations, like differences in the embedded links, will aide our investigations.

We will never send emails to you to verify confidential, personal or account information.

If you believe your account has been compromised in any way, call us immediately on 13 37 39 (+61 2 8288 2222 if calling from overseas)

For more information the following websites are also available:

Australian High Tech Crime Centre
Australian Competition and Consumer Commission - Scamwatch Australian Securities & Investment Commission

Your Questions

What should I do if I suspect that I've received a phishing email?

How can I ensure that I'm communicating with a financial institution during secure session?

What should I do if I've already provided my credit or debit card information to a possible phishing email?

How is my information transmitted safely over the Internet?

How can I tell if my browser session is secure?

What do I do if I've downloaded a virus or Trojan program?

What is a Digital Certificate and how does it help to ensure security?

Can other people view my personal information when I am using the Internet?

Are email transmissions secure?

What should I do if I suspect that I've received a phishing email?
If you receive a suspicious email that appears to have been sent by us, call us immediately on 13 37 39 (+61 2 8288 2222 if calling from overseas). Forward all suspicious emails as an attachment to expert@virginmoney.com.au for further investigation and action.

How can I ensure that I'm communicating with a financial institution during secure session?
You can verify that you are communicating with a genuine financial institution by examining the website certificate during a secure session. This will verify the identity of the specific website you are accessing as well as validate that the site is secure and genuine. It also ensures that no other website can assume the identity of the original secure site. Please refer to your internet browser's documentation for instructions on how to view a certificate. Always ensure that you are using a secure website when submitting credit card or other sensitive information. To make sure you are on a secure web server, check the beginning of the website address in your browser's address bar - it should read https://, rather than just http://.

What should I do if I've already provided my credit or debit card information to a possible phishing email?
Report the theft of information to us by call us as quickly as possible on 13 37 39 (+61 2 8288 2222 if calling from overseas).

How is my information transmitted safely over the Internet?
Web browsers use standard security protocols like Secure Socket Layer (SSL), and Secure Hyper Text Transfer Protocol (S-HTTP) to enable private information to be transmitted safely over the Internet. When you visit a website with the SSL protocol, a secure connection is created between your computer and the website server you are visiting. Once this connection is established, you can transmit any amount of information to the web server safely. In contrast, the S-HTTP is designed to transmit individual messages securely.

How can I tell if my browser session is secure?
For most web browsers such as Microsoft Internet Explorer and Netscape Navigator, a secure, encrypted session will be indicated by a closed padlock or an unbroken key icon that appears in the lower left or right hand corner of the browser window. You should also check the address bar of your browser. If the website address starts with "https://" rather than the standard "http://" then the session is secure.

What do I do if I've downloaded a virus or Trojan program?
Some phishing attacks use viruses and/or Trojans to install programs called "key loggers" onto your computer. These programs capture and send out any information that you type to the phisher, including account numbers, usernames and passwords. In this case, you should:

       Install and/or update anti-virus and personal firewall software
       Update all virus definitions and perform a full scan
       Confirm every connection your firewall allows.

What is a Digital Certificate and how does it help to ensure security?
Digital certificates are issued by extensively audited and controlled certification authorities to authenticate a website or elements of websites. The certificate identifies the originator of the site and verifies that it has not been tampered with. When your web browser is presented with a certificate, it will check to see if a legitimate certification authority issued the certificate. If there is a match, your session will continue. Otherwise, your browser will issue a warning, and your safest action is to cancel your activity.

Can other people view my personal information when I am using the Internet?
If a secure session is established and the information is encrypted during transmission, then others will not be able to view your information. However, you should be aware that some web browsers will store information on your computer even after you are finished conducting your online activities; this is called caching. Therefore, you should close your browser once you are finished using the Internet, particularly if you visit secure sites to conduct financial transactions, check account balances or view any other information that you regard as private and confidential.

Are email transmissions secure?
Email sent over the Internet is generally not secure unless it is encrypted. In reality, most email programs currently do not have this capability. As most email transmissions are not secure, you should never send any personal or financial information, such as your credit card number, over email. ..

Australian High Tech Crime Centre
Australian Competition and Consumer Commission - Scamwatch Australian Securities & Investment Commission