Scam Alert

We're aware of scammers claiming to be from GMCU. We will never ask you to share your online banking password, SMS one-time password, or any other personal information, over the phone.

You may receive a text message from our fraud monitoring service, VIGIL - asking you confirm via SMS whether a transaction is legitimate, or to call 1300 705 750. Click here for more information about VIGIL.

 
The security of your money and privacy of your data is our top priority.

At GMCU, we take your privacy and protection seriously. That’s why we’ve implemented a comprehensive range of security measures to safeguard your personal information and online transactions. These include:

  • Data encryption
  • Firewalls
  • Automatic session timeouts
  • SMS one-time passwords

So when you bank online with us, you can feel confident knowing your information is secure.
 

Staying safe online

Here are some important tips on keeping your online banking and personal information safe:

  • Never share or store your password on your device or browser
  • Use a trusted password manager
  • Only access Internet Banking via the GMCU website
  • Only download the GMCU Mobile App from the official App stores
  • Avoid using public Wi-Fi for banking or shopping
  • Look for the secure padlock icon in your browser, which indicates a secure connection
  • Use strong, unique passwords that aren’t easy to guess
  • If you're unsure if you're speaking to a GMCU staff member, hang up and call us on 1800 MY GMCU (1800 694 628)
  • Don't click links or download apps or programs which seem unfamiliar or suspicious

If you believe you have accidently shared information with a scammer, change your online banking password immediately if possible, and contact us as soon as you can.

SMS One-Time Passwords (OTP’s) also provide an extra layer of protection through two-factor authentication (2FA). Even if someone knows your password, they can’t access your account without the unique code sent to you via SMS. Because OTPs are:

  • Time-sensitive (expire quickly)
  • Single-use
  • Sent only to the mobile phone number you’ve registered with us

They make it much harder for fraudsters to gain access to your account, helping to keep your money and personal information safe.

A One-Time Password (OTP) is a single use six-digit security code sent to your registered mobile phone by SMS. OTPs are commonly used as an extra layer of protection to enhance security when banking online.

You no longer need to register for OTPs - they’ll be automatically sent to the mobile number you have on file with us.

Don’t disclose this code to anyone, even GMCU staff (Tip: scammers will often impersonate bank staff to get access to your accounts).

What does the SMS One-Time Password look like?

Keeping your accounts safe

At GMCU we have systems and processes to help keep your accounts safe. Here's some of the ways we keep your money safe.

Stay safe from scams

Scam and fraud cases are a growing community concern, costing millions annually. Here's what you can do to stay safe.

Lost or stolen card?

A lost or stolen card can also be locked, cancelled and replaced at any time within our Mobile Banking App, or you can contact us.

Get help or report a scam

Worried you've been caught up in a scam? Our team are here to assist.

Frequently Asked Questions

Yes, online banking is secure when accessed through trusted platforms. We use advanced security technologies such as encryption, firewalls, and secure login processes to protect your data and transactions.

Always ensure you're accessing your account through our official website or app.

Mobile banking is protected by multiple layers of security, including:

  • Biometric authentication (fingerprint or facial recognition)
  • One-time passwords (OTP)
  • Automatic timeouts
  • Encrypted data transmission

These measures help ensure your information stays safe, even if your device is lost or stolen.

OTPs provide an extra layer of protection through two-factor authentication (2FA) within Internet Banking. Even if someone knows your password, they can’t access your account without the unique code sent to your mobile phone. Because OTPs are:

  • Time-sensitive (expire quickly)
  • Single-use
  • Sent only to your registered device

They make it much harder for fraudsters to gain access to your account, helping to keep your money and personal information safe.

If you haven’t set up OTP yet, follow these steps:

  • Log into Internet Banking
  • Click on Settings
  • Select Setup Security Options from the dropdown
  • Follow the prompts to register your mobile number

If you need assistance, please contact your local GMCU branch.

If you suspect your password has been compromised:

  • Change it immediately via your online banking or app.
  • Contact us straight away so we can monitor your account for suspicious activity.
  • Avoid using the same password across multiple services and consider using a password manager for added security.

Never share your personal or banking details unless you're absolutely sure of the source. If you receive a suspicious call, email, or SMS:

  • Do not click on any links or download attachments.
  • Do not provide any personal information.
  • Report it to us immediately so we can investigate and help protect your account.

If you're ever unsure if you're speaking to a GMCU staff member, hang up and call us on 1800 MY GMCU (1800 694 628).

We may ask you to confirm your details to:

  • Verify your identity.
  • Ensure your account security.
  • Comply with regulatory requirements.

This is safe only when done through secure channels—such as our official app, website, or when you contact us directly. If you're ever unsure, reach out to us before providing any information.

If your card is lost or stolen:

  • Immediately lock or cancel your card via our app or online banking.
  • Contact us to report the loss and request a replacement.
  • Monitor your account for any unauthorised transactions and let us know if you spot anything unusual.

Learn more about reporting a lost or stolen card here.

If you notice a transaction you didn’t make:

  • Contact us as soon as possible.
  • We’ll investigate the transaction and, if it’s found to be unauthorised and you’ve met your obligations, you won’t be held liable.
  • You may be asked to complete a dispute form to help us resolve the issue quickly.

When you finish banking through the GMCU Mobile App always logout by tapping on the logout icon in the top right-hand corner of the screen. None of the information accessed through Mobile Banking will be saved on your mobile phone. Do not save your Internet Banking password anywhere on your mobile in case of loss or theft on your mobile phone.

If your phone is lost or stolen:

  • Contact us immediately so we can help secure your account.
  • If you use our app, your banking information is protected by multiple layers of security, including biometric login and automatic logout.
  • We recommend remotely wiping your device and changing your banking passwords.

If you suspect any issues with your account, card, or online banking credentials, contact GMCU immediately. We’re here to help. You can also visit our website for more tips on staying safe online.

We recommend updating your password every 3–6 months. Choose a strong, unique password that includes a mix of letters, numbers, and symbols. Avoid using easily guessed information like birthdays or names.

We're here to help

Banking, loans, insurance and more - get in touch with us.