Yes, it's generally safe to share your BSB and account number for legitimate deposits (like getting paid), but only with trusted people/businesses for specific, secure purposes, as it allows others to potentially debit your account, so always monitor your statements and avoid sharing with unsolicited requests or over unsecured channels like unencrypted email, using alternatives like PayID or PayPal for unknown parties.
Those with malicious intent could:
To keep your information safe, we suggest only providing your BSB and account number to people you know and trust (such as family, friends or your employer etc.)
Bottom line: never share the full card number, CVV, expiration date, authentication codes (OTP/3DS), or account login credentials outside secured, verified channels. Treat billing address, ID numbers, and security-question answers as equally sensitive because they enable account takeover.
Receiving Payments – The main purpose of BSB and account numbers is to receive deposits. Employers, clients, or friends can send you money without any risk. Attempted Direct Debits – In some cases, scammers might try to use your details to set up unauthorized direct debits. While rare, it's a risk to be aware of.
If a criminal has both your routing number and account number they can potentially steal money from your account through fraudulent ACH transfers and payments.
The safest way to receive money from a stranger is to use secure tools that offer transaction protection and do not require sharing private banking details. Methods like payment links or accepting transfers through verified contact information are generally safer.
Your online banking login credentials, including your username, password, and any security questions or answers, should never be shared with anyone.
Best practices for sharing bank account information
No, someone cannot directly withdraw money from your account with just your account number. The account number alone doesn't provide enough access for someone to withdraw funds. Additional information, like security codes or personal details, is required to authorize withdrawals.
When you share your bank account number, even with reliable individuals and organisations, you expose yourself to potentially unauthorised transactions. Scammers are increasingly sophisticated and may smoothly use your account number to initiate transfers or withdrawals without your permission.
Generally, a hacker would need a combination of personal data. It includes date of birth, Identity Number, PIN, full name, address, the full card number on the front of the card, its expiry date, and CVV number at the back to make payments fraudulently with your credit or debit cards.
Be safe and always protect yourself. In the vast majority of cases, giving these details to your friend to pay you for the $50 she owes you for last night's dinner is harmless. But in the hands of the right person, in rare circumstances, a malicious actor with your BSB and account number could cause a lot of issues.
To check if your phone is hacked, look for signs like rapid battery drain, unexpected data spikes, new apps you didn't install, strange pop-ups, slow performance, or weird noises on calls, then use reputable antivirus software, check your account activity, and dial codes like *#21# to see if calls are being forwarded, taking steps like changing passwords and resetting to factory settings if needed.
Be wary of receiving unauthorised payments and double-check the stranger's identity and all the bank transfer details. Once a bank transfer is complete, it's very difficult to reverse. If possible, use a credit card or a financial platform such as PayPal that offers buyer and seller protection.
The safest ways to receive payment on Facebook Marketplace are cash for local pickups (meeting in a public place and verifying bills) or using PayPal Goods & Services (for buyer/seller protection) or Facebook Checkout (for shipped items), always confirming funds are cleared before handing over goods, and avoiding risky methods like Zelle, Venmo, checks, or PayID.
"Giving your BSB and account number to a third-party to receive or send funds is generally safe, but you should only give out banking details to organisations or people who you know have a genuine need to know this information," says Peter Marshall, Mozo's product data manager.
Banking Details You Should (Almost) Never Share
Your full credit or debit card numbers. Your complete account and routing numbers.
Yes, scammers can use your bank details to commit fraud, such as invoice scams, phishing attacks, and social engineering schemes.
Protecting your personal and bank information is very important. Remember these simple rules: Share only safe details: Bank name, branch address, routing number and codes for international transfers. Keep sensitive details private: Full account number, online login, PIN and security answers.
Scammers use email or text messages to try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could get access to your email, bank, or other accounts.
Complying with the Red Flags Rules
These may include, for example, unusual account activity, fraud alerts on a consumer report, or attempted use of suspicious account application documents.
Credit and debit cards may offer some protections that can help you recover your money for purchases you don't receive. If you pay with a credit card, your bank will likely reimburse you if you don't receive the goods. If you pay with a debit card, your bank will try to recover your money from the scammer's bank.
Other Best Practices for Sharing Bank Details
Cash App generally does not reverse Cash App-to-Cash App payments. However, if a scam is reported and verified through a chargeback or support claim, users may receive a refund. Cash App encourages users to send money only to people they trust.