Ask Paul: Why do I have to pay to protect my credit score?

By

Dear Paul,

In December 2022, I received a phone call from Bankwest. They had received an application for a $20,000 loan in my name.

Apparently, they got my phone number from my bank, Commonwealth Bank, one of their business partners.

ask paul clitheroe why do i have to pay to protect my credit score

After this call I further investigated and discovered that more than $80,000 had been applied for in my name, at Vodafone, Latitude Finance and others. Thankfully, nothing had been funded.

I previously have had an Optus account in my name for my teen daughter's phone. Optus has denied that my details have been breached.

After the call from Bankwest, I put a block on the three credit reporting companies. Recently Equifax cancelled my block, advising I need to contact Optus (who previously denied breach). 

If I want to continue the block, I need to pay a monthly fee. Why do I have to pay to have my credit score protected from unauthorised enquiries?

Surely I should be able to have a block that I, and only I, can give access to if I apply for finance? - Kim

This is so frustrating, Kim, but I am glad that none of the loans was funded.

In this 'era of fraud', you followed rule number 1 by getting straight onto it.

In an institution's training process for its staff, the first rule they are taught is 'deny everything'.

I wrote in Money about an attempted fraud that Telstra single-handedly caused me, by giving a replacement password to a crook who had my email but no other information.

An investment company rang me about converting my shares to Bitcoin. The crook had accessed my emails, thanks to Telstra.

I called Telstra, which suggested I had given my password and details to a crook.

I let this conversation run for a while as the staff member sought to build an argument that it was my fault, until I pointed out the crook had used the Telstra chat line and the entire conversation was in writing, including Telstra handing out a replacement password, without any ID checking.

Knowing they were sprung, Telstra changed its tune very quickly and I was passed to a helpful and apologetic person on its fraud team, but your experience fits with most people's. First up, the institution, to minimise liability, tries to blame the consumer.

I appreciate your point, why can't we place a permanent ban? I'll keep pushing on this valid point, but right now about the only no-cost assistance you have is to apply for an extension.

All three credit reporting companies provide an extension if you follow this process:

  • A ban is initially valid for 21 days.
  • An extension may be provided with evidence supporting that you are, or are at risk of becoming, a victim of fraud.
  • In most cases this will require you to show that you have either a police report number or a cyber.gov.au report number.
  • You can apply for a ban extension with one agency and request it notify all other agencies.

A ban is sensible consumer protection in the 'era of fraud'.

Where we consumers do have power is as voters. Emailing our views on this to our local member can help.  Most of us think of doing this, but don't.

You'd be surprised how much weight a politician puts on even a few emails on the same issue.

We should all push for better rights against fraud that is no fault of our own.

Get stories like this in our newsletters.

Related Stories

Paul Clitheroe AM is founder and editorial adviser of Money magazine. He is one of Australia's leading financial voices, responsible for bringing financial insight to Australians through personal finance books, the Money TV show, and this publication, which he established in 1999. Paul is the chair of the Australian Government Financial Literacy Board and is chairman of InvestSMART Financial Services. He is the chair of Financial Literacy at Macquarie University where he is also a Professor with the School of Business and Economics. Ask Paul your money question. Unfortunately Paul cannot respond to questions posted in the comments section. View our disclaimer.