Ministry of Economic Development Home| Contact MED|

Go to home page - Ministry of Consumer Affairs Home | Useful Links | Contact Us | Site Map | Access Keys | News | Media Centre Koru Graphic
[To this page's content]
About Us Consumer Information Business Information Policy, Law & Research Measurement Product Safety SCAMwatch Publications Education
 Location: SCAMwatch > Protect Yourself  > Banking Fraud and Phishing Page updated: 14-11-2008 Search   
Welcome to SCAMwatch
About SCAMwatch
SCAM Alerts
I've Been Scammed, What Should I Do?
Protect Yourself
Know the Scams
Protect Others
Report a Scam form
Anti-Scam - Useful links
Fraud Awareness Initiatives
Fraud Awareness Week 2009
2 - 9 March
Banking Fraud and Phishing

Scams target you: protect yourself. This Topic Includes:

Related Topics

Know the scammer's secrets
Know what to do
Know the law
Know the scams

including Credit Card Scams, Credit Card Skimming, Phoney Fraud Alerts

The Set-Up

You receive an email, asking you to update your account details.

The Hook

It looks genuine. You type in your PIN number and password.

The Sting

You have just given scammers access to your money and your financial identity. They will take both.
 


You receive an email from what appears to be a bank or financial institution, giving some reason why you need to confirm your account details into a return email or website. A false Internet Banking log on page could appear (which is a replica of an existing legitimate business and site) and account information may be captured if details are entered. These details are then used to steal your money.

This is phishing (also called carding or brand spoofing) - fishing down the phone line - trying to get your bank account numbers, passwords and credit card numbers.

These emails often ask for information such as credit card numbers, bank account information and passwords that will be used to commit fraud.

These hoax emails can look genuine, using the company's logo and format, and a link which leads to a website that seems genuine, but isn't.  Emails from genuine banks don't include links.

The name of the website will be similar to, but not the same as, the bank's real website. Instead of www.bank.co.nz, the email will link to a site called something like 'www.bank.co.nz.log107.biz' or 'www.scamcentral/bank.co.nz/login'.

Most phishing emails you receive will be from scammers that say they are banks and often you are not a customer at these banks, because these emails go out in huge waves to millions of email addresses. The scammers are hoping to hit real customers of that particular bank.

They probably do not use your proper name.

There are often mistakes in spelling and grammar.

Their reasons for the email:

  • upgrading security
  • system maintenance
  • to 'verify' your account
  • to protect you from fraud
  • to offer you a refund for a fee or bill.

A bank or financial institution will never ask for your password or PIN: whether by phone, email, mail or door-to-door. If someone claims to be from the bank and asks you for your password or PIN, it is a scam.

Back to top

Variations:

Credit Card Scams

Scammers ask for your credit card details, because all they need to start running up bills on your account is the name on the card, the number, the expiry date and possibly the security code on the back. To get these details they may use hidden spyware on your computer; they may use phishing emails or phone calls; or they may even try card skimming to copy the information on your credit card's magnetic strip.

Phoney Fraud Alert

You will be told, by phone or email, that your account has been cancelled because of criminal activity or they suspect your account details have been stolen. The bank needs your details so they can 'investigate'. They may sound authoritative, and they may even have your credit card number already. What they want is your password to unlock your account. Don't give it to them. This fraud works because banks and credit unions do sometimes contact people about suspicious activity: but they will never ask for your passwords.

Card Skimming

Scammers 'skim' your cards, copying the electronic information from their magnetic strip. Once they have your information they can 'clone' your card and access your accounts.

Back to top

Stay Safe

Keep your ATM and account details, PINs and passwords secret and safe.

Check your account statements and credit card bill to make sure no-one is accessing your accounts.

Don't share your PIN with anyone.

Use difficult passwords that cannot be guessed.

Don't give your account details to anyone you do not know or trust.

Don't give out details over the phone unless you made the call and you definitely trust that the number you called is genuine.

Don't open suspicious or unsolicited emails (known as spam). Delete them.

Don't respond to these emails in any way. Don't reply. Never click on any links in a spam email, or open any files attached to them, or call a number included in the email.

Never visit your bank's website by clicking on a link. It can activate all kinds of hidden programmes. Type in the website address yourself.

Check the website address carefully. It may be similar to your bank's, or paypal's, but not quite right.

Never enter your personal details into a website unless you are sure it is genuine.

Never send your personal details or accounts or passwords in an email. Email is a very insecure system.

If you receive a call, ask for a name and number so you can call them back. Check that number against a number you know to be genuine.

If, despite everything, you think the email may be genuine, call the institution, using a number you know to be genuine. Ask their advice. Do not use the number listed in the suspicious email, unless you know it is the right one. The scammers may have used it to add to the email's false sense of legitimacy.

Don't buy anything over the internet using your credit card details unless you know and trust the business. Ensure that if you make a payment to a trader via the internet that the payment page is secure, normally demonstrated by a padlock symbol somewhere on the page, and that the website address starts with 'https://'. The 's' stands for secure.

Don't use software on your computer that fills in forms for you.

Keep safe from credit card skimming. This is the type of fraud that copies the contents of your card's magnetic strip. Never let your card out of your sight at a store, say 'no' to requests to swipe your card through more than one machine, and if an ATM has a suspicious device attached to its card slot, don't use it (and report it immediately). If you think your card has been skimmed, or you notice unexpected items on your credit card statement, contact your bank immediately.

Order a credit report every year to make sure no-one is using your name to borrow money or run up debts.

Back to top

Help Keep Others Safe:

If you have received this kind of scam letter, email, phone call or experience, please share your story here. We will treat your email in the strictest confidence and remove your personal details before posting your story on our site.

Back to top



Home | Useful Links | Contact Us | Site Map | Search | Access Keys | News | Media Centre
Publications | About Us | Consumer Info | Business Info
SCAMwatch | Product Safety | Measurement | Policy, Law & Research | Education

The Ministry of Consumer Affairs is an operating branch of the Ministry of Economic Development. govt.nz - connecting you to New Zealand central & local government services Disclaimer Privacy and Copyright Statement

This site uses cookies to track and analyse usage.