We will never include a link to take you to our online banking login page – we will always ask you to login through our website.
We will never send an email (or phone you) and ask for your password (or PIN) or bank account details
Often the emails will contain numerous grammatical errors
If we email you about an important issue you’ll be able to find details on our website, and if you have any doubts you can call us to check things out.
How can you tell if a website is a hoax?
The Online Banking home page address (URL) is:
https://sec.westpac.co.nz/IOLB/Login.jsp.
If you are ever at a site with a login page that differs in anyway you are not at the Westpac Online banking login page (refer image 1 below).
Westpac uses extended validation certificates (EV). If you are running a reasonably new browser this will display the organisation information associated with the certificate. It should read Westpac New Zealand Limited (NZ) either to the left or right of the home page address (refer image 1 below).
Image 1 – Firefox browser showing the organisational information to the left of the Online Banking homepage URL.
What to do if you receive a phishing email
If you believe you have received a phishing scam email, follow the following steps:
do not click on the link contained in the email
do not reply to the email
report the phishing scam (see above)
delete the email
update and perform an anti-virus scan on your computer
update and perform an anti-spyware scan on your computer
The information on this page is presented subject to our legal page and any other terms and conditions that Westpac may impose from time to time. It is subject to change without notification.
