Protect your business.
Discover ways your business and employees can stay protected from fraud and scams.
Internet safety tips for business.
- Keep operating systems and software up to date on all devices.
- Keep data safe by implementing backup procedures.
- Implement strong access and password controls.
- Implement processes for verifying payments.
- Regularly review procedures and controls to ensure they remain effective.
- Educate your staff on the latest scams.
- Have a response plan for cybersecurity incidents.
Common fraud and scams affecting businesses.
Business email compromise (BEC)
These involve a hacker gaining access to a business email account and all its information. From there, they can use the email account to carry out a range of fraud, scams and cyberattacks.
Impersonations
Scammers use social engineering to gain information from businesses that will allow them to commit fraud against the business and their clients. It’s important that staff stop and consider all requests before actioning them.
Phishing
This is the sending of fake emails and text messages with embedded links or attachments that take the user to malicious sites or prompt malware to be installed. Criminals use phishing to steal personal information and/or banking details and commit fraud.
Counterfeit currency
New Zealand bank notes have unique features that can help identify them as genuine currency. Counterfeit currency may be presented to or unknowingly accepted by a business. Ensure employees who handle cash are familiar with the features of genuine notes.
Merchant fraud
Businesses can be targeted by fraudsters wanting to use credit cards to get cash or buy high value items. There are a few simple ways you can ensure your merchant facilities are only used for genuine activity and to help protect your business from fraud.
- Our Merchant Operating Guide has common fraud scenarios and strategies to help protect our customers from fraud. See our Merchant Guide.
- Our Merchant Services Agreement (MSA) sets out the requirements for processing payments safely.
Cybersecurity for businesses
Criminals use an array of online or electronic means to access, acquire or modify restricted data. Most fraud and scams these days have a cyber component to them. See Cyber Response Playbook
Visit ownyouronline.govt.nz for more information on protecting your business from cybercrime.
Report a scam.
Talk to us
If you believe you've been targeted by a scam, or any kind of fraud, contact us immediately. From overseas call +64 9 912 8000.
Email us
If you’ve received a suspicious email forward it to our dedicated phishing inbox.
Report to other agencies
Once you have spoken to us, you should report scams to other agencies so that they can take steps to prevent other people being targeted by them and losing money.
- Report online fraud and scams to Netsafe
- Report cybersecurity issues to CERT NZ
- Report investment scams to The Financial Markets Authority
- If you've been impacted by a scam or fraud, IDCARE provide specialist aftercare support.
Things you should know.
Payments that you authorise yourself are generally not considered fraudulent. It’s likely that you will be liable for any losses incurred and it can be difficult to recover the money once the payment has been made. Take care when making payments and ensure you take steps to protect yourself from scams. If you believe you have been targeted by a scam, contact your bank immediately.