Payments that you authorise yourself are generally not considered fraudulent. It’s likely that you'll be liable for any losses incurred and it can be difficult to recover the money once the payment has been made. Take care when making payments and ensure you take steps to protect yourself from scams.  If you believe you've been targeted by a scam, contact us immediately.

Remote access scams.

Remote access scams are used to gain access to someone’s computer or device, to collect personal information and access their bank accounts.

The victim usually receives a call from someone claiming to be from a well-known business such as an internet company, bank or government agency, and asks them to download software to allow the caller access to their computer or device from another location.

The caller will have a believable story for this request. For example, they may advise that there is something wrong with the computer, that the network connectivity is slow or claim that the victim’s bank account has been hacked.

The caller may request their credit card details to pay for this service and/or gain access to their bank accounts and make fraudulent payments.

The caller often sounds professional, however they'll apply increasing pressure on the victim to comply with their requests.  ​​​​

These types of scams are increasing as criminals try and find ways to get past banks' sophisticated fraud detection systems.

Dating and romance scams.

These involve a scammer claiming to be looking for love and/or a relationship. Scammers will steal images off social media and dating apps to build a believable and likeable character.

They take advantage of people looking for a romantic partner, friendship or relationship, by building up their trust and requesting access to their personal information or money. 

The victim will usually be asked to send funds to the scammer, with the payment frequency and amounts increasing over time. The scammer will always have a good reason for needing the funds, such as to help a sick family member, pay an outstanding bill or assist with immigration or visa issues.

These types of scams can also escalate to the victim knowingly or unknowingly conducting illegal activities such as moving drugs or money across borders or laundering money.

Victims in these types of scams will often have a huge emotional investment in the person they believe they're communicating with, and it can be very distressing for them to learn that the relationship isn't real.

Business email compromises and invoice fraud.

Business email compromises (BEC) involve a hacker getting access to a business email account and all its information. From there, they can use the information and the email account to carry out a range of fraud, scams and cyberattacks. Email account compromises occur frequently in New Zealand and can result in high financial losses for affected businesses and their clients, as well as reputational damage.

One common type of fraud connected to BEC is invoice fraud, where the hacker alters the bank account number on a genuine invoice, emails the false documents to the business’ customers, and requests payments be made to the fraudulent account. This can be highly successful because the customer was expecting the invoice as they had a relationship with that business (which the hacker knew from monitoring the email account).

Investment scams.

Scammers will often try and convince someone to pay large amounts to "invest" with the promise of high returns. They'll often pitch these fake investment opportunities as being low risk as well.  The types of investments offered vary and could include shares, real estate, bonds, mortgages, options, foreign currency trading, cryptocurrency, betting syndicates, prediction software or investment apps.

Scammers will often claim to be financial advisors or investment experts, or claim to have made large profits investing in the scheme themselves. They may even create legitimate looking fake websites and prospectus documents or use celebrities' names and pictures to endorse their schemes.

Mobile porting and SIM swapping.

These processes are used legitimately to switch phone providers or activate a new SIM but keep an existing phone number. The same process is used by criminals to hijack the victim’s phone number, so they can receive verification codes for payments, or password resets for online banking.

The criminals normally start by harvesting personal information and contact details using a range of methods including social engineering, phishing and hacking emails or devices.

Mobile Porting:  Once they've obtained the information, the criminal will then contact a different phone company to set up an account and have the mobile number ported over to that provider. 

SIM Swapping:  Once they've obtained the information, they will then contact the existing phone company and request that a new SIM is activated with the existing mobile number, swapping the SIM which, deactivates the old SIM.

The criminal can then receive all verification codes for payments, or password resets for online banking and access the customer's bank accounts. ​​​​​​​​​​​​​​

Identity theft.

This involves stealing someone's personal and/or financial information and assuming their identity for financial gain or other dishonest purposes, such as:​​​​​​​

  • Applying for credit.
  • Conducting fraudulent transactions.
  • Laundering money​​​​​​​.


This consists of fake emails and text messages, pretending to be from banks, well known businesses and government agencies. Embedded links or attachments go to malicious sites or prompt malware to be installed, which will be used to steal the recipient’s personal information and/or banking details.

Buying and selling scams.

Scammers can pose as both buyers and sellers, to try and scam you out of money or items you might be looking to sell or buy online.

Buyers may be tricked into paying for a product or service that doesn't exist or is never delivered.

Sellers may be tricked into believing the buyer has paid in full, however you later find the money was not paid into your account.

Employment or job scams.

Scammers sometimes use employment or recruitment scams to move illicit funds and steal personal information to commit further fraud. They'll usually advertise a job online, sometimes through legitimate recruitment sites. They may also advertise on social media or contact people by messaging apps or email.

The job usually involves the victim using their personal accounts to send and receive money. While this may seem like an easy way to earn money, the scammers are using this person to launder their illicit funds. This can have serious consequences for anyone involved.

This type of scam can also be used to gain access to a lot of the victim's personal information such as identity details, employment history, tax information and bank account details and commit further fraud against them.

Unexpected money scams.

Scammers contact people and tell them they're eligible for a large sum of money like an inheritance or a lottery win however, you need to make an upfront payment before it's released. They may say there's outstanding tax or legal fees to be paid.

You may also be asked to supply personal information or identification documents.

Threat and penalty scams.

These may also be referred to as extortion and happen when scammers contact people and claim to be from the police, another government agency, or a business, and threaten to take severe action or fine them unless they make payments or give out personal information.

Special deal scams.

Scammers are known to advertise special deals and giveaways online, particularly on social media.  The  online ads offer items for really low prices for example, $3 for a Smeg kettle, $2.99 for an iPad or $2 for a Dyson vacuum cleaner. Often victims are asked to complete a survey and will be asked for personal and/or credit card details.

Charity scams.

Scammers use current events to take advantage of other people's generosity and will often disguise their attempts to steal money with fundraising for charitable causes. For example, natural disasters or the COVID-19 pandemic.

They may pretend to be from a legitimate charity or from one that doesn't exist at all. They may often put malicious links in emails or text messages or use crowdfunding platforms with no intention of using the money for its stated purpose. They may approach you in person or call you on the phone and try to pressure you into making a donation.

If you would like to donate money, you need to take care and ensure the charity or fundraiser is legitimate.


Scammers use social engineering to gain information from people or businesses that will allow them to commit fraud against the company and their clients. One way they do this is by calling and claiming to be from your bank or another business or government agency. They may have a believable story to convince people to give their information – but it’s important that you stop and consider all requests before actioning them. 

Online shopping.

Online shopping is fast, convenient and a great way to avoid the crowds, but there are a few things we recommend to avoid getting duped or landing your credit card details in the wrong hands.

Report a scam.

Email us

If you believe you have received a suspicious email, you can forward it to us. 


Talk to us

Need further help?

Call 0800 400 600

Report to other agencies

Once you have spoken to us, you should report scams to other agencies so that they can take steps to prevent other people being targeted by them and losing money.