Homepage Ways to bank Safety and security

Types of fraud & scams.

Read about the different types of scams and how to avoid them.

Remember:

Payments that you authorise yourself are generally not considered fraudulent. It’s likely that you'll be liable for any losses incurred and it can be difficult to recover the money once the payment has been made. Take care when making payments and ensure you take steps to protect yourself from scams.  If you believe you've been targeted by a scam, contact us immediately.

Various types of frauds and scams are on the rise. To help New Zealanders stay safe, Westpac maintains a list of latest scams and frauds.

Business and government impersonations.

Scammers use different ways to gain information from people or businesses that will help them to commit fraud. One way they do this is by calling and claiming to be from your bank or another business or government agency. They may have a believable story to convince you to give your information but it’s important that you stop and consider all requests before doing anything. 

Remember, we’ll never…

  • Ask for your online banking password or card PINs.
  • Ask you to move money to another account to keep it safe or help us catch criminals or hackers.
  • Ask you for remote access or to download software like Anydesk or Team Viewer.
  • Ask you to withdraw cash to ‘keep it safe’.
  • Come to your home, or send a courier or security, to pick up cards or cash.

For businesses

  • Ensure your staff are aware of this type of fraud and understand how it works so they can identify it, avoid it and report it.
  • Create processes to verify callers before providing sensitive information.
  • Keep systems and anti-virus/spyware up to date and always use multi-factor authentication for any remote access to your system.

Business email and invoice fraud.

Business email compromises (BEC) involve a hacker getting access to a business email account and all its information. From there, they can use the information and the email account to carry out a range of fraud, scams and cyberattacks. Email account compromises occur frequently in New Zealand and can result in high financial losses for affected businesses and their clients, as well as reputational damage.

One common type of fraud connected to BEC is invoice fraud, where the hacker alters the bank account number on a genuine invoice, emails the false documents to the business’ customers, and requests payments be made to the fraudulent account. This can be highly successful because the customer was expecting the invoice as they had a relationship with that business (which the hacker knew from monitoring the email account).

Buying and selling scams.

Scammers can pose as both buyers and sellers, to try and scam you out of money or items you might be looking to sell or buy online.

Buyers may be tricked into paying for a product or service that doesn't exist or is never delivered.

Sellers may be tricked into believing the buyer has paid in full, however you later find the money was not paid into your account.

Charity scams.

Scammers use current events to take advantage of other people's generosity and will often disguise their attempts to steal money with fundraising for charitable causes. For example, natural disasters or the COVID-19 pandemic.

They may pretend to be from a legitimate charity or from one that doesn't exist at all. They may often put malicious links in emails or text messages or use crowdfunding platforms with no intention of using the money for its stated purpose. They may approach you in person or call you on the phone and try to pressure you into making a donation.

If you would like to donate money, you need to take care and ensure the charity or fundraiser is legitimate.

Employment or job scams.

Scammers sometimes use employment or recruitment scams to move illicit funds and steal personal information to commit further fraud. They'll usually advertise a job online, sometimes through legitimate recruitment sites. They may also advertise on social media or contact people by messaging apps or email.

The job usually involves the victim using their personal accounts to send and receive money. While this may seem like an easy way to earn money, the scammers are using this person to launder their illicit funds. This can have serious consequences for anyone involved.

This type of scam can also be used to gain access to a lot of the victim's personal information such as identity details, employment history, tax information and bank account details and commit further fraud against them.

Identity theft.

This involves stealing someone's personal and/or financial information and assuming their identity for financial gain or other dishonest purposes, such as:​​​​​​​

  • Applying for credit.
  • Conducting fraudulent transactions.
  • Laundering money​​​​​​​.

Investment scams.

Investment scams are on the rise. Many of these scams start with a cold call, an online advert or a message on social media. Scam websites can also show up when someone is searching for investment opportunities online and will often have an online form to capture contact details and other personal information.

This will lead to contact from a scammer claiming to be a broker, account manager or financial advisor who is eager to help you invest. They may claim to have made large profits investing in the scheme themselves. Later, when the victim tries to withdraw their investment, they find they can’t, and may even be asked to pay more to access funds.

These scams can result in huge financial loss and in many cases the funds are unrecoverable. They can also be hard to spot. Scammers often sound professional. Sometimes they will claim the investment is low risk and promise high returns. But often, returns or interest rates promised may be only slightly better than market rates.

They also create legitimate looking fake websites, investment or prospectus documents or use celebrities' names and pictures to endorse their schemes. They may even ask for ID and address documents, pretending to collect this information for legal reasons.

The types of investments offered vary and could include cryptocurrency, term deposits, shares, real estate, bonds, options, foreign currency trading, betting syndicates, prediction software or investment apps.

Scams involving cryptocurrency and fake products (like term deposits) from scammers pretending to be from legitimate financial service providers (such as banks) are common.

Mobile porting and SIM swapping.

These processes are used legitimately to switch phone providers or activate a new SIM but keep an existing phone number. The same process is used by criminals to hijack the victim’s phone number, so they can receive verification codes for payments, or password resets for online banking.

The criminals normally start by harvesting personal information and contact details using a range of methods including social engineering, phishing and hacking emails or devices.

Mobile Porting:  Once they've obtained the information, the criminal will then contact a different phone company to set up an account and have the mobile number ported over to that provider. 

SIM Swapping:  Once they've obtained the information, they will then contact the existing phone company and request that a new SIM is activated with the existing mobile number, swapping the SIM which, deactivates the old SIM.

The criminal can then receive all verification codes for payments, or password resets for online banking and access the customer's bank accounts. ​​​​​​​​​​​​​​

Online shopping.

Online shopping is fast, convenient and a great way to avoid the crowds, but there are a few things we recommend to avoid getting duped or landing your credit card details in the wrong hands.

Phishing.

This consists of fake emails and text messages, pretending to be from banks, well known businesses and government agencies. Embedded links or attachments go to malicious sites or prompt malware to be installed, which will be used to steal the recipient’s personal information and/or banking details.

Recovery room scams.

Scammed, then scammed again.

Also known as "Recovery room" scams, scammers claim to be experts who can help scam victims recover lost funds. These scams might be carried out by the same scammers that originally targeted the person, or by someone else entirely. They know that the victims have lost a lot of money and that they’re desperate to get it back. The scammers promise that they can recover the funds, but require payment to do so, convincing the victims to send even more money which just increases their financial losses.

How recovery room scams work.

Scammers may have professional looking websites, social media posts or online adverts that people come across when they are trying to get their money back. Or they might contact scam victims directly, having scammed them previously or by getting their details from other scammers.

Scammers often claim they are specialists with the ability to recover money that the bank hasn’t been able to. They may say they work with Police or overseas law enforcement agencies, government authorities or financial regulators. This is never true.

They will usually ask the victim for an upfront fee, to make a payment to ‘release’ the funds or to pay tax/commission on the return. Victims may also be asked to download remote access software, pay to set up a cryptocurrency account for receiving the funds, and to lie to the bank about the transactions they’re making.

Relationship scams.

These involve a scammer claiming to be looking for love and/or a relationship. Scammers will steal images off social media and dating apps to build a believable and likeable character.

They take advantage of people looking for a romantic partner, friendship or relationship, by building up their trust and requesting access to their personal information or money. 

The victim will usually be asked to send funds to the scammer, with the payment frequency and amounts increasing over time. The scammer will always have a good reason for needing the funds, such as to help a sick family member, pay an outstanding bill or assist with immigration or visa issues.

These types of scams can also escalate to the victim knowingly or unknowingly conducting illegal activities such as moving drugs or money across borders or laundering money.

Victims in these types of scams will often have a huge emotional investment in the person they believe they're communicating with, and it can be very distressing for them to learn that the relationship isn't real.

Remote access scams.

Remote access scams are used to gain access to someone’s computer or device, to collect personal information and access their bank accounts.

The victim usually receives a call from someone claiming to be from a well-known business such as an internet company, bank or government agency, and asks them to download software to allow the caller access to their computer or device from another location.

The caller will have a believable story for this request. For example, they may advise that there is something wrong with the computer, that the network connectivity is slow or claim that the victim’s bank account has been hacked.

The caller may request their credit card details to pay for this service and/or gain access to their bank accounts and make fraudulent payments.

The caller often sounds professional, however they'll apply increasing pressure on the victim to comply with their requests.  ​​​​

These types of scams are increasing as criminals try and find ways to get past banks' sophisticated fraud detection systems.

Sextortion.

Sextortion involves scammers reaching out and forming relationships with people on social media platforms like Snapchat, Discord or Wizz and later moving the conversation onto other platforms that display friends and family profile details.

Scammers use specific profiles so they appear to be around the same age as the victim and of the opposite sex. They often begin by reaching out for a friend request and then move the conversation to a platform such as Instagram where they can view the victim’s contacts. They then send the victim an intimate image and encourage them to take part in video chats or sharing their own intimate pictures. Screenshots are taken of intimate images and videos are recorded.

As soon as an intimate image or video has been shared the victim is told they have been recorded and that the recording or pictures will be shared online or with their friends and family unless a ransom is paid immediately. The scammers apply pressure to the victim and tell them the image will be deleted as soon as they pay. However, this is not the case. They will keep demanding more money.

Special deal scams.

Scammers are known to advertise special deals and giveaways online, particularly on social media.  The  online ads offer items for really low prices for example, $3 for a Smeg kettle, $2.99 for an iPad or $2 for a Dyson vacuum cleaner. Often victims are asked to complete a survey and will be asked for personal and/or credit card details.

Threat and penalty scams.

Scammers are contacting people and claiming to be from Police, another government agency or business and using threats to get money and personal information. Recently they have been posing as employees from the Chinese Embassy and/or Chinese or Hong Kong Police.

Usually, they accuse people of a crime or of having unpaid fines or fees and demand a payment. They’ll threaten arrest, visa cancellation or deportation if the victim doesn’t comply.

Scammers even dress up in police uniforms and provide fake arrest warrants or other documents to convince people.

Unexpected money scams.

Scammers contact people and tell them they're eligible for a large sum of money like an inheritance or a lottery win however, you need to make an upfront payment before it's released. They may say there's outstanding tax or legal fees to be paid.

You may also be asked to supply personal information or identification documents.

Report a scam.

Email us

If you believe you have received a suspicious email, you can forward it to us. 

Email phishing@westpac.co.nz

Talk to us

Need further help?

Call 0800 400 600

Report to other agencies

Once you have spoken to us, you should report scams to other agencies so that they can take steps to prevent other people being targeted by them and losing money.