There have been increased reports of scammers conning Kiwis out of their hard-earned money using sophisticated means that include spoofed phone numbers and realistic dialogues that cause victims to inadvertently share bank and log-in details. This is being further supplemented by SMS messages with links to phishing websites and other scam software that is being used to collect log-in details.
New Zealand banks, CERT NZ, Consumer Protection and the Department of Internal Affairs (DIA) are urging people to be more vigilant and undertake certain safety measures to avoid falling victim to these scammers.
A recent incident saw a doctor lose $51,000 from her savings account after she clicked through on a link sent via text. The link bore the name of her bank, making her believe it was legitimate and once it led her to what looked like the bank’s home page, she proceeded to input her internet banking access code which swiftly led to the scammers accessing her account in seconds and clearing it out. She confirmed that the scammers also managed to withdraw additional money from her credit card.
Another attack that befell Children’s book author and Kiwibank customer, Malcolm Clarke, was however less successful. Clarke noted strange transactions on his account and cancelled his card. He later began to receive calls from persons claiming to be from Kiwibank and requesting his access code. They even called using an 0800 number to again ask for his passwords and security question answers. Already suspicious, he managed to not fall victim.
Netsafe’s Sean Lyons has raised concern over the incident as the scammers seemingly praised Clarke for his questioning of their trustworthiness. Lyons is advising members of the public to trust their intuition and question everything. But, first, end the call and contact your bank through other phone numbers than those provided by the likely scammer caller.
Sam Gribben, a senior analyst at Cert NZ, adds that no bank worker would request passwords, access numbers, or two-factor identification codes. He also recommends ending the call and calling the bank on legitimate phone numbers that are typically indicated on your card. He further highlighted that scammers had switched from sending out texts with links to instead requesting them to call. He said often the calls would not be answered but the scammers would later call back in an attempt to glean account details, using scripts that mimic what banks regularly use.
Cert NZ recommends that if unsure that a call is legitimate, you should hang up and call back the organisation on its official phone number. They also recommend turning on two-factor authentication (2FA) on your bank accounts and never share your passwords or authentication codes with anyone, including the bank. Also, never click on links sent via text or email that are unexpected or suspicious. Members of the public are also being asked to forward, for free, any suspicious messages to 7726, which is a service run by the DIA.
Contact Accountancy Insurance
We would love to hear from you.
About Accountancy Insurance:
Thousands of accounting firms offer our tax audit insurance solution, Audit Shield to their clients. Find out why.