Being safe online

In 2021, almost 9,000 cyber-crime incidents were reported in New Zealand for a total financial loss of almost $17 million. This was a 13% increase on 2020, and that number is only expected to increase each year.

At New Zealand Seniors, we take your privacy seriously and work hard to maintain it. But no matter what safeguards we have in place to protect your personal information, awareness will always be the best way to protect yourself against the rising threat of scams.

So, what is a scam?

Has someone contacted you out of the blue? Have they promised you something, or asked you to do something for them? Always consider the possibility that it may be a scam.

A scam promises things like easy money, great bargains, exclusive knowledge or a loving relationship to try and trick you out of money or steal your personal information. 

Most scams fall into the following categories:

  • Buying or selling scams trick you into sending money for fake products or services, usually through fake websites that look like the real thing or by sending you authentic-looking bills or invoices for something you never ordered.
  • Dating and romance scams take advantage of people looking for romantic partners, luring them with fake profiles and then using emotional triggers to convince them to provide money, gifts, or their personal details.
  • Fake charity scams impersonate genuine charities, asking for donations after natural disasters or other major events such as the Christchurch earthquake of 2010/11.
  • Investment scams offer an easy way to make money, presenting fake opportunities such as property or business deals, guaranteed high-returns, or gambling systems that prey on their victims’ desire to make a quick buck.
  • Jobs and employment scams trick you into paying for training or access to a guaranteed dream role that you might not have the necessary qualifications or experience for.
  • Threats and extortion scams threaten to release sensitive information about you or even threaten your life if you don’t hand over money or your personal information. These scammers often pretend to be from the police or the government.
  • Unexpected money scams give you false hope about offers of money, such as an inheritance from a distant relative or a request from a stranger who wants to move a large windfall out of their country to avoid high taxation.
  • Remote access scams convince potential victims to hand over control of their computer or other device to fix a problem, with scammers often pretending to be from your electricity or gas company, or internet or phone provider.
  • Unexpected win scams trick you into giving money or your personal information in order to receive a prize from a lottery or competition that you never entered.

Scams can be delivered via email, SMS, dating websites, social networking, instant messaging, video calls such as Skype or FaceTime, online surveys, or even a USB drive that has been posted to your address.

More on cyber security

What to do if you’ve been scammed

Even when armed with the best information, it’s still possible to fall victim to a scam. To help minimise further damage, follow these simple steps: 

  1. Cease all contact – As soon as you realise that you’ve been scammed, hang up the phone or shut down the browser window.
  2. No more payments – Don’t send any more money, especially on the promise that any lost money can be retrieved for a fee.
  3. Contact your financial institution – Ask your bank or credit union to put your accounts and credit cards on hold, or cancel them if necessary.
  4. Update your security – Change the passwords for all of your accounts and devices, using a different and unique password for each. Make sure your anti-virus software is up to date.
  5. Report it – Log details of the incident with CERT NZ to help crack down on illegal activity.
  6. Talk about it – Scammers rely on people being secretive, so telling your friends and family about the scam is one of the best ways to take action because every person you talk to will be better prepared to avoid scams in the future.

For more detailed information on what to do if you fall victim to a scam, the New Zealand government’s Consumer Protection website has a host of invaluable resources and a complete list of organisations that you can speak to.

If you’re concerned that you’ve been scammed by someone impersonating New Zealand Seniors, please contact us immediately. The sooner we know about your situation, the sooner we can take steps to minimise any damage.

Hints and tips to help protect yourself

When it comes to your online safety, always remember the following:

  • Never share your PIN, security codes or passwords with anyone.
  • Never write your password down and leave it where someone else might find it, such as on your computer or the fridge.
  • Never click on any links in unsolicited emails or text messages. Known as phishing, clicking on these fake links gives scammers access to your electronic device, allowing them to steal personal information such as passwords, bank details and credit card numbers. These links often look legitimate, but take you to a fraudulent website.
  • Be aware that the accounts of your friends or other contacts could be compromised and being controlled by a third party. Before clicking on any link, always move your mouse over the link to see where it directs. If anything looks suspicious, verify the request with the sender by contacting them directly through a different channel of communication.
  • Never reply to an email or text message that asks for your personal information. Verify any request with the sender by contacting them directly through a different communication channel.
  • Never give anyone access to your computer remotely, especially if they have contacted you out of the blue.
  • Ensure your electronic devices are secured using biometric features such as Two-Factor Authentication (thumbprint or facial recognition), and always make sure your anti-virus software is up to date.
  • Never use an obvious password, such as your birth date or your pet’s name, as a scammer can easily work these out. Consider using a password generator to create unique, complex passwords for your devices and accounts. Change your passwords regularly and don’t reuse the same password on more than one account or device.
  • Don’t store your passwords on a browser. Instead, use a password manager to store them securely.
  • Avoid connecting your electronic devices to a public Wi-Fi network. If you must use public Wi-Fi, never conduct any banking or login to websites that require your personal details as it’s much easier for scammers to steal your passwords and other sensitive information from an unsecured network.
  • Never connect a USB drive to your computer or device unless you know where it came from.
  • Be wary of phone calls from numbers that you don’t recognise.
  • Be wary of any business that requests an uncommon payment method, such as direct fund transfer, money order, pre-loaded card, wire transfer, gift cards, or cryptocurrency. Verify the request with the sender by contacting them directly through a different communication channel.
  • Be wary of new friends or romantic partners who develop strong feelings quickly, then ask for money or gifts.
  • Be wary about any offer that pressures you into making a decision.
  • If you’ve received an offer that appears too good to be true, it probably is — this could include things like high-end fashion or popular electronic devices at bargain-basement prices, or a once-in-a-lifetime return on investment.
  • If we send you an SMS or email, it will clearly identify us and provide a contact number. If you are ever in doubt about the legitimacy of a message, always go directly to our website by typing into a new browser window rather than clicking on links found in emails or elsewhere online or SMS. Please contact us directly if you’re ever unsure about any correspondence. It’s always best to safe, and not sorry.

Working together to beat scammers

According to CERT NZ’s 2019 Cyber Security Plan, making sure all Kiwis are cyber aware is one of the government’s top five priorities. This means creating a culture so that we all feel secure online, and know what to do if something goes wrong.

While it’s almost impossible to protect yourself from falling for a scam, you can significantly reduce your risk of becoming a victim by knowing how scammers work. To help educate yourself, CERT NZ and the National Cyber Security Centre (NCSC) provide comprehensive information on how to identify and avoid scams.

You can also follow CERT NZ on Twitter for up-to-date alerts.

What should I do if my personal information is impacted by a data breach?

Data breaches occur when information being held by a bank, medical facility, educational institution, government department or commercial business has their online security breached, exposing confidential records and databases to hackers and other criminals.

Hearing that your personal information has been involved in a data breach can be stressful, but you can minimise any damage by taking the following steps:

  1. Confirm – First, make sure there was a data breach. When hearing about a breach, either directly or on the news, contact the affected party directly to make sure you aren’t being targeted by a scam. One easy way to learn if any of your phone number or email address has been involved in a data breach is to use a tool like Have I Been Pwned?
  2. Scan – If your information has been exposed, scan for malware on your phone, computer and other devices to make sure they aren’t infected with a virus.
  3. Determine – Once a breach has been confirmed, work out what sensitive information has been exposed. Depending on the type of breach, this can be confirmed by contacting the breached party for more information or reading related news stories. For example, if the breach occurred at your bank, you can safely assume that your financial information (account details, identifying information, etc) is at risk and need to take steps to secure it.
  4. Reset – You will also need to change the passwords for all your online accounts, even those that may not have been involved in the breach. If any account uses your email address, name or other sensitive information to identify you, change the password.
  5. Observe – After your passwords have been changed and you’ve performed a virus scan on all devices, continue to monitor your accounts at least every few days for suspicious activity.