How to stay safe
Checklist to avoid personal fraud
- Secure your networks and devices with anti-virus software and install a good firewall.
- Avoid using public computers or Wi-Fi hotspots to access or provide personal information.
- If someone calls you out of the blue to say your computer has a virus, just hang up. You may need to run anti spyware software to clean your computer.
- If in doubt, take your computer to a technician to be ‘cleaned’.
- Limit how much personal information you share on social network sites. Scammers can use your information and pictures to create a fake identity or to target you with a scam.
- Shred or destroy any documents containing personal information before disposing of them.
- Don’t send credit card or online account details or copies of personal documents to anyone you don’t know or trust and never by email.
- Re-direct your mail when moving house.
- If you start to receive mail for someone you don't know at your address, find out why.
- Regularly check your bank and credit card statements and chase up any that are not delivered when expected.
- Check your credit record once a year.
Phishing is a form of online identity theft that is rising significantly. Scammers send emails, phone calls or texts that pretend to be from a trustworthy source to trick you into handing over personal information, such as your banking details, your IRD number and social media passwords. It can give them free reign on both your finances and your personal identity.
You’ll be given a believable excuse for needing them such as:
- upgrading security
- doing system maintenance
- verifying your bank account details
- protecting you from fraud
- offering you a refund for a fee or a bill or a tax refund from Inland Revenue.
Hint: Banks and credit unions do sometimes contact people about suspicious activity, but they will never ask you for your PIN number or passwords.
A scammer may ask you to fill in an email form, or direct you to fill in a form on a website. The forms can look very convincing with the real logo and format used by that organisation. Website names may be similar to, but not the same as, the company's real website.
To minimise your risks of getting caught out by a phishing scam, you should:
- always check the email address of the sender
- avoid clicking on any links in the body of suspicious messages
- type out the full bank website address when you bank online
- not do online banking in public places with free Wi-Fi connections.
Scammers copy the electronic information from the magnetic strip of your credit or debit card at an ATM machine, or at a shop. It is particularly common overseas. Skimmers can be hidden in an existing legitimate card reader or a separate device that a salesperson will use to swipe the card a second time out of sight of the cardholder. Skimming can also be done wirelessly or using a thermal imaging device.
The other part of the skimming process is finding out your PIN, either by:
- using a hidden camera
- inserting a pressure sensitive pad beneath the keypad
- using a careful pair of eyes.
Ways to minimise the risk of having your card skimmed include:
- don’t let anyone walk away with your credit or debit card in a shop
- cover the keypad with one hand you enter in your PIN at an ATM, restaurant, a shop or a bar and rest your fingers on random keys to scramble any heat signature
- watch who might be around when you use your card
- use cash for minor purchases
- keep credit and debit card receipts and monitor your statements carefully.
Visit the CERT NZ website(external link) for more information.