Always be wary about what information you share over the internet, and protect yourself as much as possible from the many types of online fraud.
Phishing is a type of spam email where the sender tries to steal sensitive information by pretending to be a trustworthy organisation.
In a typical phishing attack targeting Kiwibank, an offender sends an email that looks like it's from Kiwibank. These emails will often contain official-looking logos and other information and images you'd associate with Kiwibank. They'll also contain links to replicas of the Kiwibank Internet Banking login page, where the offenders hope to trick Kiwibank customers into disclosing their internet banking details.
Anyone with an internet connection and limited skills can launch an attack like this, targeting any organisation anywhere in the world.
Spammers gather email addresses from a variety of sources like web pages, news pages, social networking sites, and guess work. These email address lists are then traded over the internet.
Here's an example of a hoax email:
If you've received a phishing email, your email address was not sourced from Kiwibank.
We recommend you never reply to any spam or phishing emails. Replying to these emails will confirm to the offenders that they have a valid email address; this is likely to result in a flood of spam emails in future.
Although we can’t prevent these phishing emails being sent, we do everything we can to reduce the effectiveness of these scams. We work with a company called PhishLabs to have the fake sites shut down as quickly as possible. PhishLabs are world leaders in online fraud prevention and protect millions of consumers around the world from phishing, malware, and other types of online attacks.
Please make sure you forward any Kiwibank related phishing emails you receive to us for investigation.
Spyware is programming that is put in a computer secretly, to gather information about the user, which is then passed onto advertisers or other interested parties.
A Trojan enters your computer undetected, giving whoever planted the Trojan unrestricted access to the data stored on your computer. Trojans can transmit credit card information and other confidential data even if you're not accessing that data at the time. Trojans can be sent either as an email, spam mail, attachment, or embedded in a web page.
A computer virus is passed from computer to computer like a biological virus passes from person to person. Viruses are commonly transferred by email. Most computer fraud programmes are passed on by a virus.
A worm is a computer programme that has the ability to copy itself from machine to machine. Worms normally move around and infect other machines through computer networks. Using a network, a worm can expand incredibly quickly.
This is when a 'job' is listed on an employment website or emailed to you, saying all you need to do is to have a bank account to accept money transfers, then forward the money on to a company based overseas. You'll get commission for doing this, which will be a percentage of the total amount transferred to your account.
The money is almost always from another New Zealand bank account, being transferred without the account holder's knowledge or permission. It's likely the account holder has been the victim of a phishing scam or had some type of malicious spyware installed on their computer.
The consequence of receiving and transferring this money, which is effectively stolen, is that you may be held liable for the funds, and investigated by the police.
How to protect yourself
Selling your unwanted items online is convenient, but it can open you up to risk.
A common online trading scam involves criminals based overseas using fake traveller's cheques, bank drafts or foreign cheques to pay for an item. The cheque or draft may be made out for much more than the agreed price. They'll ask you to send the excess amount back to them.
It can take a long time for banks to confirm whether or not a cheque or draft is counterfeit - especially when it's come from overseas (the USA allows up to seven years to dishonour a cheque deposited into a New Zealand bank account).
So your bank will usually allow you access to the funds before they know if the item is counterfeit. If the item is dishonoured and you've returned the excess funds to the sender, you'll be held liable for the entire amount.
How to protect yourself
Online dating scams are becoming more common. Offenders may approach you in a number of ways - chat rooms, social networking sites, unsolicited emails or dating websites.
They'll build up a relationship of trust with you, then eventually ask for some type of financial help. Usually, they'll ask you to send money to pay for airfares for them to visit you, or they'll send you a fraudulent international cheque, and ask you to cash it and send it back to them. If you do this and the cheque dishonours, you'll be liable to pay for it.
How to protect yourself