We'll never ask you to disclose your internet banking login details by email or by clicking on a link within an email.

The most common type of spam email targeting New Zealand banks is a phishing email, where the sender tries to steal sensitive information by pretending to be a trustworthy organisation. If you've received a phishing email, your email address was not sourced from Kiwibank.


  • If you haven't clicked on the link or submitted your details you're not at risk. Just delete the email.
  • If you're a Kiwibank customer and have clicked on a link and submitted your internet banking login details from an email, please change your password and contact us immediately.
  • We'll never ask you what your KeepSafe questions are
  • We'll never ask you for the full answers to your KeepSafe questions

Forward any suspicious emails that look like they're from Kiwibank to suspicious.email@kiwibank.co.nz

You may also be interested in