What is phishing?
The most common type of spam email or text message targeting New Zealand banks are phishing or suspicious emails or text messages. It could be an email or a text message with a link that asks you to disclose any of your banking information or to install software which is designed to steal your banking information or remotely control your devices.
How it works
- The sender will try to steal sensitive information by pretending to be a trustworthy organisation or person. They’ll often use a logo from the organisation they’re pretending to be from.
- They usually claim that it's necessary to update or verify your customer account information and will urge you to click on a link from the email or text message which takes you to a bogus website that could look legit and may also ask you to install some software.
- Any information entered on the bogus website will be captured by the criminals and used for fraudulent purposes.
Example: In a typical phishing attack targeting Kiwibank customers, an offender sends an email or text message that looks like it's from Kiwibank. These emails may contain official-looking logos and other information or images you'd associate with Kiwibank. They'll also contain links to replicas of the Kiwibank Internet Banking login page, where the offenders hope to trick Kiwibank customers into disclosing their internet banking details.