How to protect yourself

Keeping your personal and banking details safe is your primary defence against fraud, scams and identity theft.

Keep your passwords secure

  • Use strong, unique passwords that are at least 12–16 characters long. Use a mix of uppercase and lowercase letters, numbers, and special characters. Avoid common words, names, or predictable sequences like “123456” or “password”.
  • To make passwords easier to remember, try using passphrases. A passphrase is a sequence of words which is longer and more complex than a traditional password, making it harder for scammers to crack. You could use your favourite line from a song or an inspiring quote.
  • Use a different password for each account to prevent a single breach from compromising multiple accounts.
  • Use a password manager. A password manager can generate, store, and autofill complex passwords securely.
  • Avoid saving passwords in browsers. Browsers can be vulnerable to attacks. Use a dedicated password manager.
  • Be cautious with security questions. Don't use answers that could be easily guessed or found from public information.
  • Change compromised passwords immediately. If a service reports a breach, update your password right away.

Enable multi-factor authentication (MFA)

Multi-factor authentication (MFA) adds an extra layer of security to your accounts by requiring a second step to verify your identity. This could be a code from an authenticator app, a text message, or biometric verification like a fingerprint or facial scan. Even if someone gets your password, they won’t be able to access your account without the second factor.

There are a lot of different names for two-factor authentication. It might be called, two-step verification (2SV), multi-factor authentication (MFA) or use a term like 'security key' instead.

Learn how to set up MFA on your accounts.

Keep your details up to date

Your phone number and email address are key to keeping your account secure. They’re used to send security codes, verify your identity, and alert you to suspicious activity. If they’re outdated, you may not receive important notifications or be able to reset your password if needed.

Learn how to check and update your contact details.

Monitor your accounts

Frequently check your bank statements and online accounts for any unauthorised transactions. Report any suspicious activity immediately.

What to do if you've been scammed

Anyone can fall for a scam. If you suspect that you've been scammed, take action immediately.

24/7 support

Fraud and scam support is available around the clock. Call 0800 113 355 or +64 4 473 1133 from overseas.

0800 113 355

Take action

If you've been scammed, move quickly. See what steps to take to help reduce the impact.

I've been scammed