Protect yourself from online theft

Follow our simple tips to stay safe online

Most online fraud happens when someone gathers enough information to pretend they are you. They might steal your mobile device and get information off it. They could contact you with an offer that sounds too good to be true, or ask you to urgently provide details to avoid a major problem, such as your account being locked. Some will send you an email that includes a link to a website or login page that looks exactly like the real thing, but lets them collect the information you enter.

Tips for keeping your identity safe

These tips will help you avoid being a target for fraudsters if you have a mobile device where you use or store your credit card or personal details online:

  • Set a password (not something easy to guess like 1234) on your phone, laptop, or tablet and keep them locked when not in use.
  • If your phone is lost or stolen, tell us straight away - call 0800 800 021 or +64 9 355 2007 from overseas.
  • Never share your passwords or PIN numbers and make sure they’re not easy to guess.
  • Set up a PIN for your voicemail, so only you can access it.
  • Be cautious with personal information on social networking sites, like Facebook or chat rooms. If possible, remove your date of birth and address from your page. Ensure that you have adequate privacy settings for your Facebook profile.
  • Don’t give anyone your personal details, unless you’re very sure you know who they are. Just because someone says they’re from your bank doesn’t mean it’s true.
  • Selling your phone? Do a factory reset to remove all your personal data first - find out how in your phone’s user guide.
  • Think you’ve been the victim of a scam or fraud? Contact your bank and put a stop on your credit card, tell your local police, and change the passwords and PIN numbers on all your bank accounts.
  • Buying online? Make sure the site address starts with HTTPS. This means the website is secure and your personal details and credit card details will be kept secure.
  • Lost or stolen device? Hop onto a PC and change all your passwords of the apps that have auto logins, for example Facebook, Email, Twitter. This will prevent the person who picks up your device from accessing these apps and potentially hacking into your personal details

How to spot a scam

If something seems too good to be true, it usually is. Delete or ignore it. And if somebody is asking for important information (usernames, passwords, bank account details) don’t reveal a thing. Scams can arrive by phone, email, in the post or in person. You have every right to be highly suspicious of unexpected communications.

Watch out for phishing

One of the most common scams you'll come across online or on your mobile is 'phishing'.

Indicators of a phishing scam

  • A phishing scam usually begins with an email that looks like it's from a genuine business - like a bank or phone company
  • Email addresses are odd. For example, the email appears to be from Vodafone, but doesn’t end with
  • Spelling is often poor and you may not be addressed personally (Dear Sir/Madam instead of your name)
  • It might ask for personal details - like usernames, passwords and PINs - and will often ask you to take urgent action
  • There's normally a link to click on, which takes you to a fake website. The web address may contain the name of the business but it will not be in the proper format for the business website
  • If you click on the link, you’ll then be asked for personal details that no credible business or organisation would ever ask for. Remember that the businesses you’ve signed up with already have your details, so they don’t need to ask for it again
  • Never enter and submit your details into a form like this. It will lead to your identity being ‘stolen’, which could result in money being taken from your bank accounts
  • Phishing is sometimes done via TXT message – you might be asked to click on a link or call a number. Delete the message, never phone that number (you could be charged a lot of money) and never click on the web link – it could infect your device with a virus
  • Some emails come with an attachment. Do not open the attachment as it could contain a virus that could damage your computer.

What to do if you’re being phished

If you receive a phishing email or a TXT, do not reply, do not click on the link and definitely do not provide any of your personal details. A reputable business will never ask you for your PIN or password by TXT or email.