To avoid the fraudulent activity of other
people, it is important to be aware of the types of fraud that are
happening. We have listed some recent
examples
of fraud below. A good rule to remember is, if an offer seems
too good to be true, it probably is.
The following guidelines
will help you avoid being affected by fraudulent activity
- Do not provide your name, bank account,
passport, birth certificate or any personal details to anyone, other
than for legitimate purposes.
- It is important that you always type
the address of the website you want to visit into the address bar
of your browser. Doing this, rather than clicking on links in an
email, ensures that you go to the website you intended to visit.
- Always type www.bnz.co.nz into the address
bar, or use your bookmarks or favourites, to visit Bank of New Zealand's
website.
- Use anti-virus
software, and
update the software's virus definitions frequently
- Install a personal firewall
on your computer.
- Always be cautious of any
unsolicited email from an unknown source. If the email contains any
offer that appears too good to be true or is purporting to be from
a Bank or other institution, do not follow any instructions within
the email. Do not open any attachments, click on any links, or visit
any website mentioned in the email.
- Be cautious when using a computer
in public places such as Internet cafes. Check that their anti-virus
software and firewalls are up to date. Do not leave the screen idle
for long periods or leave the computer unattended at any time, particularly
if you are doing your internet banking.
- Ensure your contact details with us are up to date to ensure your
statements don't fall into the wrong hands and we can get hold
of you if we suspect there could be fraudulent
activity on your account.
If you receive an email, letter, or telephone
call about your Bank of New Zealand accounts, and have
any concerns about its authenticity please call our Customer Solutions
Advisors on 0800 2400 00 or +64 4 801 2400
from overseas - international toll charges apply.
back
to top
Credit card fraud
Credit card fraud is one of the most common forms of fraud. It can involve the
physical theft of a credit card or the theft of the card’s data, including
the card account number. Stolen cards can be reported quickly by cardholders,
but a compromised account can be hoarded by a fraudster for weeks or months
before any fraudulent use, making it difficult to identify the source of the
compromise. The cardholder may not discover fraudulent use until receiving
a billing statement.
Counterfeit
This is when card data is fraudulently obtained. This stolen information
is used to produce a fake card which can then be used to access customer
accounts. These fake cards can either be white for the fraudster to use
in an ATM machine, or made to look like a legitimate bank card for over
the counter purchases. Overseas counterfeit cards have been found in
New Zealand ATMs.
There are a number of ways the data can be stolen:
Skimming - theft of credit
card information used in an otherwise legitimate transaction. Fraudsters
can copy credit card information using basic methods such as photocopying
receipts or advanced methods such as loading a programme onto the credit
card machine that will transmit or store the data of any card that is swiped
through the machine.
Terminal Compromise – this is when the credit
card terminal is altered or modified by the fraudsters to steal the
data. They may use a keypad overlay that matches up with the keys on a legitimate
ATM, but transmits the data or PIN number wirelessly.
Prior to going overseas
and again as soon as you can upon returning to New Zealand, we recommend
you use your credit card in a BNZ
ATM for a balance enquiry, mini statement or cash advance*. This
allows us to keep the security information on your BNZ Visa or MasterCard
up to date and instantly renders any stolen credit card details redundant
to counterfeiters. Find out more about credit
card security.
Trojan / Phishing
This is where the fraudsters masquerade as a trustworthy entity and
send emails or other communications that direct users to a fake website.
The look and feel is almost identical to the real one. The website then
asks the user to input sensitive credit card information for the fraudsters
to harvest and use.
Customers are advised to ignore emails of this nature, and to never act
on any instructions within the email.
Stolen Credit Cards
Stolen credit cards are often perpetrated by a serial fraudster. The
most common scenarios include theft from places of work, homes, vehicles
overnight, family members and pickpockets when travelling. Once stolen,
the fraudster will often spend quickly and as much as they can using
the stolen credit card.
Currently three out of nine stolen cards have had their PIN compromised,
meaning easier access to cash for fraudsters. Credit cardholders are
responsible for ensuring they have selected a suitable PIN for their
card. We recommend you read the New Zealand Bankers' Association leaflet, 'Protecting
your Cards, Pins & Passwords' (PDF 733KB).
Shoulder surfing – is where a fraudster watches as a cardholder
enters their PIN in a store, bar or at an ATM. Sometimes they work
in pairs, the other person often then distracts the cardholder and
the card is stolen. The card is then used along with the PIN they
have watched being entered.
back to top
Recent
examples of fraud
'VRM Company - Be your
own boss' Email Scam
There is an email scam in circulation
offering Australians the 'opportunity to be their own boss' by working
for VRM Company. VRM Company state that their main office is in Latvia,
and that the 'job' entails receiving and on sending money or goods.
This email is an example of an email scam where the fraudulent party
is looking to recruit people with Australian bank accounts to act
as 'mules'. 'Mules' accept fraudulently acquired
funds into their bank account, and then arrange for them to be sent
to an overseas account.
Customers are advised to ignore
emails of this nature, and to never act on any instructions within
the email.
'Make money with your
bank account' Email Scam
We have been made aware of an email scam
with the Subject: Make money with your bank account. This email was
sent to numerous Australian email addresses (.com.au) on May 15,
2004, and is an example of an email scam where the fraudulent party
is looking to recruit people with Australian bank accounts to act
as 'mules'. 'Mules' accept fraudulently acquired
funds into their bank account, and then arrange for them to be sent
to an overseas account.
Customers are advised to ignore
emails of this nature, and to never act on any instructions within
the email.
back
to top
'We
are looking for honest and smart people for business offer'
Email Scam
During April 2004, we were made
aware of the widespread circulation of a specific email scam purporting
to be a business opportunity selling Slim Display Plasma Televisions.
As of May 19, 2004, it has been reported as being back in circulation
with the Subject: 'We are looking for honest and smart people for business
offer'. The intent of this scam is to recruit 'mules' who receive fraudulent
funds into their bank account, and then transfer the funds to an overseas
account.
Customers are advised
to ignore emails of this nature, and to never act on any instructions
within the email.
Email Employment Scam
Customers
of another New Zealand bank, and some Australian banks, have
been the victims of a scam that takes advantage of weaknesses
in the firewall and security settings of the computer the customer
is using.
False job
advertisements appeared on recruitment sites. The advertisements
were from fictitious overseas companies looking for people to receive
domestic funds and forward them to an overseas recipient.
In the second part of the scam, a 'trojan' or virus program
entered people's computers, either through emails or web surfing.
The virus program captured their keystrokes, providing the
person running the scam, with the customer's access numbers and passwords. The
perpetrators of the scam then accessed the customer's accounts
and transferred funds to the bank account of one of the people 'employed' through
the false job advertisements.
In the third
part of the scam the person employed through the false job advertisement
was asked to transfer the funds to the overseas account of the
scam perpetrator.
'Phishing' - Hoax Emails
A hoax email has been circulated that appears to be from ANZ's
Billing Department. This email contains false Internet Banking and
credit card customer details, and asks the customer to follow a link
to update their personal details, including registration number, password,
credit card number and expiry date. The false website has been disabled.
A hoax email claiming to be from Westpac,
in New Zealand, has been widely circulated. The email requests that
the receiver verifies their email address by clicking on a link. The
link takes them to a web page that resembles the Westpac website, where
they are requested to enter their login details. The
fraudsters have then gathered the information required to access and
transact on the account of the unsuspecting customer.
Devancy
Devancy Incorporated claimed to be "an international company working
in banking business for a large number of years". In July 2003, they
set up websites in New Zealand (www.devancy.com) and
Australia (www.avantyx.com).
The website's professional and authentic appearance gave the
impression of a legitimate financial services company. They fraudulently
claimed to be a business partner of all the major banks. The scam worked
by convincing people to accept deposits into their bank accounts that
they were to transfer to a third party. For making the transfer, they
could retain a transaction fee. However, once the transfer was made
the initial deposit was withdrawn and the money was lost.
Nigerian Scam,
also known as the 'Advance Fee Fraud', '419
Fraud'
This scam involved letters, faxes or emails inviting individuals
to participate in a scheme that eventually turns out to be non-existent.
Many versions claim to be from a government official, who needs help
in distributing millions of dollars from their country, in return
for a percentage of the money. Recipients are requested to provide
bank account details, and to forward money to pay for 'advance
fees', documentation, and administration expenses
Spanish Lottery Scam
In the Spanish Lottery Scam, people
received a letter informing them they had won a large prize from the
'Spanish Lottery'. To collect the prize, they had to send money to a
bank account in Spain, to pay for traces, bank fees, delivery and insurance
Other Scams
Be aware of other scams, such
as spam emails, chain letters and people claiming to be representatives
of government departments, financial institutions or other businesses
back
to top
Read more about our
security systems and how you can protect your privacy and security
* Cash advance fees apply.
