Keeping your information secure online

Attempted online fraud attacks are increasing, which is why we want you to know how to recognise and avoid online scams including hoax or phishing emails.

Sign up for data breach monitoring

You can sign up to the ‘Have I Been Pwned’ website, run by security researcher Troy Hunt, to be notified if your email address (and other information) has been exposed in a data breach. This can help you be aware of where and how your information is being used. You can also check which passwords are commonly used, and see how many times they’ve previously been exposed in data breaches.

Recognising hoax or phishing emails

Phishing is when someone sends you an email pretending to be a person or company, to get you to provide them with your personal information such as your internet banking login details, account number, or credit card details.

Signs to look for

  • Emails that don’t address you by name, or don’t include information within the email to prove that they know you.
  • Poor grammar and spelling mistakes.
  • Appeals for emergency or urgent help, which are designed to make you act quickly.
  • Requests for you to update personal information, or ask you to make a financial transaction.
  • Links or attachments from senders you don’t know, or aren’t expecting.
  • Even if you know the sender, if the email is asking you to make a financial transaction that isn’t normal, you should always check with them by phone, even if the email states they can’t be reached by phone.

Examples of phishing emails

We’ve created a quiz to help you learn about phishing emails and how to spot them when they arrive in your inbox. Take the quiz

What we’ll never do

  • We’ll never email you links to the BNZ Internet Banking login page.
  • We’ll never ask you to tell us or anyone your password.

Reporting suspicious emails to us

If you have received an email that looks like it’s from us but you’re unsure, don’t click on any links or respond to it. Forward  the email to  to let us know.

If you have concerns about your accounts, or would like to report suspicious activity, or emails that relate to your online banking, or suspect you have responded to a phishing email, call us immediately on 0800 275 269 or +64 4 494 9098 from overseas (international toll charges apply).

Other ways to keep your information safe online

  • Always type into your browser when you visit our website or do your online banking.
  • Think twice before clicking a link on a website or in an email. Take a moment to look at it and if anything seems remotely suspicious, avoid it. Or you could verify the information with the company using published phone numbers.
  • Choose strong passwords. Avoid any significant names or numbers, like birthdays, and try to use a mix of numbers and letters in lower and upper case. Learn more about keeping your passwords and PINs secure.
  • Never share your login details or confidential banking and personal information with anyone, not even with family members. Don’t store your information where it can be read or accessed by anyone else.

Find out more