this post was submitted on 06 Jul 2023
15 points (94.1% liked)

Aotearoa / New Zealand

1644 readers
51 users here now

Kia ora and welcome to !newzealand, a place to share and discuss anything about Aotearoa in general

Rules:

FAQ ~ NZ Community List ~ Join Matrix chatroom

 

Banner image by Bernard Spragg

Got an idea for next month's banner?

founded 1 year ago
MODERATORS
[email protected]
[email protected]
15
How I fell for a BNZ text scam that cost me $35k (www.stuff.co.nz)
submitted 1 year ago by [email protected] to c/[email protected]
20 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 11 points 1 year ago* (last edited 1 year ago) (3 children)

I'm sure most people here know some of the key ways to protect yourself against this kind of scam, but just in case:

  • Always be watchful when contacted by an organisation (bank, company, etc). You need to verify they're not a scammer, at least if you're giving out login credentials or anything else sensitive
  • Check the source phone number/email address. Banks usually will not call/text from an international number, or cell phone. Emails will be sent from the appropriate domain (e.g. bnz.co.nz)
  • Never log into something if you've clicked on a link in a text message/email, unless you are really sure it's safe. If in doubt, go directly to the bank (or whatever) website and log in rather than clicking on a link.
  • Don't be rushed. It's better to wait on hold for 2 hours to contact the bank directly than to lose thousands.
  • Turn on two-factor auth on anything important (banks especially)
  • Remember scammers will try to make you feel like you're bring rude or difficult by asking them questions. That is part of the scam!

Other tips?

[–] [email protected] 7 points 1 year ago (1 children)

Use a password manager.....it will not auto-fill on the wrong website.

You would have to go and manually copy the password from the manager and into the fake website, giving you another mental break point.

[–] [email protected] 2 points 1 year ago

Yeah good point. And there are obviously other advantages of using a password manager.

[–] [email protected] 4 points 1 year ago

Yeah, much beetter to be safe than sorry.

A few years ago I had contacted the Dell Support Team about an issue I was having with my order, and they called me back and had asked me to give them my card details so that they could cancel and make the payment again. I wasn't comfortable with that so asked if we could do it another way. I was a bit nervous?, about asking but they didn't think it was weird at all and were very accommodating.

[–] [email protected] 2 points 1 year ago

I feel it's a really good rule of thumb to just not click any links, especially if they're texted. I can't think of the last time an organization texted me a direct link, MSD and IRD usually send you a text telling you to check your account for instance, so I feel it's much better to er on the side of caution and ignore them all.

Emails are a bit trickier but most organizations generally use letterheads and footers to identify themselves pretty plainly, but if I'm ever in doubt I'll again er on the side of caution again and either ring them or go straight to the website rather than touch a link.