Scams and how to avoid them
Wondering if that email or phone call is a scam? Learn about the most common types of scams and how to protect yourself.
“I write to you in good faith and trust that you will take a moment to consider the contents of this letter. I am Andreas Peterson, the Chief Auditor of Lloyds Financial Services Ltd, United Kingdom.”
Sound familiar? Most of us are wise to the opening ploy of a scam letter. In this instance, “Andreas” has stumbled upon $15.5m in an account belonging to a deceased customer. He’s willing to share the windfall with you, provided you help him transfer the money overseas.
Scammers like Andreas persist because every now and again someone takes the bait.
Dating and romance scams
How they work:
Scammers use online dating sites to form relationships with people looking for love. Once they’ve built up enough trust, the scammers begin asking for money “to pay medical expenses for a sick aunt” or some other ruse. They request more and more money until the victim cottons on … or runs out of funds.
How to avoid them:
- Online-dating scammers work from a script, which they copy and paste to several dating profiles. Be wary of messages that are vague or have no relationship to your profile.
- Scammers may try to text or email you directly after they’ve made an approach through a dating site. That way, they can avoid the site’s security checks. It’s always safer to chat through the site.
- Bottom line: don’t give financial assistance to someone you’ve only met on the internet.
Investment scams
How they work:
In 2012, a group of fraudsters used publicly available lists of shareholders to “cold call” investors. They offered to buy under-performing shares for attractive prices, provided the investors made an upfront payment of a few thousand dollars. The scam was backed up by genuine-looking paperwork and a clone website.
More recently, cryptocurrencies have been the trending investment hook, with scammers taking advantage of the confusing and fast-moving nature of the technology.
How to avoid them:
- Don’t feel you need to respond immediately to an investment opportunity. A reputable broker will give you time to make a decision.
- Before investing, do your own research. Start with the Financial Markets Authority, which publishes a list of firms that have tried to scam New Zealanders.
Upfront money scams
How they work:
A scammer sends a spam letter to a list of people. The scammer claims to be the representative of an estate or finance company trying to track down the beneficiary of a will. Since the letter’s recipients share the same last name as the deceased, they’re given the opportunity to claim part of the will in exchange for “legal fees”. Another classic version is the “Nigerian prince” scam.
How to avoid them:
- Don’t respond to an unsolicited email or letter. Don’t click “unsubscribe” on a spam email, either. It confirms your address and makes you a target for more spam. Simply delete the email.
- While some scammers are after your money, others want help laundering ill-gotten gains. Never agree to transfer money for someone you don’t know.
Phishing
Phishing is one of the most common types of scam. The name refers to the scammers “fishing” for victims by sending official-looking emails or private messages. When a recipient clicks on a link or replies, they can unwittingly provide the scammers with access to the user’s personal information.
How they work:
Scammers send a message pretending to be from a bank or another trusted organisation. They try to trick the recipient into providing personal details. A common ploy is claiming their account has been compromised - they then direct the recipient to a fake, but official-looking, website to “fix” the user’s login details. In reality, the account in question is fine, and the website is recording your login details for the scammers to use later.
How to avoid them:
- Don’t click on any links in the email or message, or reply to it.
- If your account has a “Report spam” or “Report phishing” feature, report the sender. This also blocks future emails from that address.
- Immediately delete the email or message, and block their email address or profile.
Online trading scams
How they work:
One scam targets people selling items such as cars on the internet. The scammer pretends to want the item, but as they're out of town they've wired payment via PayPal. The seller gets a fake email from PayPal saying the money has been paid, along with a little extra for shipping. To finalise the trade, the scammer asks the seller to forward the extra money to a “shipping company”, which is really the scammer's bank account.
How to avoid them:
- Be wary of overseas traders if you’re buying or selling goods online.
- Avoid sellers or buyers who want you to wire money through a service like Western Union. It’s difficult to cancel payment once money has been transferred.
- Reputable trading or auction sites have systems to spot scams. If you’re selling or buying an item, don’t leave the site to complete the trade.
Computer-hacking scams
This category is a catch-all that includes goods of dubious value bought online as well as malicious online adverts and computer hacking.
How they work:
The standard computer-hacking scam used to begin with a spam email, which contained an intriguing link. When recipients clicked on the link, it launched spyware on their computer. But more scammers are using social media sites to spread malware and phish for information.
Fake gift cards and survey scams account for more than half of all social media attacks. Typically, scammers post an advertisement on a social media site that reads “click here for a $100 gift card”. When users follow the link, they’re duped into handing over personal details in exchange for a non-existent voucher.
How to avoid them:
- Don’t click on unusual links in emails or social media messages – even if the message comes from a friend. Scammers spread malware by sending links to the contact list of a compromised account.
- Don’t click on an online advert if you’re unsure of its validity. If you’re really interested in the advert, google it first.
- Regularly download the latest security patches for your internet browser and operating system – and keep your antivirus software up-to-date.
Computer “service” call
How they work:
Scammers call from “Microsoft” or another “computer service company” and tell the recipient their computer has a virus or another serious issue. They're trying to trick the user into giving them remote access to the computer, which the scammer uses to access information such as credit card numbers and bank logins. A variation is where scammers try to get the potential victim to install expensive “security software”. The scam is that the software is actually a free product.
How to avoid them:
- If you receive a call saying your computer system has a virus, hang up immediately. Microsoft will never call you without you having first contacted them.
- If in doubt, contact a local computer repair company.
Other scam types
Other common scams fall into these broad categories:
Betting schemes
These usually require that you purchase software – often costing thousands of dollars – which lets you predict the outcome of horse races or lotteries.
How they work:
Despite the fraudster’s claims, it isn't possible to predict the outcome of random events such as horse races with any certainty.
Betting software is often marketed by showing what you would have made had you invested money in the previous year. Of course, that's easy for fraudsters to say after they know which horse won every race.
Employment scams
These can turn up anywhere from a newspaper’s job ads to your email inbox. They offer the chance to work from home at your own pace – and still make loads of cash.
How they work:
These scams usually have you sending money to a PO box or forwarding your credit card details in advance. You never see your money or hear from the company again.
Holiday scams
If you’re looking for a cheap holiday, be wary of telemarketers selling discount vouchers for accommodation or flights. These scams are regularly on the go, enticing victims with bogus offers of an exotic vacation at a fantastic price.
How to avoid them:
While there are legitimate companies offering holiday vouchers, don’t buy any without first checking out the company selling them. It also pays to check whether anyone will accept the vouchers at the other end. We’ve had many calls about problems with these schemes.
Mail order
Mail order can be a great way to buy, and many legitimate companies use it. However, there are also lots of mail order scams and ripoffs.
How to avoid them:
To reduce the risks, look for:
- A written, money-back guarantee if you are not happy for any reason.
- A physical (street) address, contact phone number or GST registration number (never buy from a company that just gives a PO Box number).
- A New Zealand-based company. This is an advantage because you can take a New Zealand-based company to the Disputes Tribunal if you have problems with a product or service.
- A company which is a member of the Marketing Association. Members must meet the association’s code of ethics and follow its recommendations.
For overseas companies, stick with large and well-established firms.
Boiler room brokers
They call you promising huge returns if you buy “one-off” shares. But the shares either don’t exist or are worthless. These scams can feature slick sales pitches backed up by professional-looking websites and certificates.
If you fall for the pitch, you may get a call from another broker offering to buy the shares in exchange for a small transaction fee. This “recovery room” scam results in your transaction fee also being pilfered.
Facebook Marketplace
How they work:
Vendors can advertise and sell goods via Marketplace. But as Facebook profiles are easy to set up and abandon, you may find it difficult to track down a seller if the transaction goes awry.
We've received reports from people who’ve bought goods on Facebook which have never materialised. Alternatively, counterfeit goods were shipped instead of genuine items.
Ransomware
A form of malware (malicious software) that, once installed on your computer or mobile device, can lock you out of files or disable key functions of your device.
Often, you’ll be presented with a message screen supposedly from the New Zealand Police or SIS. The message alleges you’ve viewed illegal content and demands you pay a fine to restore normal access and functionality to your device.
General advice is to never pay the ransom, because there's no guarantee the scammers will follow through on their end of the bargain. Instead, contact Netsafe or CERT NZ for advice.
Mobile menaces
There are millions of mobile apps, so you can expect a few bad apples among them. And, if your tablet or phone isn’t locked, anyone that gets hold of it has access to your personal information.
Take these steps to secure your mobile device:
- Set up a screen lock: use a fingerprint sensor or facial recognition if your device supports them. If you use a pass code, make it more than 4 characters long.
- Install apps cautiously: only download apps from reputable sources. Be wary if an app wants access to information that seems superfluous to its function. A flashlight app, for example, shouldn’t need access to your contacts.
- Don’t respond immediately to messages of unknown origin: double-check the number of a missed call or text message. Don’t respond if it’s a 0900 number or a number in a strange format. Scammers sometimes use “premium rate” numbers. If you return the message, you’ll be charged a hefty bill.
Sidestepping scams
New scams are often variations on old themes such as the promise of prize money from a competition you never entered. You can employ some standard precautions to stay safe.
Check a company is legitimate or an offer is authentic before proceeding with a transaction. Reputable online retailers have easily accessible contact details, clear return policies and secure payment processes (including an https:// URL with a padlock symbol).
Investigate further if you’re not convinced by a website or company:
- Visit DomainTools or the Domain Name Commission for information about the person or company behind the site as well as their contact details.
- Search the Companies Register for details on the directors and trading histories of companies registered in New Zealand.
- See the Financial Markets Authority for a list of firms to avoid if you’re pondering an investment opportunity.
Stop dealing with a person or company if you have any doubts about their legitimacy. Warning signs include:
- Deals that seem suspiciously good.
- Unsolicited contact from a bank, internet service provider or government department asking you to update personal details.
- Unusual links in emails or social media messages – even if the message comes from a friend. Scammers can access and use the contact list of a compromised account.
- Offers of vouchers or gift cards in exchange for personal information.
Report scams to Netsafe. Depending on the scam, Netsafe will either advise you of the best course of action or redirect your complaint to another organisation such as CERT NZ, Consumer Protection or the New Zealand Police.
In addition, you can report spam (unsolicited commercial messages) from New Zealand businesses to the Department of Internal Affairs. The Department’s anti-spam compliance unit can investigate spam and penalise the sender.
Tip: Have you been cold-called or emailed by scammers disguised as a legitimate organisation such as Westpac or Inland Revenue? Report the scam to the genuine organisation so it can protect itself and its clients.
Damage control
If you’ve been scammed, act quickly.
- Stop communication immediately.
- Confide in a friend or family member who can support you. Being the victim of a scam is scary and upsetting, but talking about it can help.
You’ve handed over your bank details? Contact your bank and suspend your account immediately. Fraudulent credit-card transactions can sometimes be reversed. It’s safer to pay by credit card rather than bank transfer when you’re shopping online.
You think the scam is being run within New Zealand? Report it to the police. You can also report a scam to Consumer Protection, which can post a warning on its site.
You suspect you’ve been a victim of identity theft? Contact the police. If the scammer has a specific piece of ID, such as your driver’s licence or passport, contact the department responsible for issuing the document. It’s also a good idea to get a credit check done by a credit-reporting agency.
Top tips
Consumer NZ’s top five tips for protecting yourself against scammers are:
- Never reply to any email asking you to confirm your bank or credit card details. Legitimate organisations will never ask you to do this. The same applies if you’re asked for this information over the phone.
- If you’re buying goods online, check the billing process is secure (characterised by https:// and a padlock symbol in the URL). Ensure the business has a physical address and telephone number.
- Research the firms you’re dealing with. Use the Companies Register to see if the company exists and who’s behind it.
- Don’t be swayed by cold-callers promising bargain deals or instant riches if you sign up on the spot. Legitimate companies will give you time to do your research.
- If you think you’ve been scammed, report it to police. If you’ve handed over your bank details, contact your bank and immediately suspend your account. Fraudulent credit card transactions can sometimes be reversed.
Stamp out scams
Scams are on the rise, with over a million households in NZ targeted by scammers in the past year. Help us put pressure on the government to introduce a national scam framework that holds businesses to account.
Need our help?
The Consumer Advice Line is available to all our members for support on any consumer-related issue. Our expert advisers can explain your rights and help you resolve problems. Become a member now from just $12 and we'll help you get a resolution.
Member comments
Get access to comment