While we do our part to deter cyber criminals, we encourage you to do the same so that your cyber risk is minimised as well.

Some items on the list below may be known to you, but some might be new. If there is anything in the list that you’re not sure about, we encourage you to contact CERT NZ (cert.govt.nz) or Netsafe (netsafe.org.nz). CERT NZ works to support businesses, organisations and individuals who are affected (or may be affected) by cyber security incidents and Netsafe is New Zealand’s independent, non- profit online safety organisation providing online safety support, expertise and education.

Some golden rules of thumb:

1. Do not click on any links that you’re not certain are legitimate. Unless you’re 100% sure, don’t click. If you receive a link from someone you don’t know, no matter how inviting it is, don’t click on it.
2. Double check the email address that any email has come from. Often you can tell that the email is fraudulent due to dubious spelling or an odd domain name.
3. Make all your passwords unique and hard to guess and avoid using the same password across multiple platforms. A strong password typically includes a combination of uppercase and lowercase letters, numbers, and special characters. Consider using a password manager to securely store and generate passwords for you.
4. Never give your passwords to anyone and never verify your account details either. Remember that banks and other companies (like FMT) will not contact you for passwords by email, text or phone. If you receive a request like this, delete it or hang up.
5. Enable Two-Factor Authentication (2FA) whenever available. This adds an extra layer of security by requiring a second form of verification, such as a code sent to your mobile device, in addition to your password.
6. If someone contacts you out of the blue via social media or email, it’s likely to be a scam. More so if they are pressurising you to make a quick decision and asking you to make payment for something in an unusual way.
7. Don’t take calls from people you don’t know and don’t engage with them. It’s ok to hang up even if it’s against your nature to do so. Also note that some cold calls with investment offers are illegal in New Zealand, so if an offer is made, hang up immediately.
8. Be cautious on social media. What you post on social media can give cyber criminals information that they can use against you. Set your privacy so only friends and family can see your details.
9. Regularly update your operating system, applications, and antivirus software. Software updates often include security patches that address known vulnerabilities, reducing the risk of exploitation by cybercriminals. Enable automatic updates whenever possible to ensure you have the latest security enhancements. Additionally, keep your devices, such as smartphones, tablets, and computers, protected with reliable security software.
10. Be cautious while visiting websites and avoid clicking on suspicious or unknown links. Verify that websites use secure HTTPS connections (look for the padlock icon in the address bar) before entering sensitive information.
11. Implement a regular backup strategy for your important data. This ensures that even if you experience a cyber incident or data loss, you can recover your files. Store backups securely, preferably offline or in the cloud with strong encryption.

If you think you’ve been scammed or are being scammed, then stop all contact immediately and don’t send any payments or personal details. Contact CERT NZ or Netsafe, and if you have made a payment, contact your bank or service provider you sent the money through immediately.