The nation's banks are issuing warnings about online hoaxes after more than 300 Westpac customers were lured earlier this week into revealing their IDs and internet banking passwords.
At least one similar hoax purporting to be from Citibank has been detected locally, and because such schemes have been circulating globally for several years the banks in this country are warning their customers not to email their passwords to any organisation.
Westpac has emailed all 330,000 of its online customers about the scam. The ANZ says it plans to put up a message on its website along the same lines as its Australian parent. ANZ Australia's message suggests cautious practice: "Always ensure that you only log on to ANZ Internet Banking by typing www.anz.com into the address bar, rather than following links to the ANZ website from an email that has been sent to you. Disregard any emails that advise otherwise, even if they appear to be from ANZ." BNZ says it intends to put up a similar message.
Last week many New Zealanders found a message waiting in their email inboxes which seemingly came from Westpac, saying the bank wanted to check email addresses are valid. It asked customers to confirm their address by providing their banking ID and password at the Westpac website. The email includes a link which appears to point at Westpac’s website, but actually directs browsers to a website in Russia. Westpac says 2000 people viewed the hoax page that popped up after they followed the link in the email, and about 1200 people changed their passwords within a short time after the hoax emerged.
Westpac spokesman Paul Gregory says the bank hasn’t yet found any suspicious transactions arising from the scheme and is cautiously optimistic no fraud has occurred.
Gregory urges Westpac customers who provided their log-in details to the bogus website to change their password as soon as possible, contact the bank, and keep a close eye on their online accounts.