Protect Your Money From Scams

Your safety and security are our top priority.

We're here to help you stay informed and empowered to protect yourself and your money.

Protect Your Money From Scams

Your safety and security are our top priority.

We're here to help you stay informed and empowered to protect yourself and your money.

There are hundreds of different scams out there that come in the forms of letters, emails, phone calls, social media and websites. Although they disguise themselves in different ways, they usually all have the same goal: to get your money, steal your personal information or use you to facilitate proceeds of crime.

It's best to be suspicious of any contact you weren’t expecting. Taking time to consider an offer could be the difference between being caught in a scam and avoiding a scam. 

If you don’t have time to review all of the common scams outlined below, here are some key things you should do to protect your information:

  • Create strong passwords: Use unique, complex passwords for all your online accounts, especially your bank accounts. Never share them with anyone. Consider using a password manager to create and store strong passwords securely.
  • Guard your social media: Limit the amount of personal information you share on social, especially your date of birth, address, and financial details. Be mindful of who you connect with and adjust your privacy settings.
  • Shred Documents: Properly dispose of sensitive documents containing personal information like bank statements or credit cards.
  • Verify information: Check both the name of the account and the account name itself before initiating any transfer or payment. Unity does not check account names when processing payments, we only use the account number. Check carefully, as mismatched information is a red flag for potential scams.

Some important things to remember:

  • We will never ask for your PIN, password, or any other sensitive information via email, text, or phone call.
  • Stay informed: Regularly update yourself on the latest fraud and scam trends. A great place to start is Netsafe.
  • Report anything suspicious: If you suspect fraudulent activity on your account, contact us immediately.

If you need any further information, we’re here to help! Otherwise check out the resources at: Scams | Banking Ombudsman Scheme (

Online Dangers

Scammers can impersonate organisations you’re familiar with and send unexpected emails or text messages. These could appear to be from Unity, another bank, a courier service, or phone provider.

These messages usually contain a link to an imposter website. Look out for:

  • A text asking for your banking information or payment when you are not expecting it (for example, a text to pay a toll bill when you haven’t been through a toll location)
  • A very low standard of message (check for low-quality design and bad grammar
  • A website or email that is not directly from the real organisation
  • A scam that is well-known and well publicised

If something seems too good to be true, it probably is. Winning an online lottery draw that you never entered or a long distant cousin passing away and leaving you funds, is a long-time favourite for online scammers. They may ask you for your banking details or personal information so they can make a deposit, but then use this information to steal money from you. They may even deposit money into your account, only to have you transfer these out to another account. Accepting illegal funds may result in prosecution.

This is when a scammer pretends to be from Inland Revenue or other government agency, and claims you owe IRD money, or you are owed money and they require your bank details to process the refund. Never click on a link from an email you do not recognise or were not expecting. Only ever update your personal details through myIR on the official IRD website (

The online shopping market has boomed over the last decade and so has the number of fake sites along with it. Scammers create convincing fake websites that get us to purchase/bid for goods that are never actually going to come. If you do end up getting to checkout and are asked to pay by wire transfer or to enter your credit card details into a non-secured web page, you might want to stop and start asking questions. Make sure there is a padlock icon next to the URL which indicates the website it secure and less likely for hackers to intercept any data transmitted.

Scammers create fake profiles on dating websites, apps or social media platforms and attempt to create a relationship with you to retrieve personal information or money. They may ask you to send them funds to assist with a personal/family crisis, they may also use your personal information to commit identity fraud. Never provide your details or send money to someone you have met online without absolute certainty they are legitimate.

You can find out more about romance scams here.

This is where a scammer claiming to be from IT, your internet provider or a utility provider claims your computer or phone has been infected with a virus / malware and they require access to fix the problem. They will get you to take steps to let them remotely access your device, and will promptly steal personal information such as your online banking login and debit card details. Never allow someone to gain access to your devices when they have called you unexpectedly.

A scammer gains access to the invoices of a legitimate company and alters the bank details so the client pays funds to their account, rather than the company account. Access may be gained by hacking into the email account of the business. Alternatively, a scammer may send fake invoices that look legitimate.   

Before making a payment to a new or different bank account, verify the payment details with the business using another form of communication. One way you can do this is by calling the company using contact details from their official website.  

Since it is usually very difficult to retrieve funds in situations like this, confirming bank account details before sending a payment is an important step you can take to protect yourself.  

Sometimes, scammers need to obtain two-factor authentication codes (2FA codes) to succeed. They can use these to:

  • Authorise a payment initiated from your bank account or credit/debit card
  • Complete installation of a mobile app or GooglePay on your phone or computer

Malvertising is a malicious online advertising technique that involves the distribution of malware through online ads or browser push notifications. Cybercriminals use these seemingly legitimate ads to deliver malware to unsuspecting users' devices when they click on or interact with the compromised advertisements.  For more information click here.

Never input personal information into unknown sites and install anti-virus software.

Things to watch out for

Although scammers are getting cleverer, they can still struggle with using correct spelling and grammar in their messages. Often these scammers are operating overseas, so English isn’t their first language. Look out for spelling mistakes or grammatical errors, and if in doubt, stop all communication until you have verified their identity. 

Communication that seems to be jumping the gun and prompting you for immediate action is another thing to watch out for from scammers. Often being straight to the point, scammers will try have all their instructions and information in the one message without any personal details so that the message can be widely sent out. If the message seems to be generic and doesn’t specifically look like it applies to you, ring up your service supplier and ask to speak to someone about it. 

A random email address or number contacting you, should be enough to raise any red flags. Don’t be afraid to question anyone contacting you, and if in doubt, end a phone call or don’t reply to an email. Instead try searching up the contact details and ringing a representative yourself.

The dangerous thing about everything being online, is the fact that it only takes one mouse click to infect our computer with a virus or to take us to an unsecured web page and have our details stolen. Before clicking on any link that has been sent in an email, hover your mouse over the link and see what the URL is that appears. If the URL goes to a website you trust and has “https” at the front of it, then feel free to click it. If you still don’t feel comfortable, then search up the intended website link yourself.

Further tips to protect yourself online 

Never share your PIN or credit card number online: Once you send something online, that information is available to everyone. If you send a PIN, password, or credit card information through email, a Facebook message, or an unsecured web page, hackers may be able to access that information. We strongly recommend never sharing this information with anyone. It may also be a breach of your terms and conditions to share this information. 

Don’t reply, just delete the email: If you believe you have been targeted by a scammer, don’t reply or click into the email and delete it right away. This is your best bet to protect yourself from potential viruses/malware.

Keep us informed: If you believe your personal details or login information has been exposed, contact us immediately to update passwords.

Find out who you are dealing with: Unsure of the legitimacy of the business/person you are dealing with? Google them and do your own research. All financial businesses are listed on the Disclose register ( while all NZ companies are listed on the Companies register ( This is a good way to check if a business is legitimate.

Don't share banking/personal information while on a public Wi-Fi network: Hackers are known to steal information from unsuspecting people who are logged into shared public Wi-Fi networks. It is advised to not perform internet banking when on these public unprotected networks and instead wait until you are at home on a secured network.

Safety Features at Unity

We aim to make the online banking experience as safe as possible for our members. You can read up on some of our safety features below:

Two-Factor Authentication: Certain transfers via Internet banking require two-factor authentication. This is where a code is sent to the mobile device we have on file for you, and entered into the payment screen before a transaction can be completed.

Password Strength Level Requirements: All personal passwords must pass a minimal strength level requirement before being accepted. This is to further secure access to a member's accounts through strong passwords that hackers can’t guess.

Mobile Banking App Download: The initial download of the app requires full internet banking username and password to prevent unauthorised access.

Dedicated Member Services Team: Our member services team is actively investigating unusual activity on member’s accounts. Our team will contact you if they believe any suspicious transactions are being made and confirm that these are being made by you. You must regularly review your transactions to ensure they are all known to you. Let us know in advance if you are planning on leaving the country and spending money overseas, this will help us when investigating unusual spending.

What Should I do if I Have been Scammed? 

Ring us immediately if you believe you have been scammed or if someone is attempting to scam you. As your banking service provider, we will be able to investigate any activity on your account and take the necessary action where required to protect your funds. You should also report scams via NetSafe or to the Police via 105, even if the scammer was not successful.

Our staff will never ask you for your internet banking/mobile banking password or PINs. If someone rings up stating that they are from Unity and requests your password or PINs, please hang up and call us. Let us know what the caller said so the scam can be reported to the appropriate authorities.

If you wish to speak to someone in person, you can view our Contact Us Page below and find your nearest branch.


Contact us