Best practice tips for staying vigilant online

Best practice tips for staying vigilant online

Staying Vigilant Online: A Guide for New Zealand Users

Staying vigilant and being able to recognise attempts to scam you or extract your personal information online should no longer be taken as a recommendation, but a necessity. Scams and large-scale fraud are becoming increasingly sophisticated, and even the financially savvy are not immune to these threats. According to CERT NZ, thousands of Kiwis fall victim to online scams every year, with financial losses running well into the seven-figure mark.
This guide aims to equip you with practical advice, preventative measures, and resources to help you stay safe online. If you’ve been contacted by someone claiming to be from a trusted organisation (e.g., your bank, the Government, your utility provider, your insurance provider, etc.), hang up immediately and search for the organisation's official phone number. ONLY call them back on their official phone number—do not continue to engage, even if there's a possibility that the caller might be legitimate. It's not worth the risk, and any employee from a reputable organisation will understand your extra vigilance.

Understanding the Threat Landscape

Online scams come in many forms, from phishing emails to fake investment schemes. As tech becomes increasingly sophisticated, the schemes, methods and techniques used by scammers also become more effective. We’re graduating now from the ‘Nigerian prince’ email spam to incredibly realistic-looking emails from scammers who claim to be representatives of trustworthy organisations (e.g., your utility provider, Microsoft employee, Google employee, local politician, bank, insurance provider, etc.).
Here are some of the most common types of scams targeting New Zealand users:
  1. Phishing Scams: Scammers often send fraudulent emails or messages that appear to be from trusted organisations such as banks or government agencies. These messages typically ask for personal information like passwords or credit card details.
  1. Tech Support Scams: Scammers may call pretending to be from a legitimate tech company, claiming there is an urgent issue with your device. They often request remote access to your computer or demand a fee to "fix" the problem.
  1. Online Shopping Scams: Fake websites or social media ads selling counterfeit goods or products that never arrive are prevalent. These scams are particularly active around holiday seasons.
  1. Investment and Cryptocurrency Scams: Scammers lure victims into fake investment opportunities, promising high returns. Cryptocurrency scams are also on the rise.
  1. Romance Scams: Scammers create fake profiles on dating sites or social media to build trust and then manipulate victims into sending money.

Tips for Staying Safe Online

Here are actionable steps you can take to protect yourself from falling victim to online scams:

1. Be Sceptical of Unsolicited Messages

  • If you receive an email, text, or social media message from an unknown sender, don’t click on any links or download attachments. Legitimate organisations will never ask for sensitive information like passwords or bank details via email or text.
  • Always verify the sender. For example, if you receive a message claiming to be from your bank, call the bank directly using the contact details listed on their official website.

2. Strengthen Your Passwords

  • Use strong, unique passwords for every online account. A strong password should include at least 12 characters, combining uppercase and lowercase letters, numbers, and special symbols.
  • Consider using a password manager to generate and store secure passwords. Google, Apple, Microsoft, Opera, DuckDuckGo, and all other large browser and tech companies encourage the use of 2FA (discussed below), and ensuring you do not recycle the same password over various websites. This way, if one of your accounts is compromised, your other accounts are more likely to be safe.

3. Enable Two-Factor Authentication (2FA)

  • Two-factor authentication adds an extra layer of security by requiring you to verify your identity through a second method, such as a text message code or an authentication app. Enable 2FA on all accounts that offer it, especially for email, banking, and social media.

4. Keep Your Software Up-to-Date

  • Regularly update your operating system, browser, and apps to ensure you have the latest security patches. Cybercriminals often exploit outdated software to gain access to your devices.

5. Be Cautious with Online Payments

  • Only shop on websites with secure connections. Look for a URL that starts with "https://" (avoid http://) and a padlock symbol in the address bar.
  • Avoid making transactions over public Wi-Fi networks. If necessary, use a Virtual Private Network (VPN) for a secure connection.

6. Verify Investment Opportunities

  • Be wary of investment opportunities that promise high returns with little to no risk. If it sounds too good to be true, it probably is.
  • Check whether the investment is registered with New Zealand’s Financial Markets Authority (FMA).

7. Educate Yourself About Current Scams

  • Stay informed about the latest scams by regularly checking updates from organisations like CERT NZ, Netsafe, and Scamwatch.

8. Protect Your Personal Information

  • Limit the amount of personal information you share online, especially on social media. Scammers often use publicly available information to impersonate victims.

9. Be Wary of "Urgent" Requests

  • Scammers often use urgency to pressure victims into making quick decisions. Take time to verify any urgent requests, especially those involving money transfers.

10. Teach Your Family and Friends

  • Share your knowledge with loved ones, especially older family members or teenagers who may be more vulnerable to scams.
  • Scammers are becoming increasingly sophisticated, with many financially-savvy, fiscally educated people falling victim to scams, fraud and phishing attacks. Don’t be afraid to ask for help and report suspicious behaviour — Scammers depend on their victims being too embarrassed to speak out and letting it slide for fear of appearing silly.
  • If something seems suspicious, trust your instincts. Many scams create a false sense of urgency to pressure victims into acting quickly without properly verifying information. Take your time to research and validate any unexpected requests, especially those involving personal information or financial transactions.

What to Do If You’re Targeted

Even with precautions in place, and vigilance when browsing the web, you may still be a target. Here’s what to do if you believe you’ve been targeted:
  1. Don’t Engage: If you suspect a scam, stop communication immediately. Do not reply to emails, texts, or calls from the scammer.
  1. Report the Scam:
      • Report phishing emails to your email provider and forward them to CERT NZ (report@cert.govt.nz).
      • For fraud involving money, contact your bank immediately and report the incident to the New Zealand Police.
  1. Change Your Passwords: If you’ve accidentally shared login credentials, change your passwords on all affected accounts immediately.
  1. Monitor Your Accounts: Regularly check your bank and online accounts for unauthorised transactions.
  1. Seek Help: If you feel overwhelmed or unsure, contact Netsafe for advice and support.

Useful Resources for New Zealand Users

Here is a list of organisations and tools to help you stay safe online:
  1. CERT NZ
      2. Website: www.cert.govt.nz
      CERT NZ provides advice on cybersecurity and reports on the latest online threats. If you encounter a scam, you can report it directly to them.
  1. Netsafe
      2. Website: www.netsafe.org.nz
      Netsafe offers free advice on online safety and can help you deal with scams, cyberbullying, and other online issues.
  1. Scamwatch (New Zealand Commerce Commission)
      2. Website: www.consumerprotection.govt.nz/scams
      Scamwatch provides an up-to-date list of scams affecting New Zealanders and advice on how to avoid them.
  1. Financial Markets Authority (FMA)
      2. Website: www.fma.govt.nz
      The FMA can help you verify whether an investment opportunity is legitimate.
  1. IDCARE
      2. Website: www.idcare.org
      IDCARE is a free service that provides support if your personal information or identity has been compromised.
  1. Stay Smart Online
      2. Website: www.staysmartonline.govt.nz
      This government initiative offers tips and resources for staying safe online.
  1. Banks and Financial Institutions
      2. Many banks in New Zealand, such as ANZ, ASB, and Westpac, offer specific advice on avoiding scams. Visit your bank’s website for additional resources.

Final Thoughts

Staying vigilant online requires a combination of awareness, education, and proactive measures. By following the tips outlined in this guide and utilising the resources available, you can significantly reduce your risk of falling victim to scams. Remember, if something doesn’t feel right, trust your instincts and take the time to verify its legitimacy. Stay safe, and when in doubt, always take the more cautious path. You’ve got nothing to lose by double-checking, and everything to lose if you don’t!
Legal Notice
YJ Consulting is the trading name of Crescellere Limited (NZBN: 9429052170065). Unless otherwise specified, all content on consultyj.com is the product, creation and intellectual property (IP) of YJ Consulting. No content is to be copied, reproduced, used, applied, altered, derived from, used, configured, passed off, enhanced or appropriated in any way for any reason whatsoever in the absence of written consent from YJ Consulting.
💬
Contact Us
Contact Us to find out how we can best support you and your team(s) to achieve and sustain success.
 
 
YJ Consulting 2026
Copyright.