I thought it might be useful to share how I go about identifying if an email or text is a scam. We have previously posted a blog on this Information hygiene and Scams.
Firstly never click on a link to take you to another web site to enter your details. Always go directly to the web site and log in normally.
What prompted me writing this blog was a post on the www.stuff.co.nz web site about a Queenstown woman being scammed out of $42,000 after receiving a BNZ text and others falling for the same text scam.
I received a text today that on initial reading looked correct as I am expecting a tax refund this year.
The text read: After further review, you are due a tax refund. Please visit and enter your details to process your payment at {web address given}.
The first thing is this is unusual, the IRD does not communicate like this. While the web address looked official including “my-ird-nz.line.pm/ret/GovttNz” its is very suspicious; misspelling of Govt etc.
With emails if I am suspicious of an email (that gets through our email spam filter) I always have a close look at the domain name. Often it looks like a real email address but will have some other domain name inserted such as .cn for China or .ph for the Philippines.
It used to be easy to pick up scam emails as they always contained grammatical or spelling errors. With the introduction of AI tools such as ChatGPT scammers can now produce perfect text.
Another flag is when the email or text states you need to take action urgently.
The key is don’t click on a link or attachment sent by someone or organisation you don’t know.
You need to be always vigilant.