What to do if you've been scammed

Important! Has a scammer gained remote access to your computer?

If so, turn it off or disconnect it from the internet immediately, then phone your bank to warn them against any suspicious transfers the scammer may attempt.

When you’ve done that, use another device to come back to this page and follow the steps below.

What to do first

1. Contact your bank
   Tell your bank about the issue and that you may be targeted cybercriminals. Your bank will advise you of any action that you or the bank can take to protect your bank account.
   
2. Change your passwords
   • If there’s a chance the scammer gained access to your email, it’s important to change your email account password as soon as possible.
   • Change your other online account passwords too, especially if you use the same password across multiple accounts.
   • Choose a different password for every online account and make sure they’re not passwords you’ve used anywhere else before.
   • To help manage your passwords going forward, consider using a password manager.
3. Contact the main credit reference agencies
   • Scammers may use information they have gathered about you to sign up for loans, products or services in your name.
   • You can ask Centrix, Equifax and Illion to temporarily suppress your credit information, which will help stop this happening.
   • You can also ask these agencies whether there have been any recent credit checks made on your account.

Report the scam

• Police. If you’ve lost money or property through the scam. Report it to the Police
  
• Spark. You can report phone, text and email scams to Spark. Report a scam
  
• Netsafe. You can report any harmful online incident to Netsafe. Report to Netsafe 
  

Other steps you should take

Make sure your computer and other devices are virus free. 

• Viruses can give a cybercriminal the ability to see everything on your computer or mobile phone, including the new password that you set. So it’s important to make sure your device is virus free.
  
• Make sure you have antivirus software running and that it has cleaned up any detected viruses. 
  
• If you don’t have an antivirus programme, talk to a local professional IT person about getting one installed. 
• If you think a scammer may have gained remote access to your computer, we recommend turning it off or disconnecting it from the internet immediately. Then get a local professional IT person to check it for any viruses the scammer may have installed.

Check your email and other online accounts for anything unusual. 

• Make sure your security questions haven’t been changed, or secondary email addresses set up on your account.
• Check your sent messages for any emails you didn’t send.
• Check your deleted emails for anything you didn’t delete.
  

Warn your contacts.

Cybercriminals may try to use your information to impersonate you. So it’s a good idea to let your friends, family and other contacts know to be wary of any links or requests that appear to come from you. 

For example, if you’re part way through arranging a payment with someone, call them direct and arrange to pay in person if possible.

Keep your computer and mobile phone software up to date. 

It’s important to make sure your software’s up to date. If your computer, mobile phone or an app has told you it has an update ready, install it as soon as possible. Software updates like this help keep your online accounts secure and can stop cybercriminals from targeting you with viruses. 

Watch out for fake invoices and other scams. 

Cybercriminals may try to use information they’ve collected to send you fraudulent emails and requests for money that appear authentic. So it’s a good idea to verify any requests for money or any large invoices. Call the sender personally and double-check that it’s legitimate and the account details are correct before you pay. Remember to keep an eye on your bank statements and other bills too, in case you see anything unusual.