The Banking Ombudsman is warning customers to read and act on bank security alerts as scam complaints begin rising again.
Scam complaints to the Banking Ombudsman Scheme increased 18 percent in the first quarter of the year, marking the first rise since late 2024.
Banking Ombudsman Nicola Sladden says security messages from banks are often more than routine notifications. They can be an early warning that scammers are trying to access an account.
Banks send alerts through apps, texts and emails when a new device is being set up, a password is being changed, or transactions are being made.
The Ombudsman says people who have already clicked on a phishing link may mistake a genuine bank warning for part of what they believe is a legitimate transaction, such as paying a toll, confirming a delivery, or receiving payment through an online marketplace.
In one case, a customer selling items online clicked a postage link sent by a supposed buyer and entered banking details into a fake website. The customer then received genuine email and text codes from the bank to set up a banking app on a new device, but entered those codes into the fake site. The next day, $16,700 was transferred from the account.
In another case, a customer clicked on an email that appeared to be from Inland Revenue. They were taken to a fake IRD site and then a fake banking site, where they entered their banking details and a genuine security code sent by their bank. A few days later, $60,000 was stolen.
The Banking Ombudsman says sharing codes or approving actions in banking apps can give scammers control of an account as if it were their own.
Banks may also consider whether security messages were read and acted on when deciding whether to reimburse scam losses.
Customers are being urged to stop, read bank messages carefully, and check whether the alert matches what they are actually trying to do.
Anyone who receives a suspicious message should contact their bank directly using the number on the bank’s official website or app, and never through a link or phone number included in the message.
