Email Scam Shockwave: Don't Be Another $200 Million Victim! (Your Essential Guide to Digital Defense)

24 July 2025

Email Scams: Protecting Yourself from Online Fraud

Key Takeaways

  • Email scams are increasingly sophisticated, with New Zealanders losing an estimated $200 million annually.
  • Scammers use tactics like impersonation, urgency, and fake details to trick victims into divulging sensitive information or transferring funds.
  • Always verify payment instructions and sensitive requests through independent channels, such as a phone call to a trusted number.
  • Implement robust security practices like strong passwords, two-factor authentication, and regular software updates for your email accounts.
  • New Zealand's legal and banking systems have safeguards, especially for property transactions, but vigilance remains crucial.

In our increasingly digital world, email has become an indispensable tool for communication, both personally and professionally. However, this convenience comes with a significant risk: the ever-present threat of email scams. These deceptive tactics are becoming more sophisticated, targeting individuals and businesses alike, and can lead to substantial financial losses and emotional distress. At Langley Twigg Law, we believe in providing clear, practical advice, and that includes helping our clients navigate the complexities of online security. We want to ensure you're equipped to identify and protect yourself from these prevalent threats, especially those that might involve legal transactions.

The Prevalence and Sophistication of Email Scams in New Zealand

Email scams are a significant problem in New Zealand. Unfortunately, New Zealanders are losing an estimated $200 million a year to scams. This staggering figure highlights the need for heightened awareness and robust protective measures.

Scammers employ various types of email fraud, each designed to trick you in different ways:

  • Phishing: This is the most common type, where cybercriminals send out mass emails disguised as legitimate communications from well-known companies, banks, or government agencies. The goal is to trick recipients into divulging sensitive personal information, such as bank account numbers, passwords, or credit card details. Netsafe defines phishing as a deceptive tactic used to trick individuals into divulging sensitive information.
  • Spear Phishing: More targeted than general phishing, spear phishing involves emails tailored to specific individuals or organizations, often using information gleaned from social media or public records to make the message seem more credible.
  • Whaling: This is a highly targeted form of spear phishing aimed at senior executives or high-profile individuals within an organization. The scammer's goal is often to trick the executive into authorising a large wire transfer or revealing sensitive company data.

Common Tactics Used by Scammers

Scammers are masters of manipulation. They often use psychological tricks and technical subterfuge to achieve their aims:

  • Creating a Sense of Urgency: Emails might warn of immediate account suspension, legal action, or a limited-time offer, pressuring you to act without thinking.
  • Impersonation: They frequently impersonate legitimate organizations or individuals. This could be your bank, a government agency like IRD, a well-known service provider like NZ Post, or even a law firm.
  • Fake Email Addresses and Logos: While they might try to mimic official addresses, slight misspellings or unusual domains (e.g., .co instead of .co.nz) are common tells. They also often copy official logos and branding to make their emails look authentic.
  • Generic Greetings: Often, phishing emails use generic greetings like "Dear Customer" because they are targeting a large number of people at once.
  • Unexpected Attachments and Links: These often contain malware, viruses, or lead to fake websites designed to steal your credentials.

Practical Steps for Identifying and Avoiding Email Scams

Staying vigilant and adopting a sceptical mindset are your best defences against email scams:

  • Scrutinise Sender Details: Always check the sender's full email address, not just the display name. Look for any inconsistencies or unusual domains.
  • Hover Before You Click: Before clicking on any link, hover your mouse over it (on a desktop) or long-press (on mobile) to see the actual URL it leads to. If it doesn't match the sender or looks suspicious, do not click.
  • Be Wary of Unexpected Requests: If an email asks for personal information, login credentials, or immediate payment, be extremely cautious. Legitimate organizations rarely ask for sensitive data via email.
  • Verify Requests Independently: This is perhaps the most crucial step, especially for financial transactions. If you receive an email requesting a change in bank details for a payment, or an urgent fund transfer, always verify the request by calling the sender on a known, trusted phone number (not one provided in the email). This is particularly vital in property transactions.
  • Check for Spelling and Grammar Errors: While not always present, many scam emails contain grammatical mistakes or awkward phrasing, which can be a red flag.

The Importance of Robust Security Practices

  • Strong, Unique Passwords: Use complex passwords for all your online accounts, especially your email. Consider using a password manager to help create and store them securely.
  • Enable Two-Factor Authentication (2FA): Where available, always enable 2FA on your email and other critical accounts. This adds an extra layer of security, requiring a second verification step (like a code from your phone) even if your password is compromised.
  • Keep Software Updated: Regularly update your operating system, web browser, and antivirus software. These updates often include critical security patches that protect against new vulnerabilities.
  • Educate Employees: For businesses, regular training on cybersecurity awareness is paramount. Employees are often the first line of defence against sophisticated email attacks.

Specific Risks and Safeguards in Legal and Property Transactions

Property transactions, in particular, are a common target for sophisticated email scams due to the large sums of money involved. Scammers often intercept email chains between parties (e.g., buyer, seller, real estate agent, and lawyer) and send fake emails with altered bank account details for settlement funds. This is why vigilance is critical when you are buying or selling property.

In New Zealand, our legal and banking systems have several safeguards in place to protect clients' funds:

  • Lawyers' Trust Accounts: When you engage a law firm like Langley Twigg, your funds are held in a secure trust account, subject to strict regulations and audits. This provides a significant layer of protection.
  • Electronic Transactions and Verification: While transactions are increasingly electronic, robust verification processes are in place. For instance, title transfers in New Zealand only occur after payment is made and verified.
  • Anti-Money Laundering (AML) Compliance: Law firms are legally obligated to comply with Anti-Money Laundering (AML) legislation. This involves stringent identity verification processes for clients and careful scrutiny of transactions, adding another layer of security against fraudulent activities.

Despite these safeguards, the onus remains on you to exercise extreme caution. Always verify bank account details for any significant payment, especially when dealing with property settlements. A quick phone call to your lawyer on a trusted number can prevent a devastating loss.

The Future of Scam Protection

Encouragingly, there are new developments on the horizon to further protect consumers. From 30 November 2025, major New Zealand banks will be required to meet new scam protection commitments. This includes providing confirmation of payee services and potentially compensating customers for losses in certain circumstances. This shift, as highlighted by DLA Piper , signals a move towards greater accountability for financial institutions in the fight against scams.

At Langley Twigg Law, we are committed to helping our clients navigate the legal landscape safely and confidently. By understanding the risks of email scams and implementing these practical steps, you can significantly reduce your vulnerability and protect your assets. If you have any concerns about suspicious communications or require legal advice, please do not hesitate to contact us.