Skip to main content

Gone phishing


Gone phishing

The “Hi Mum” scam targets parents through the most vulnerable channel, their duty to their children. Liv Lewis-Long draws from personal experience to offer tips on how to protect yourself against this and other online scams.


By Liv Lewis-Long from Simplicity

Financial scams, intended to manipulate people to impart personal or financial details, are becoming increasingly prolific, targeting and tripping up even the most vigilant among us. From text message-based “smishing”, to unsolicited phone calls from scammers posing as your bank, to investment scams promising unrealistic returns often with little to no risk, the threat of being targeted is very real. And this is regardless of age, gender or race. We’re all “fair game”.

Statistics from BNZ in August 2023 estimated nine out of ten Kiwis have been targeted by some kind of financial scam, with around one in ten falling victim to these attempts. Of those who lost money to a scam, over 30 per cent lost $5,000 or more. Government-run Cert NZ also releases regular reporting around cybercrime, with financial losses reported to the agency up over 60% in Q1 2023, to almost $6 million over just three months.

Unfortunately, I speak from experience. A few months ago, someone very close to me was scammed out of a large portion of their life savings, a scary $30,000 in total. Often coined the “Hi Mum” scam, this one (which turns out to be super common here and globally) is text message-based, and starts with a random number claiming to be the target’s child. The scam plays on emotional loyalty between loved ones, creating a sense of urgency to convince the target their child is in trouble and needs financial assistance to get out of it.

My loved one fell hook, line and sinker. 24 hours later, they realised they’d had all their bank accounts cleared out. Their bank has failed to get any money back and is refusing to reimburse them a cent, citing the voluntary imparting of financial details. As well as the huge loss in savings, the sense of shame and obliteration of confidence I’ve seen as a result is heartbreaking.

It’s worth understanding what to watch out for, to prevent you or your loved ones being scammed out of your hard-earned money. The following list is in no way exhaustive, but may help you understand how scammers commonly operate as well as allowing you to warn others who may be vulnerable:

  • Text messages allegedly from your financial services provider asking you to click a link to stop a major problem from happening (usually with urgency!).
  • Emails, social media accounts or texts claiming you’ve “won” a prize or grant, asking you to click a link to redeem.
  • Investment opportunities promising unrealistically high returns and/or guarantees that regular financial providers can’t match (often with little apparent risk).
  • Cold calls from your bank or other financial provider, impersonating the fraud team asking for personal information to secure your account.
  • Social media scams (usually from fake profiles or businesses) demanding you take action and click links to avoid being locked out of your social media account.

Unsolicited or unexpected emails, texts, calls and other messages requesting any form of personal or financial information are all red flags to watch out for. Always verify who’s contacting you and make sure they really are who they say they are before you provide anything. Seemingly lucrative investment “opportunities”, especially from companies that you don’t recognise, can be pretty quick to verify by googling them. Check for reviews, see if you can find any third-party verification and keep your guard up. High-pressure tactics are common, as scammers often rely on a sense of urgency preventing their targets from having too much time to think through and assess the situation. Having outdated software running on any of your devices (especially computers) is another common issue, leaving you vulnerable to cyber-attacks.

Another way to keep your personal and financial data secure is to ensure you’re practising good online security habits. This can include enabling Two- Factor Authentication (2FA) for all logins (don’t put it in the “too hard basket”!) and proper password management. Always use strong, unique passwords for each login and never share your password details with anyone, even your family members!

If the worst happens, always report any scam to the relevant organisation or authority. In the case of investment or other financial scams, this includes the FMA which is the regulatory body of the financial industry. It may just help protect others in the community from falling prey to the same scam; a good deed indeed!