Business Email Compromise

ANZ customers should be aware of the various types of business email compromise (BEC) that are impacting businesses globally.  BEC involves the compromise of an email account through hacking or using a forged sender’s email address (known as spoofing) and a fake request for payment is sent to staff or clients. 

Once the money is sent it is very difficult to recover, and often travels through domestic bank accounts (using unsuspecting customers who are also being scammed) until it reaches an international account controlled by the fraudster.

In many cases the tone of the email (or attachment) is very convincing and can mimic previous interactions, such as using similar greetings.

BEC is estimated to have cost global business over USD 3 billion over the last 2 years and ANZ has been made aware of instances occurring in the Pacific region.

The main types of BEC are:

The New Zealand organisation Netsafe lists the following actions to help prevent BEC:

Further information can be found on the Netsafe website -

Email Phishing Scams

A reminder to ANZ customers to watch out for fake emails that look like they have been sent from ANZ.  This is known as 'phishing' and these emails are actually sent from fraudsters who want to trick you into giving them sensitive information like your internet banking username and password.

A phishing email may ask ANZ customers to confirm their account information by clicking on the link provided in the email or opening an attachment. Once the link is clicked or the attachment opened, a fake ANZ Internet Banking log on page appears and your account information may be captured if any of your details are entered.

Once they have these details they can use them to log into your Internet Banking session and steal money out of your accounts.


For more information on banking safely online, read our internet protection tips and hints.

Customers who have received a suspicious email and are concerned should contact the ANZ Internet Support Centre on +685 69999.

An example of a phishing email is provided below:

An example of a phishing email