Frequently Asked Questions

Guide to staying safe online

We want to make sure access to your online experience is secure. To help you along the way we’ve put together some information we’d recommend you read...

Basic Online Security Tips

Keep your account secure:
  • Your email address and password are the key to your online account with us.
  • Never give out your password to anyone or write down anywhere.
  • Change your password regularly (this can be done in 'My Account').
  • Watch out for fraudulent (or 'phishing') e-mails that claim to be from us and ask you for your personal information or security details. We will never ask you for security details by email, and will never ask you for your password via any form of communication.
  • Double check the date you last logged in to make sure no-one else has used your details since. You can see this in the top right hand corner of your screen straight after you’ve logged in.

Keep your PC/device secure:
  • Install and maintain reputable anti-virus software.
  • Maintain a firewall on your PC to protect it from unauthorised access.
  • Ensure your computer software is always kept up to date, making the most of its built-in software (for example Windows Updates & Microsoft Security Essentials).
  • Ensure that you use the most up to date version of your browser. Most modern browsers will update themselves automatically if you allow them to.

Be Aware of Phishing

What is Phishing?

Phishing is a technique commonly used by fraudsters in an attempt to acquire sensitive information, such as your login details. Here is how a phishing scam typically works:

  • The fraudster sends out a fake e-mail that has been designed to look like it comes from a reputable source (such as us).
  • This e-mail asks for security details or directs customers to a counterfeit banking or commerce site.
  • At the counterfeit site, the fraudster asks the customer to enter their complete security details - password, security questions and so on.
  • These stolen security details are then used to commit fraud.

If you receive an e-mail requesting your security details do not reply and do not follow the instructions even if the e-mail suggests that you need to take immediate action to stop your account being frozen or it indicates that you may incur a fine if you don't. These are just tricks that the fraudster is using to manipulate you in to giving away your vital details.

If you suspect a phishing attack, call us at +64 (0) 9 306 3809 (NZ) or 1-800-150-689 (AU) or forward the suspect e-mail to

Browse Safely

Check the security of eCommerce sites:

Counterfeit (or spoof) sites are often used by fraudsters to lull you into a false sense of security. Following the steps below should ensure that the site you think you are using is actually a genuine secure site.

Be extra careful when using computers in public places:

As you cannot be certain about the security of public wireless networks or computers in public places (like an internet café or library) you should be cautious about using some online services. Never change your security details while using a public wireless network or a public computer.

Check for 'https' and the padlock:

Genuinely secured websites have web addresses (a.k.a. URLs) that start with 'https://' and display a padlock icon. The exact location of the padlock will vary depending on your browser.

Double click the padlock:

Double clicking the padlock icon that appears in your browser will display extra information. This will help you confirm that the site is genuine, including details on any valid security certificates the site holds. If the lock is not within its valid dates or has been issued to company details that you do not recognise, do not enter your security details and call us.

Check for SSL encryption:

We use SSL certificates provided by Norton (powered by VeriSign). This is the same technology used by the world’s 40 largest banks. Without SSL (Secure sockets layer) encryption, packets of information travel through networks in full view. Imagine sending mail through the postal system in a clear envelope. Anyone with access to it can see the data. If it looks valuable, they might take it or change it.

Always log out of secure sites:

Never leave your computer unattended when logged in to a secure website, ensuring that you log out/sign out properly when you have finished browsing.