Fraud, scams and security

Protecting you from fraud and scams

At Heartland, your financial security is our top priority. Everyone is vulnerable to being scammed, regardless of age, gender or academic ability. Fraud and scams are constantly evolving, and becoming harder and harder to recognise, so we're committed to providing you with the information and tools you need to stay safe.

Help

If you suspect fraud, a scam, or a security issue with your account, please take steps to report it as soon as possible.
Contact Customer Service
0800 85 20 20 or +64 9 927 9641
(Mon – Fri between 8.30am – 5.00pm)
Email support*
[email protected]
Westpac manages ATM/EFTPOS card services
To report lost or stolen cards: 0800 888 111 (24/7) or overseas: +64 9 914 8026 (24/7)
Outside of our normal opening hours, we will respond on the next working day.
For non-urgent matters, you can send us a secure message any time via the Heartland Mobile App*
*Responses to secure messages and emails will be between Mon-Fri between 8.30am – 5.00pm.
Stop communication

Do not reply to messages from the suspected scammer. Save screenshots or photos of the messages, then block the number, email address, or social media account (after reporting the account to the app provider).

Refer to the DIA identity fraud checklist

If remote access was given to your computer or mobile device:
Power off the device and seek professional assistance.
Stay logged out and do not use the device until it has been checked and cleaned by a specialist.
Notify family and friends and inform anybody that shares your account (joint accounts) to avoid identity theft.
Use another (safe) device to:
  • Change all passwords starting with any accounts that do not have MFA enabled, including your email, social media and bank account passwords.
  • Use a password manager to generate a passphrase with a mix of characters (e.g. 8small!BeetlesL0ver-).
  • If you receive any unexpected access authorisation messages, select the "Deny" or "This was not me" option, and change your password immediately.
  • Review bank accounts and statements for any transactions you did not authorise.
  • Notify any other financial institutions or banks you use.
  • Collect information: save any details related to the incident, such as transaction records, email addresses, phone numbers, or messages.

Report the issue to CERT NZ, and if funds were stolen, the Police by calling 105.

  • Forward a text/SMS message to the Department of Internal Affairs on 7726.
  • Forward any email to CERT NZ at [email protected].

More information about what to expect from Heartland is on the Have you been scammed? page.

If you have identified a potential security vulnerability related to our systems or services, we encourage you to report it to our Cyber Security Team.

Contact our Cyber Security Team via email at [email protected].

To assist us in investigating your report efficiently, we recommend including the following details in your email:

  • The affected product or service, including relevant URL(s),
  • Your name and contact information,
  • If you prefer not to share personal details, you may report anonymously or use a pseudonym,
  • The date, time, and time zone when the issue was identified,
  • The IP address used when you discovered the issue.

We appreciate your efforts in helping us maintain the security and integrity of our services.

How can we help?

Have you been scammed?
Understanding more about scams
Scam types
Online security
Confirmation of Payee