The Waka Kotahi NZ Transport Agency (NZTA) is often used by scammers to trick people into giving away their personal details or paying money. There are several versions of the NZTA phishing scam and the following information will help you identify the common red flags – and explain what to do if you’ve fallen for an NZTA scam.
What are phishing emails and why do they target the NZTA?
Phishing emails impersonate legitimate organisations to try and get personal information (such as credit card details and passwords) from a large audience. Often the scammer will ask you to update your details, make a payment or another request that gives them access to your personal information.
Here in New Zealand, phishing emails commonly impersonate the NZTA as most of the populations has a drivers licence and/or a car registration. With NZTA phishing emails, the most common emails will ask you to renew your rego.
The scammers are persistent and as soon as one phoney website is taken down than another appears. So it’s worth knowing some of the signs to look out for.
How can I spot an NZTA phishing email?
The NZTA scam emails often look legitimate so it’s worth knowing a few things:
- Genuine NZTA emails will always use an email address that ends with @nzta.govt.nz or @reply.nzta.govt.nz
- NZTA will never ask for your drivers licence details when renewing your vehicle licence or rego.
- Genuine emails will always include specific vehicle details e.g. vehicle plate number, vehicle make or the expiry date of your current vehicle licence
What to do if you’re not sure if your NZTA email is genuine?
If you are ever unsure if an email from NZTA is legitimate, instead of following the links in the email, you should check the expiry dates for your drivers licence and car registration on the NZTA website. You can also check the NZTA website to see what scams are pretending to be from the NZTA.
Have you received the NZTA phishing email?
If you’ve clicked on the link in an NZTA phishing email:
- Use a free online scanner to check to see if any threats (e.g malware) has been installed on your device. Netsafe can’t recommend a particular product but we have listed some options here from well-known, reputable companies.
For PC: ESET online scanner or Kaspersky Virus Removal Tool. After this scan has been completed, you can run Malwarebytes Anti-Malware free edition.
For Mac: Bitdefender Antivirus for MAC or ESET Cyber Security for Mac or AVG Antivirus for Mac are also good alternatives.
- If you’ve entered your driver licence details, you will need to arrange a replacement through NZTA. You can do this online or through an approved agent.
- If you’ve entered your credit card or banking details, you should contact your bank and replace your card.
- If you’ve provided any other personal information, use the Identity Theft Checklist as a helpful guide on what could happen with the information you provided. If you believe you were exposed to identity theft, we recommend you contact iDCare as they provide free help and support.
If you’ve received an NZTA phishing email and haven’t opened it:
- Mark the email as junk. When an email is marked as junk, your email filter will learn to redirect similar emails away from your inbox
- Report this scam to NZTA using their webform
REPORT A SCAM
Netsafe can’t open investigations or track scammers, but we can offer advice and use the information you give us to help track how this scam evolves, which in turn helps educate people about scams and aid those affected. You can report a scam to www.netsafe.org.nz/report.