News - Essential expert tips to make sure you don't get scammed with online sales
Shopping online? Be sure to spot the lock symbol before the URL so you know it's a secure site.
Shopping online? Be sure to spot the lock symbol before the URL so you know it's a secure site.

Essential expert tips to make sure you don't get scammed with online sales

According to Netsafe, Kiwis lost $3.67 million to scams between April and June 2020. With online sale days like ''Black Friday', 'Cyber Monday' and Boxing Day sales just around the corner, that figure is set to grow, with cyber criminals lurking online and ready to rip off distracted shoppers.

Some retailers offer as much as 60 per cent off in the upcoming specials, but those savings will be quickly wasted if you fall victim to an online con. Netsafe estimates successful scams bag an average of $2,875 per person!

So how can we stay safe online, protect our data, and still make the most of some excellent discounts? We spoke with Ashwin Pal, Director of Cybersecurity at Unisys Asia Pacific, to find out how you can stay protected online.

Set yourself up for shopping success


The first step to secure online shopping is to start with the devices you use to shop.

We've all hit the 'remind me later' button when it comes to software upgrades, but the simple step of clicking 'update now' for apps, software and your web browser could save you from being hacked.

"Many updates address critical security issues as well as offer new features. Failure to update your devices may give criminals the opportunity to access your private data," explains Ashwin.

It's also important to make sure you create strong passwords. Many of us are guilty of using the same password across all our logins, but Ashwin reminds us that this can lead to multiple devices and applications being compromised.

"Use strong passwords that contain at least 8 characters with a mix of letters, numbers and symbols – and change them every three months. Always use multi-factor authentication for mobile device accounts, such as a PIN and thumbprint, or Apple ID where possible," Ashwin shares.


Don't provide too much personal information particularly identification data such as photos of IDs or credit card information unless you can positively validate the need for this. If in doubt, do not provide the information.

Be scam aware


Once your devices are set up, the next step is knowledge. If you are aware of the common scams, you're more likely to spot one while you are shopping.

For example, a common trap for online shoppers are cloned websites. These may look like the real deal, but the tell-tale signs of spelling errors or poor-quality images should have you double checking if you are on a legitimate website.

"To make sure you are on the site you want, and not a fake one, look for "https://www…" in the address bar. Note the 's,' means you are more likely to have a secure connection to that site. While there is no guarantee, people should NOT use sites without the 's' in http as this means all data is travelling unencrypted and can easily be sniffed," explains Ashwin.

He also recommends looking for the lock symbol, which should be visible before the website URL in the address bar.


"If you feel as though something is a little off – leave the site immediately. Always type in the URL, rather than click on a link, and when you are on the website, check for that trusty lock symbol," encourages Ashwin.

Cyber criminals also target shoppers through the postal service. A common scam doing the rounds sees Kiwis receive a fake NZ Post notification, claiming their parcel has arrived, but can only be released if they pay a fee. Never trust a notification like this, contact your local postal branch directly if you are concerned.

Another trick comes in the form of an email that appears to come from your lender. It could include a link sending you to a look-a-like website, asking you to input your personal details – something that Resimac would never ask you to. If you're ever unsure about any communications from Resimac, please contact the Customer Care team.

The cost of free Wi-Fi?


If you spot a good deal online while you're out and about, avoid using the public Wi-Fi, when you make your purchase.

Public Wi-Fi is not secure, and most hotspots won't encrypt your data, which means that your information could be plucked by cyber-savvy strangers.

"Anytime you enter sensitive information using a public network, you're making yourself vulnerable to identity theft. So, if you can, stay off the public network, or make sure your phone or laptop has protections, such as a Virtual Private Network or anti-virus software in place if you are going to use it," says Ashwin.


Create backups: Bad things can and do happen. Regularly backup important data so that you can recover these if your computer gets infected by ransomware. Never pay the ransom as there is no guarantee that you will get your data back.

And always remember, no matter the Cyber-Monday or Black Friday deal, it's never worth the price of an online scam!

The opinions expressed in this article are the opinions of the author(s) and not necessarily those of Resimac.

Back to top
panel clost button

I'm a customer

Get access to your accounts online.

System maintenance
We are currently experiencing technical issues with CustomerZone.
Please email for any urgent enquiries. During this time, your online account will not be accessible. We apologise for any inconvenience.

Continue application

Login and complete your application

Adviser login

Get access to your accounts online.

Due to planned server maintenance, our log-in page will not be available on Sunday 1st January between 4:00am and 7:00am NZST.

We apologise for any inconvenience caused.