It was another Wednesday morning when my phone began bursting with email notifications. Almost every online account I had was asking me to reset my password or verify my personal information. Yet I had not requested a single change. It quickly clicked. My data had been leaked, and scammers were targeting me.
What followed was a day of frantic password changing, contacting loved ones, and slashing my digital footprint. One moment left me truly startled: as I went to change my Facebook password, the hackers intercepted me, very nearly succeeding in their plan. A back-and-forth ensued. Thankfully, my persistent password changes eventually tired the hackers. A week on and I’m still on edge that another wave of attempts to infiltrate my online accounts is coming.
My personal digital data has likely been exposed in an online leak. Email phishing is a type of scam in which someone attempts to obtain your personal information. They compile a long list of email accounts to target and send out fake emails to all of them, hoping that some will fall for the scam. Sometimes, the data may be made available for purchase and download on the Dark Web, the underground corner of the Internet frequented by cybercriminals. Sometimes organisations see their data compromised. The release of data through human error or the theft of confidential information are the two most likely reasons why these scammers received my email.
Privacy breaches are distressing. Take it from me, someone who has written several Plus Living articles about scams and considers himself quite tech-savvy. I had to take my own advice: to pause, analyse the emails carefully, and only open attached documents and links if I expected them. I also searched the Internet using the exact phrases and senders found within the emails to see if they were associated with any scams.
Had the scammers succeeded in their mission, they would likely have started impersonating me online. They might have eventually hustled their way towards more confidential information, namely, my bank account number and other key financial data. Though it seemed like they were personally targeting me, the reality is the scam is anything but. Hundreds, if not thousands, of people were likely hit with the same onslaught of emails at the same time. Only a mere handful would need to fall for the scam for it to be profitable.
It’s an all-too-common occurrence. Netsafe reported in 2024 that six in every ten Kiwis deal with a scam at least once a month. The digital safety not-for-profit encourages New Zealanders to be cautious of emails that seem too good to be true, contain spelling mistakes or use odd-looking links and unfamiliar sender addresses. Legitimate companies are unlikely to pressure you to act urgently or contact you from a Gmail or Outlook account, but from their own domain.
Yet, of those six in every ten Kiwis, more than two-thirds don’t report it to the law. Since I was a victim of this attack, I’ve also called 105 to report that my identity has been stolen, contacted my bank to keep them especially alert to any suspicious activity and reached out to online stores where I have recently provided my bank information. At the very least, reaching out to Netsafe and similar digital safety organisations safeguards and soothes.
My experience is far from unique. “Being scammed is a horrible experience for everyone, but the impact on young people’s confidence levels can be particularly severe,” says Jessica Channing, Westpac’s financial crime intelligence manager. “We want to encourage all Kiwis to talk to the young people in their lives about how to avoid scams, and if they have been scammed, reassure them that it can happen to anyone.”
This entire situation has opened my eyes to the reality of digital scams. I’m 27 years old, and maybe I needed humbling. I now realise how easily I’d slipped into the stereotypes of my generation. Although older adults are more likely to lose money and data from a single scam, they are significantly less likely to be scammed than young people. I think age-based assumptions are slowly fading from popular belief, though. Society is quickly realising how digital life depends so heavily on trust, in companies, platforms and ourselves. We trade our privacy for convenient and personalised online content every day without a second thought. That must change.
Thanks to this wake-up call, my passwords have never been stronger and more unique. I have set up two-factor authentication, which is an extra layer of protection. I’m now hyper-critical of the emails I receive. My social media settings are all up to date. And I am proud to have never saved my card details on an online store. Awareness and vigilance are our best defence against cybercrime, not paranoia and ignorant hope that all will be well. Scammers will always adapt, but so can we.
SPONSORED
