| 1 | Don't click on anything.
It is very convincing. Kiwibank were unaware of the scam.
The links go to
click.communication.kiwibank.c-
o.nz
which Kiwibank claims is not associated with Kiwibank. (I bet it is!) Edited by trade4us2 at 7:47 pm, Fri 4 Jun trade4us2 - 2021-06-04 19:43:00 |
| 2 | I had one a month ago from Kiwibank which is absolutely legit Subject was - How are we doing?
sent from - no-reply@communication.kiwiban-
k.co.nz kiwibank.co.nz is their domain, so the link you listed is 100% kiwibanks... Can't guarantee anything about the email you received but they absolutely do send out legitimate survey emails... What I can also say is that counter/call center staff can't always be relied upon for factual information, they may be saying it's scammy just to cover their butts... Edited by king1 at 9:14 pm, Fri 4 Jun king1 - 2021-06-04 21:13:00 |
| 3 | I can't see much wrong with the email. They used my correct name, and knew about my recent investment with them. I can't see anything wrong with the IP addresses. The only thing wrong was that their survey had expired.
Anyway I am running Linux which is usually immune to hacking.
And Kiwibank's sign in is the best possible system. It is immune to key loggers. trade4us2 - 2021-06-04 21:24:00 |
| 4 | Its an Aussie site... tohwe - 2021-06-04 21:26:00 |
| 5 | trade4us2 wrote:
I can't see much wrong with the email. They used my correct name, and knew about my recent investment with them. I can't see anything wrong with the IP addresses. The only thing wrong was that their survey had expired.
Anyway I am running Linux which is usually immune to hacking.
And Kiwibank's sign in is the best possible system. It is immune to key loggers. Linux is NOT 'immune to hacking' and nearly all scam emails rely on the end user to click links that take them to fake login page or in some other way get those details from theirc target. If the bank used your real name and account number on any email it will not a scam. As for immunity from key loggers these are extremely unusual anyway. Edited by nice_lady at 9:40 pm, Fri 4 Jun nice_lady - 2021-06-04 21:38:00 |
| 6 | trade4us2 wrote:
I can't see much wrong with the email. They used my correct name, and knew about my recent investment with them. I can't see anything wrong with the IP addresses. The only thing wrong was that their survey had expired.
Anyway I am running Linux which is usually immune to hacking.
And Kiwibank's sign in is the best possible system. It is immune to key loggers. I would imagine surveys expiring is not unusual, they probably have to close them off once the contract is up....
You should probably also stop thinking anything is immune, it encourages complacency. It's more useful to think along the lines of nothing is immune to anything, and the user is usually the greatest risk to any system... Edited by king1 at 9:48 pm, Fri 4 Jun king1 - 2021-06-04 21:46:00 |
| 7 | I just forwarded the survey email to suspicious.email@kiwibank.co.n-
z to see if its legit or not. Reason being I really want to give some feedback to kiwibank as their online banking communications is lacking. 5-6 days before I get a response now. tohwe - 2021-06-05 10:23:00 |
| 8 | tohwe wrote:
I just forwarded the survey email to suspicious.email@kiwibank.co.n-
z to see if its legit or not. Reason being I really want to give some feedback to kiwibank as their online banking communications is lacking. 5-6 days before I get a response now. Kiwibank are claiming that the email is a scam, and that nobody else is affected. We will see about that. trade4us2 - 2021-06-05 13:20:00 |
| 9 | trade4us2 wrote:
Kiwibank are claiming that the email is a scam, and that nobody else is affected. We will see about that. unless you are talking to someone high up in the IT department at Kiwibank I wouldn't be putting too much stock in what 'Kiwibank' says about it, one way or the other... they just don't know, so are erring on the side of caution... Edited by king1 at 1:29 pm, Sat 5 Jun king1 - 2021-06-05 13:29:00 |
| 10 | trade4us2 wrote:
Kiwibank are claiming that the email is a scam, and that nobody else is affected. We will see about that. You said in a post above: trade4us2 wrote:
used my correct name, and knew about my recent investment with them. . did they also include your account number ?
If so then it's unlikely to have been a scam - perhaps merely an error on their part in sending an expired survey ? And how would any scammer know
Your correct name
Details of your recent investment with them
Your account number, (If they did include this). and if someone, a scammer, did indeed know this info how would they have found out ? And if you did go to that link in the email were you required to enter username/password/account number/login details ?
If so then IT's a SCAM for sure. If not and it was just a survey then I can't comprehend how anyone was going to scam you ? nice_lady - 2021-06-05 13:44:00 |
| 11 | The remaining question: is
click.communication. kiwibank.co.nz
a legitimate URL for Kiwibank? They say that it is not valid.
I had to put a blank in the middle so that Trademe didn't try to hyphenate it. Edited by trade4us2 at 2:00 pm, Sat 5 Jun trade4us2 - 2021-06-05 13:59:00 |
| 12 | The question for you is: Did you click it ?
Where did it take you ?
Did it ask for log in or account details ? Did the email also contain your account number ? nice_lady - 2021-06-05 14:24:00 |
| 13 | trade4us2 wrote:
The remaining question: is
click.communication. kiwibank.co.nz
a legitimate URL for Kiwibank? They say that it is not valid.
I had to put a blank in the middle so that Trademe didn't try to hyphenate it. of course it belongs to Kiwibank, they've had their website on that domain for 20 years...
https://dnc.org.nz/whois/whois-lookup/?domain_name=kiwibank.
co.nz#Form_show any subdomains are part of the top level domain... Edited by king1 at 2:50 pm, Sat 5 Jun king1 - 2021-06-05 14:47:00 |
| 14 | https://dnc.org.nz/whois/whois-lookup/show/#whoisList
click.communication.kiwibank.c-
o.nz (Domain is not managed by this register) Edited by trade4us2 at 2:58 pm, Sat 5 Jun trade4us2 - 2021-06-05 14:56:00 |
| 15 | Answer the questions at #12. nice_lady - 2021-06-05 15:06:00 |
| 16 | trade4us2 wrote:
https://dnc.org.nz/whois/whois-lookup/show/
#whoisList
click.communication.kiwibank.c-
o.nz (Domain is not managed by this register) the domain is the "kiwibank.co.nz" bit...
anything before that (ie communication) is a subdomain which is part of the configuration of the "kiwibank.co.nz" domain... anything else like
www.kiwibank.co.nz,
mail.kiwibank.co.nz,
pop.kiwibank.co.nz,
communication.kiwibank.co.nz is owned/setup/configured by, the domain Registrant ie Kiwibank Limited, 20 Customhouse Quay, Wellington (or there IT provider) Edited by king1 at 3:59 pm, Sat 5 Jun king1 - 2021-06-05 15:56:00 |
| 17 | The person at the Kiwibank 0800 call centre checked with his supervisor and said that Kiwibank has no surveys at the moment, and that click.communication .kiwibank.co.nz
is not a Kiwibank URL.
So either Kiwibank is wrong or all of you are wrong. (I think it's Kiwibank!)
I shall phone Kiwibank next week and talk to a senior manager. Any Kiwibank employees reading this should warn their management. - - - - - -contents of email - - - - - - - - -
Kia ora xxxxx,
Here at Kiwibank, we're always looking for ways to lift our game. We'd like to hear your thoughts on things we're doing well, and areas where we could improve. Recently you opened or reinvested your Term Deposit. We'd appreciate it if you could complete this two-minute survey – it may be short, but it'll go a long way in helping us provide top-notch banking services.
To say thanks for taking the time to provide feedback, we’re offering you the chance to win a rather handy $500. Simply respond before 11 June 2021 to be in the monthly draw. Conditions of entry apply to this competition.
Take the survey
If you have additional feedback, please get in touch. We're all ears! NgÄ manaakitanga / Best wishes, Kiwibank trade4us2 - 2021-06-05 16:10:00 |
| 18 | Did I mention call center staff have no clue...
https://www.kiwibank.co.nz/about-us/have-your-say-banking-ne
w-zealand/ if you aren't convinced by now I can't help you... Edited by king1 at 5:36 pm, Sat 5 Jun king1 - 2021-06-05 17:24:00 |
| 19 | I quit. I sick of asking the same questions. nice_lady - 2021-06-05 17:34:00 |
| 20 | trade4us2 wrote:
Don't click on anything.
It is very convincing. Kiwibank were unaware of the scam.
The links go to
click.communication.kiwibank.c-
o.nz
which Kiwibank claims is not associated with Kiwibank. (I bet it is!)
Not convincing at all, and why should they be aware of every scam out there. Commons sense is sadly lacking these days. lythande1 - 2021-06-05 17:49:00 |
| 21 | nice_lady wrote:
I quit. I sick of asking the same questions. I am waiting to speak to a Kiwibank manager next week.
Yes I did click on the link. Everything looked OK. The link said that the survey had closed. At that point I phoned Kiwibank, and what they said made no sense. I did a post here in case anyone else got the email.
No it did not have an account number or ask me to log in.
I suspect the email is genuine and Kiwibank have stuffed up. Edited by trade4us2 at 5:58 pm, Sat 5 Jun trade4us2 - 2021-06-05 17:54:00 |
