Man walking through a city street

Online scams and fraud

Your online security is important to us.Online scams and malicious cyber activity via email, text or through social media exploiting the spread of Covid-19 have been increasing globally. Obtaining your personal information and financial details is a common practice of online scams and we encourage you to stay vigilant. We are proactively monitoring the risk of customers being taken in by scams or other unauthorised or fraudulent schemes. Please see below some helpful information and tips to help protect yourself and your family.



Identity theft is the illegal access and deliberate misuse of someone’s identity, most commonly to gain unauthorised access to that person’s financial accounts.

To reduce the risk of identity theft you should:

  • Update your details through your online account or call your provider.
  • Secure your home’s letterbox, as criminals can use the personal details in your mail to gain access to your financial accounts.
  • De-identify or shred documents that contain personal information before discarding them.
  • Be wary of cold callers that are seeking information about your personal, banking or other financial information, especially your online access details.
  • Protect your passwords, do not share them with others and avoid using the same password for multiple websites.
  • Take care with the personal information you share on social media.
  • Notify Mercer immediately of any change to your name, address or other contact details.

If you think you may be a victim of identity fraud, please call us immediately on 0508 637 237 from 9am-7pm Mon-Fri.


Phishing is the most common method used for stealing a person’s identity. Phishing scammers may approach you by telephone or e-mail, pretending to be from well-known and reputable organisations such as banks, government departments, or companies you commonly deal with.

These scams are designed to trick you into handing over usernames/passwords, financial account information or credit card details.

A phishing email may contain a link to a hoax website that looks similar to the real organisation’s website.  It may also contain attachments or links infected with viruses or malware which once opened, allow the scammers to monitor your computer’s activities and capture your login information.

Phone scammers may ask you to reveal your login details due to an urgent issue that has occurred on your financial account.

Mercer will never ask you to disclose your access details.


  • Spelling, terminology, punctuation & grammar
    Letters and e-mails featuring spelling mistakes, unusual terminology or poorly constructed sentences can be an indicator of a phishing scam.
  • Sender’s email address
    The email address may be subtly different to that of the company the sender is claiming to represent, for example ‘’ instead of ‘’.
  • Generic greetings and sign offs
    Phishing emails are sent to large lists of recipients, often containing thousands of email addresses, and will feature generic greetings, like “Dear Mercer customer”, instead of addressing you personally.
  • Dubious links and fake websites
    Hovering over a link with your mouse will reveal the web address it is directed to.  This will enable you to decide if the email or website is legitimate.
  • Creating urgency
    Phishing emails will often express urgency to encourage you to click on a link or download an attachment in order to avoid a problem (such as impending account closure, or a stalled transaction requiring confirmation). Always evaluate an email carefully before taking any action.
  • Malicious attachment
    Attachments are given names that appear legitimate such as 'PDF’, ‘Office document’, or other types of everyday files.  But once clicked, the attachment will run a program or script which will infect your computer with scammer software.
  • Phishing by SMS
    Scammers are increasingly turning to SMS as a method of phishing for customer information. Always stop and carefully review an unsolicited text message before clicking any links in an SMS.
  • Social media
    Criminals use social media to gather personal information. Be careful when sharing your personal details with someone you’ve met online. Never provide your financial details to anyone via social media.

Received a fishy email, letter or text?
If you’ve received an email, letter or text message from Mercer and are concerned about its authenticity, please call 0508 637 237.

More information

You can find more information about identity fraud and phishing scams at the following websites:

The Department of Internal Affairs website 

New Zealand Police website 

Toll free: 0508 MERCER (0508 637 237)
From overseas: + 61 3 8306 0971
9.00am - 7.00pm

Monday - Friday (NZST/NZDT)

Write to us:

Mercer NZ, PO Box 1849
Wellington, New Zealand 6140

Commercial Bay

PWC Tower, 15 Customs Street West,
Auckland, New Zealand 1010
0508 637 237

Get directions