We are aware of a sophisticated scam offering investment bonds and fixed term deposits, using the Heartland Bank brand. The scammers have developed a fake comparison website, email addresses and phone numbers. They have made phone calls to people claiming to work for Heartland and sent emails with links to their website with fake Heartland Bank branded product fact sheets and application forms.
Before you invest, please be diligent and act with caution when participating in investment offers. Do not reply to unsolicited emails or phone calls and always check that you’re applying through verified Heartland Bank channels before transferring any money. If you are unsure, hang up and contact Heartland Bank using our verified channels.
Heartland Bank will not contact you by phone to offer you any investment products, including bonds and term deposits (although we may call you about a deposit account you already have).
How to spot a scam and what you need to do if you suspect one
If you receive an email from an address which doesn’t end in @heartland.co.nz then it is not from Heartland Bank. If the email includes a link, hover over the link to check the URL. If the URL doesn't start with https://www.heartland.co.nz or https://digital.heartland.co.nz then this is not Heartland Bank's website.
If you are searching for term deposits online, then always check the URL of the web page which you land on. Never provide your personal details on webpages and online application forms which do not have an authentic URL.
Go to ownyouronline.govt.nz for more information about how to protect yourself online.
If you suspect you have been targeted by an investment scam or detect any suspicious online behaviour regarding any Heartland Bank products, please email the Heartland security team immediately at [email protected]. We will investigate your issue and advise you of the appropriate action.
How we protect you
We have a number of measures in place to help keep your account and data safe.
We will never ask you to disclose your user ID or password over phone, email or in person, nor will we send you an email with a link to online banking. We use HTTPS encryption throughout our websites to ensure that any communication, transactions or online application data between your browser and our websites is safe and secure.
How secure is the Heartland Mobile App?
- Sensitive data travelling across the internet between your device and our systems is encrypted twice*
- We will lock your account automatically if the incorrect password is entered too many times
- The app will time-out if it is left running with no activity
- We conduct security assessments of our app and supporting infrastructure to ensure that potential vulnerabilities are identified and addressed. These assessments are carried out by a third party that specialises in information security
- To let us know if the electronic device you use to receive the passcode for access to your online banking is lost or stolen, or if you become aware of any unauthorised use.
- To ensure your internet browser and/or devices are capable of supporting the encryption and other technical requirements of our online banking which we update from time to time, by updating your web browser.
- You shouldn’t use an electronic device which contains software that has the ability to compromise passwords, PIN codes and/or data (such as spyware).
Report a security issue
If you detect any suspicious online behaviour or email scams, please email our Heartland security team immediately. We will then investigate your issue and advise you of the appropriate action.
Email us at [email protected].