Protect yourself
Kia pare i a koe i te uru koremana

Protect yourself from unauthorised access

There are basic steps you can take to prevent unauthorised access to your device, accounts or system.

What it is

Unauthorised access is when someone accesses systems, accounts or information online that they don't have permission to access.

Learn more about unauthorised access

How to protect yourself

  • Be cautious about giving out personal information

    Stop and check before you give out any personal information. Make sure you know how the companies you deal with will contact you, and know what kind of information they’ll ask you for. For example, a bank will never email you with links to online banking and ask you to log in.

    If you’re not sure why you’re being asked for information, call the company directly to check what they want it for. Businesses are legally obliged to only ask for information they need.


  • Use strong, unique passwords and turn on 2FA

    Choose unique passwords or passphrases for your online accounts — don’t use the same password for every account you have. Consider using a password manager to manage them.

    Turn on two-factor authentication ( ) for your online accounts.

    Make sure that the answers to your account recovery questions aren’t easy to guess – your answers don’t need to be true, just something that you can remember.

    How to create good passwords

    Use two-factor authentication to protect your accounts

  • Keep up with your updates

    When you’re alerted to an update for your or one of your apps, don’t ignore it — install it as soon as possible. You can set this up to happen automatically with Windows and a lot of other applications like Office.

    Keep up with your updates

  • Protect against malware

    Malware like viruses or ransomware can destroy your files, lock you out of them, or steal credentials from your devices. software can help you detect and remove viruses from your computer system before the virus has a chance to do any damage.

  • Only use networks you trust

    Be cautious when connecting your computer to unsecure networks like free WiFi or internet cafés.

    Connecting to untrusted networks can make it easier for attackers to find vulnerabilities in your device, or to intercept, read, or modify unsecured network traffic from your device.

Get help

What to do if your device, account or network has been accessed without your authorisation.

Change your passwords and turn on 2FA

Change the password for any accounts that were accessed without your permission, and turn on 2FA so they're harder for others to access in the future.

When you change your password, most services will disable sessions that are still active (for example, places you chose 'keep me logged in' when you logged in) – but you should always check to make sure. Some providers, like Google and Facebook, will show you everywhere you have logged in sessions and let you cancel sessions on different browsers or devices remotely.

Log out of Facebook on another computer, phone or tablet – Facebook

See devices with account access – Google

If you think personal or financial details might have been exposed

Contact the service provider for any online accounts you think might have been accessed — for example your bank or your email provider. Let them know what’s happened and ask what they can do to help.

Get a free credit check done. This will let you see if any accounts have been opened in your name. There are three main credit check companies in NZ, and you’ll have to contact all of them. You can ask to have your credit record corrected if there’s any suspicious activity on it.

How to get a credit report in NZ 

Report the issue to CERT NZ

You can also report an online issue or security incident to us at CERT NZ.

Report to CERT NZ