When you go to the bnzmobile.co.nz website, it looks like the BNZ website (or at least a mobile version).
❗ Warning: This txt message is a scam to steal your BNZ online banking password. Do not enter your password into this website. Don’t even visit this website in case the website gives you a virus.
How do I know it’s a scam? Firstly it was a dodgy text. I’m not set up to receive such SMS messages when I receive payments, and what’s more, I don’t even bank with BNZ. Secondly, you can tell that bnzmobile.co.nz is a scam from a technical point of view: The site doesn’t have an SSL certificate (banks ALWAYS have an SSL certificate to prove that they are who they say they are). Lastly, when I did a whois lookup on the bnzmobile domain, the ownership details were sketchy.
I suppose if you are a BNZ customer, you will know that the bnz mobile website is actually http://m.bnz.co.nz.
General advice when dealing with electronic communications from banks and avoiding spam / scams: Don’t click on any links or open any attachments when you get a message that says it’s from a bank. If in doubt, contact the bank.