ITP Techblog

Brought to you by IT Professionals NZ
« Back to ICT Trends

Scams and fraud up in Q4 says CERT

Paul Brislen, Editor. 13 March 2019, 7:57 am

Kiwis are falling for online scams to the tune of $14 million last year, up from the year before, according to the government Computer Emergency Response Team (CERT).

The organisation's quarterly report, covering October through December, suggests the number of incidents reported to CERT has grown by 56% quarter on quarter with 1333 incidents recorded.

While some of this can be attributed to people and organisations being more aware of CERT's role, the figures still make for alarming reading as the number of scams and fraudulent activity make up half the reports received.

Direct financial losses from cyber security incidents were reported at $5.9 million; $4.9 million relating to scams and fraud reports, says CERT.

"This quarter we've seen criminals rapidly modifying their tactics to extort money and information. These efforts are paying off - in the last quarter of last year New Zealanders reported losses of over $5.9 million, and more than $14 million overall in 2018," says Rob Pope, Director CERT NZ.

"These scams are becoming increasingly professional, they generate a considerable amount of money so scammers evolve their approach and employ new methods to continue tricking people into paying up," says Pope.

While individuals make up the bulk of the reporting - 65% of incidents relate to individuals - more than one third relate to organisations coming under attack, including many businesses.

One "medium-sized New Zealand business" has been included as a cautionary tale following a malware incident.

"An employee had unknowingly clicked on a link in a phishing email that looked like a legitimate invoice from a standard accounting software service. Clicking the link loaded a webpage, where malware downloaded and infected the employee's computer."

Interestingly, CERT says when the employee access the company's online banking application, "the malware collected the login and two-factor authentication information and sent it to the attacker. The attacker used the information to access the real banking login page, while the employee was redirected to a 'site under temporary maintenance' page," suggesting a fairly high level of sophistication on the part of the attacker.  

The full report can be read here.


You must be logged in in order to post comments. Log In

Web Development by The Logic Studio