You may have had a nice holiday, but scammers never take a break. In fact, in the last few months there has been a significant rise in the number of reported scam incidents.
New Zealanders, including businesses, reported 492 scams online at the orb reporting site in November — up from 289 in November 2014.
And the reported losses totaled $1,309,095 — a large increase from $510,944 lost in November 2014.
NetSafe, an independent non-profit organisation that promotes safe online use, says website defacement, denial of service attacks, and compromised accounts were all reported last month.
Small business owners were among victims who reported spear phishing and whaling emails, where hackers target specific “big fish” people in a company.
The emails often include links to websites hosting malware or carrying malicious .pdf, .jar and .zip files. Don’t click on any links in unsolicited emails or from addresses you don’t recognise. NetSafe’s website has tips on how to avoid email accounts being hacked.
NetSafe says there was a notable rise in “IRD refund” and “government grant” cold calls last month. IR has advice on what to do if you have been scammed by a fake Inland Revenue email or website.
And there have been repeated warnings about the NZ Funding Grants website which has tricked many small firms into paying fees to find grants are non-existent.
Some other recent examples of scams reported last month include:
- Small business websites being cloned and used to recruit money mules via fake job adverts. A North Island agricultural equipment supplier found their site had been duplicated under a .uk domain and was being hosted in Russia.
- Business email being compromised, with several companies finding the attackers had recently registered .nz domains very similar to their genuine URLs to increase the chance of staff processing payment requests. A total of $234K was lost through these scams in November.
- A company in Christchurch handling earthquake payouts was among the victims with funds channeled to an NZ-based mule.
- One small business owner reported that their website database had been hacked with scam emails sent to all customers. One customer lost $14,500. The business also reported that the hacker demanded a $50,000 (USD) ransom to not publish the compromised data online. NetSafe alerted the Police Cybercrime Unit about this and the business owner was told not to pay the ransom.
As you can see from the above list, it’s very important to keep an eye out for any activity that looks a bit suspicious, such as unusual invoices, odd email addresses, demands for urgent payments or requests for you to log into websites.