Skip to main content

Scammers never go on holiday

You may have had a nice holiday, but scammers never take a break. In fact, in the last few months there has been a significant rise in the number of reported scam incidents.

New Zealanders, including businesses, reported 492 scams online at The orb reporting site in November 2015 — up from 289 in November 2014.

And the reported losses totaled $1,309,095 — a large increase from $510,944 lost in November 2014.

NetSafe, an independent non-profit organisation that promotes safe online use, says website defacement, denial of service attacks, and compromised accounts were all reported last month.

Read our steps on how to avoid fraudsters and the top five current threats.

Read our steps on how to avoid fraudsters and the top five current threats.

Small business owners were among victims who reported spear phishing and whaling emails, where hackers target specific “big fish” people in a company.

The emails often include links to websites hosting malware or carrying malicious .pdf, .jar and .zip files. Don’t click on any links in unsolicited emails or from addresses you don’t recognise. NetSafe's website (external link) has tips on how to avoid email accounts being hacked.

NetSafe says there was a notable rise in "IRD refund" and "government grant" cold calls last month. Inland Revenue has advice on what to do if you have been scammed (external link) by a fake Inland Revenue email or website.

And there have been repeated warnings (external link) about the NZ Funding Grants website which has tricked many small firms into paying fees to find grants are non-existent.

Here are some other recent examples of scams reported last month:

As you can see from the list below , it’s very important to keep an eye out for any activity that looks a bit suspicious, such as unusual invoices, odd email addresses, demands for urgent payments or requests for you to log into websites.

  • Small business websites being cloned and used to recruit money mules via fake job adverts. A North Island agricultural equipment supplier found their site had been duplicated under a .uk domain and was being hosted in Russia.
  • Business email being compromised, with several companies finding the attackers had recently registered .nz domains very similar to their genuine URLs to increase the chance of staff processing payment requests. A total of $234K was lost through these scams in November.
  • A company in Christchurch handling earthquake payouts was among the victims with funds channeled to an NZ-based mule.
  • One small business owner reported that their website database had been hacked with scam emails sent to all customers. One customer lost $14,500. The business also reported that the hacker demanded a $50,000 (USD) ransom to not publish the compromised data online. NetSafe alerted the Police Cybercrime Unit about this and the business owner was told not to pay the ransom.

Connect Smart (external link) , led by the government’s National Cyber Policy Office, has a toolkit for small businesses on how to protect your business online.

Consumer Protection (external link) also has a section on how to protect your business, and what scams to watch out for.

How helpful was this article?