8 Dec 2017

Cybercrime agency deals with $2m lost in scams

5:48 am on 8 December 2017

New Zealand's geographic isolation is no barrier to cyber attacks, with almost $2 million in losses reported to New Zealand's computer crime agency since it began operating in April.

A laptop displays a message after being infected by the NotPetya ransomware as part of a worldwide cyberattack.

A laptop displays a message after being infected by the NotPetya ransomware as part of a worldwide cyberattack. Photo: AFP

Over half of the 400 incidents reported to the Computer Emergency Response Team, Cert NZ, between July and September this year related to unauthorised attempts to obtain information such as usernames or passwords, and credential harvesting.

A third of them resulted in some form of loss.

Since it began operating in April, the agency has dealt with thefts totalling almost $2 million.

Cert NZ director Rob Pope said targeted invoice scams, in which scammers send out fake bills purporting to be from well known services such as Apple, Paypal and Trade Me, were on the rise.

He said scammers went to great lengths to make the invoices look legitimate, including copying information from company reports, which meant people could easily be taken in.

"People who may not check them carefully or feel it's coming from the person [purportedly] sending it think it's a legitimate interaction and they either push a button or pay an invoice and consequently money is lost."

In one case the police are investigating a scam which drew in a small New Zealand company.

Scammers imitated the details of a Chinese supplier the company regularly used, including using a very similar email address, and the company lost more than $300,000.

In another case, John Roberts was almost scammed when he received a call from someone claiming to be from his internet service provider who knew his account number.

They told him the ISP had received error messages from his computer and wanted to help him fix the problem but he became suspicious when he was asked what he used the computer for and hung up.

Mr Roberts said he subsequently had another problem with his real ISP, and the caller rang again with knowledge of that. He was persuaded to download some software but again hung up when asked about banking.

"They still had control of the computer, so I turned the router off thus breaking the link. I immediately got a call back from a very, very angry man asking why I'd disconnected it and I'm afraid I used some rather unparliamentary language."

"I then disabled the remote control software, deleted it and emptied it from the trash."

Mr Roberts said the caller was extremely plausible and even used the logo of his internet service provider.

"He sounded professional, he knew what he was talking about. He used all the right words and he knew my account number, that was really freaky."

Mr Pope has some simple tips to help people avoid being taken for a ride.

That includes changing passwords frequently, making them strong, and turning on two-factor authentication.

"It is also important to ensure operating systems... and security patch updates occur on a regular basis."

Mr Pope said people should check their privacy settings on social media and confine them to friends and relatives they trusted and knew, so their digital social footprint was reasonably contained.

Cyber safety group NetSafe director Martin Cocker, said those who fell victim to scams were not simply naive.

"For someone who has a number of other things to deal with during the day, becoming an expert on online safety or online security is not going to happen so I'm not sure that it's naivety."

For information go to Cert NZ. Anyone who fears they may be being targeted by scammers can call 0800 CERT NZ, 7am-7pm weekdays.

Get the RNZ app

for ad-free news and current affairs