The face of cybercrime is changing as criminals target social networking sites and mobile devices, and a new report says New Zealanders are vulnerable.
Two-thirds of online adults have fallen victim to cybercrime, a number that will only increase unless people become more aware of their vulnerabilities, internet security experts say.
Norton's Asia-Pacific and Japan vice-president, David Freer, said people knew about the dangers embedded in emails, such as the infamous Nigerian scams, but those hazards were now five years old.
"But the problem is all the threats have moved on from that," Mr Freer said. "Many of the threats are in the social networks, which are the new email ... and social networks have the advantage of working in a trusted environment so people believe links their friends send them."
Sixteen per cent of social network users in New Zealand have been victims of social cybercrime and 13 per cent reported someone had hacked into their profile and pretended to be them. The two main forms of the online scams are either for monetary gain or to collect personal details to "create mischief".
Norton's annual cybercrime report estimated more than 900,000 New Zealanders fell victim to online criminal activity in the past 12 months, totalling more than $462 million in direct financial losses.
The worldwide survey interviewed a representational group of 500 New Zealanders about their cybercrime experiences and multiplied it to match the population.
Year on year they had seen a doubling in the number of threats.
Mr Freer said people needed to be aware of the fact that cybercrime had moved to social networks and mobile devices.
New Zealanders also needed to be more vigilant with changing their passwords and choosing secure combinations. In the past year, 34 per cent have been notified to change their password because it or their privacy had been breached.
NetSafe's chief executive Martin Cocker said the most secure passwords included a combination of letters, numbers and symbols.
Not stranded, just hacked
An anonymous overseas hacker broke into Reuben Simpson's email and PayPal accounts, sending hundreds of messages to all of his contacts.
They were told to send money because Mr Simpson was stranded in England and needed to get home.
"At first I had no idea what was going on," he said.
The 19-year-old, from Beach Haven, had the bright idea to search his email account on Google and found it posted, along with his password, on a foreign website.
Mr Simpson, a university student and jazz singer, was one of thousands who had their privacy breached by Google in 2009, the time of his cyber attack.
Once he worked out what had happened, he quickly contacted Google so he could regain access to his gmail account and called PayPal. He didn't lose any money and none of his con-tacts believed he was stuck in England.
* 900,000 victims a year
* 2465 victims a day
* 1.7 victims a minute
* 6 out of 10 online adults have been victims of cybercrime
* $462.9m lost in cybercrimes/year.
19% of mobile users received a text from someone they didn't know requesting they click on an embedded link or dial an unknown number to retrieve a "voicemail".
On social networks
* 39% have fallen victim to cybercrime on a social media platform.
* 10% have fallen victim to a scam or fake link on a social media platform.
* 13% have had someone pretend to be them on their online profile.
How we respond
* 91% delete suspicious emails from people they don't know.
* 82% have at least a basic antivirus programme.
77% don't open attachments or links in unsolicited emails or texts.
* 44% don't use complex passwords or change them regularly.
* 45% send personal photographs via email.
* 19% send bank statements.
* 36% send work-related documents and correspondence.
* 13% send passwords for other online accounts.