The incident is the latest in a series in New Zealand, and believed to be one of the largest amounts sent offshore.
In September, Internal affairs sent a warning about the fraud, saying five other companies had also been involved.
The amount of money to be transferred varied, with transfer requests ranging from $24,500 to $89,400. In most of the reported cases the chief financial officer or accountant had become suspicious before the funds were actually transferred.
Martin Cocker, Netsafe Executive Director said the scam had since continued unabated with reports coming in once every couple of days. Most of those were near-misses, but there had been a handful of other successful cons, he said.
"This is definitely a significant issue for businesses. The reason is because there is a lot of info about businesses and the people who work in them in the public domain so the cyber criminals have all the info they require to launch sophisticated attacks."
Mr Cocker said the scammers read business websites, Facebook and LinkedIn to work how who knows who, and who worked where.
They also had access to huge databases that had been leaked illegally, meaning they were able to effectively able to target individual people with expert knowledge.
The success of the scam depended on the actions taken within the businesses and the alertness of staff, he said.
He warned businesses with a more "relaxed practice of communication" were more likely to be targeted.
"Internal cross-checking is the thing that can prevent losses. Most businesses should have a form of double-checking and not using email as a request to make a payment of large sums of money," Mr Cocker said.
He asked that people reported every serious incident to Netsafe, as he suspected a large number were going unreported.
Te Wananga o Aotearoa chief executive Jim Mather said there were efforts underway to retrieve the funds. The full amount was frozen in an account in Hong Kong. Police had been notified, he said.
"An independent external audit of our IT systems was undertaken which identified that our security settings and other controls were appropriately set," Mr Mather said. "We have re-emphasised to staff the necessity for strict adherence to our accounts payable policies and procedures."
Mather joined the wananga in 2013 from Maori Television.The wananga was established in 1984 and operates from 80 locations, with around 30,000 students.
Whaling: What to look for
• If you are being asked to urgently transfer funds by email or other electronic means, be wary even if the email address appears legitimate. It is best to check with the purported sender in person or over the phone to ensure the transaction is legitimate.
• In four of the five cases reported to Internal Affairs, the companies' staff names and positions were freely available on their website. While this information assists your customers in knowing how to contact you, be aware that it also makes it very easy for scammers to know which staff to target for whaling attacks.
• If you have received an electronic message which you believe may be an attempt at a whaling attack, report it to Internal Affairs by forwarding it to scam@reportspam.co.nz.
• However, if you have transferred funds as a result of a whaling attack, immediately contact your bank and inform them of the situation. The fraudulent transaction should also be reported to the New Zealand Police.
