As scams grow increasingly sophisticated, more realistic and harder to detect, a leading global information technology company is warning Kiwis that suspicious emails and dodgy links are no longer the only warning signs to look out for.
A spam email purporting to be from NBR Te Ao Māori editor and senior journalist Mike McRoberts was sent to subscribers of the business news service early this month.
In a follow-up to recipients, NBR warned that the email was a “sophisticated phishing attempt designed to steal personal information” and urged them not to open any attachments and to delete the malicious email immediately.
Mark Graham, HP’s Australia and New Zealand senior manager, told the Herald that with such impersonation scams on the rise, Kiwis needed to be aware of swindling tactics that are increasingly slipping through security systems and can be much harder for busy individuals to spot.
“Impersonation is one of the most effective tools in a cybercriminal’s kit ... We are increasingly seeing attackers tailor their campaigns to specific regions, languages or well-known individuals, because it makes the scams more believable.”
For years, phishing emails contained glaring red flags like spelling mistakes, fake links and urgent payment requests.
“What we’re now seeing are ultra-polished scams that exploit trusted brands and everyday file types like invoices, PDFs or images.”
One fraud campaign embedded malicious code within the familiar Adobe Reader software, Graham said. It displayed a moving progress bar to deceive the recipient into believing it was an authentic file.
Another common tactic has been to manipulate legitimate operating system tools already found on computers – a style of attack coined “living off the land”.
Graham said security software was often unable to discern the difference between normal computer activity and a malicious attack “because the tools themselves are genuine”, which makes these copycat scams “both more convincing and more dangerous”.
HP’s threat research had also identified “geofence” attacks being used to exclusively target German-speaking countries and avoid detection – something that could be applied in NZ, given “local names and institutions carry a high degree of trust”.
He said scammers were ultimately after “access and control”, pursuing anything from login details and financial information to saved browser credentials and business files.
“From there, attackers can empty bank accounts, impersonate you to trick others, or sell stolen data.
“For businesses, this can also open the door to ransomware attacks or data breaches, which risk major financial loss and reputational damage.”
If you happen to fall victim to an impersonation scam, the first step is not to panic but to act quickly, Graham said.
“Disconnect your device from the internet to prevent the attacker from communicating with it further.
“If you’re at work, contact your IT or security team straight away so they can isolate the device and check for signs of infection.
“For personal devices, run a full antivirus or endpoint security scan and change any passwords you may have entered recently.
“If you think sensitive information has been exposed – including bank or credit card details – notify your bank immediately.
“The quicker you act, the less chance the attacker has to cause damage.”
A few simple habits can help Kiwis stay one step ahead:
Tom Rose is an Auckland-based journalist who covers breaking news, specialising in lifestyle, entertainment and travel. He joined the Herald in 2023.
Sign up to The Daily H, a free newsletter curated by our editors and delivered straight to your inbox every weekday.