This quarter, CERT NZ responded to 1,431 incident reports about individuals and businesses from all over New Zealand. This report shares information around these incidents as well as highlighting examples of work CERT NZ is doing to help. There are two parts to the report:
A Highlights Report focusing on selected cyber security incidents and issues.
A Data Landscape Report providing a standardised set of results and graphs for the quarter.
The average number of incident reports per quarter is 1,569 and average direct financial loss is $4.2 million. These figures are based on the previous quarters.
Number of incidents responded to
A total of 1, 431 incidents were responded to in Q1 2021.
Breakdown by incident category
Phishing and credential harvesting remains the most reported incident category.
Phishing and credential harvesting
Focus Area: Cutting the line on phishing campaigns
Phishing and credential harvesting is one of the most reported incident types to CERT NZ, making up 46% of all incident reports in Q1. In last quarter’s Highlights Report, we covered trends in phishing and credential harvesting and shared tips on how to protect against it. In this quarter’s focus area, we dive a little deeper into CERT NZ’s proactive work in disrupting these types of attacks.
How CERT NZ is working to disrupt campaigns and protect New Zealanders
What this means to New Zealanders
This process aims to stop phishing campaigns before they cause wide-spread harm. This means the more phishing information we can provide partners, the more phishing campaigns we can disrupt – and the better protected New Zealanders are.
What you can do
If you think you’ve received a phishing email, report it to
- We’ll provide guidance to make sure you and your accounts are not at risk.
- We’ll analyse the report for phishing indicators and use the findings to alert partners and notify other New Zealanders before they’re impacted.
Insight: CERT NZ working to reduce the impacts of COVID-19 vaccine scams
Alongside incident response, CERT NZ work to identify, understand and alert New Zealanders to possible cyber security threats, and provide actionable advice to help protect against them. The COVID-19 vaccination roll out is one example of this.
What to look out for
Attackers are opportunistic and are constantly evolving their campaigns to try and trick people into sharing their financial and personal information. The COVID-19 vaccine-related scams are no exception. Predominately email-related, some scams try to collect ‘payments’. Others are an attempt to collect login credentials asking recipients to enter personal information like usernames and passwords – this information is then often used to carry out attacks like email compromise.
In Q1, CERT NZ responded to less than 10 reports about COVID-19 vaccine-related scams. We anticipate the volume of the scams will increase, and vary in look and messaging. The easiest thing to remember is the COVID-19 vaccine is free. At no point will you be asked to pay for the vaccine, or pay for your place in the queue. If you are, it’s likely a scam.
If you think you’ve received a COVID-19-related scam, please report it to us.
Insight: Attackers target widely-used email servers
In Q1, CERT NZ received reports about attackers exploiting vulnerabilities on New Zealand servers running Microsoft Exchange – a widely-used email and calendar service.
Update: Unauthorised access
Simple steps can help New Zealand businesses keep cyber attackers out
In Q1, reports to CERT NZ about unauthorised access increased 18% from the previous quarter, with a direct financial loss of close to $1 million.