New Zealanders reported losses of $6.6 million to CERT NZ in Quarter Four, with the highest amounts of direct financial loss in the scams and fraud category.
Roughly a third of that ($2.3m) came from scams relating to buying, selling or donating online. Other scams added up to an extra $3.6m.
The usual top category – phishing and credential harvesting – also saw higher levels of reporting with a 28% increase, while scams and fraud jumped up to 16%.
The continuation of the Flubot scam text campaign, which sends fake courier delivery messages, contributed to the highest reporting levels seen in a single quarter. CERT NZ received 1,107 reports on Flubot alone, pushing the malware category up 1030%.
CERT NZ Director Rob Pope said that high reporting numbers are a “double-edged sword”.
“On the one hand, more reports means that more incidents are occurring, but it also means New Zealanders are aware of the steps to take when they encounter cybercrime.
“This also gives us a greater understanding of the extent and type of incidents that are occurring. We’re encouraged that both individuals and businesses are more willing to report, and we hope the messages about being cyber smart continue to spread.”
In total, CERT NZ released 32 advisories to the public over 2021 and received 64 reports on software vulnerabilities.
“Vigilance is the key word. We need New Zealanders to be aware that scammers are out there and to be careful with their personal information, especially around financial data,” Pope added.
“Keep your passwords strong and don’t trust any sites that are too good to be true.”