10 Apr 2017

Phone scam affecting businesses and government organisations

New Zealand businesses and government organisations are currently being targeted by a phone scam, intended to trick the recipient into disclosing private details about the organisation. While CERT NZ does not investigate phone scams, we're highlighting this one as it may be a precursor to a broader cyber attack.

Scammers are calling businesses and government organisations, asking for personal and professional details about their staff, for example:

  • does X work here?
  • what's the name of your Finance manager?
  • is X still your CEO?

This kind of information can be used to support a targeted marketing campaign or a spear phishing attack against an organisation. It's important to have trained staff who understand how to deal with calls like this, and practices in place for what to do if they get a suspicious call.