News

Phishing attacks costing organisations money

Jun 11, 2024

Phishing emails may appear to be just a nuisance but they are responsible for serious financial losses for New Zealand businesses and organisations.

Cafe owner serving customer at the till

In the first quarter of 2024, organisations across Aotearoa reported losing just over half a million because of phishing.  

Phishing refers to emails that pretend to be from reputable organisations – such as IRD, NZTA, banks or financial organisations – that try to get you to hand over personal information like login or credit card details.

Previously, phishing emails were easy to spot, due to bad spelling and grammar.  These days criminals are more sophisticated, even using AI to help them produce more and better phishing attacks.

Phishing is also a gateway for data theft. The latest Cyber Security Insight report explains how scammers can target an individual in an organisation with a phishing email and cause a data breach.  

A data breach can significantly damage your organisation’s reputation. It can also put your customers whose information you store at risk of financial loss, identity theft and more phishing attacks.  

Businesses and organisations need to take phishing seriously, by helping their staff to know how to identify and avoid clicking on links.

Organisations should report phishing to CERT NZ – we collate indicators and share them with other organisations so that these sites are blocked.

If you receive an email with a suspicious link, you can forward it to phishpond@ops.cert.govt.nz.  

You can read more about what happens when you report to us and how it helps make Aotearoa more resilient to future threats in the latest Cyber Security Insights report.  

Read the full report - CERT NZ(external link)