Newstalk ZB
Netsafe is warning Kiwis of increasingly sophisticated and hard-to-detect scams, which have taken almost $65,000 this year. Reports across the country showed scammers were impersonating domain name providers, hosting services and trusted organisations, using highly convincing fake websites and login pages to steal credentials and payments. Netsafe said the scams appear legitimate at first glance, making them harder to identify. Using what are known as “unauthorised billing scams”, fraudsters have pocketed $58,744 in lost funds so far this year, according to Nesafe. “Fake website scams” have cost Kiwis $5862 this year. Netsafe digital harms services manager Alex Yi said the increase in the frauds marked a “significant evolution” in the wider landscape. “Scammers are no longer just pretending to be organisations, they are targeting and replicating the systems that make organisations trustworthy in the first place, Yi said. “That includes domain names, websites, and everyday business processes like invoices and account renewals.” Netsafe had seen scams with multiple steps, such as a social media ad leading to a realistic website, with the fraud finished off through direct contact via phone or email. The approach makes scams more convincing and harder to detect, Yi said. It also reflected a global trend where scammers were using the same tactics. The spike in unauthorised billing scams after Christmas was particularly high, with over $26,500 in losses reported in January, Netsafe said. The frauds are trending up again as money lost to unauthorised billing scams increased over 8% month-to-month from February to March. Scams using fake websites followed a similar trend with a large spike in January following Christmas shopping. After a brief February lull, reports of the frauds increased over 35% month-to-month from February to March. Netsafe urged people and businesses to take extra care when interacting with emails, websites, and requests for payment or login details. Key advice includes: Be cautious of urgent requests to renew domains, pay invoices, or update account details. Avoid clicking links in unsolicited emails – instead, navigate directly to official websites. Check website addresses carefully, even if the page looks legitimate. Enable multi-factor authentication on important accounts. Verify requests independently, especially for payments or sensitive information. “If something looks legitimate but feels unexpected, take a moment to verify it through a trusted channel,” Yi said. Anyone who is unsure about a message or believes they have been targeted by a scam can contact Netsafe for advice.
Go to News Site