An eclectic group of entities including local companies have found their names used by suspected scammers - and one Kiwi firm says the scams are increasingly common. Photo / 123RF
An eclectic group of entities including local companies have found their names used by suspected scammers - and one Kiwi firm says the scams are increasingly common. Photo / 123RF
Kiwis are the targets of scammers impersonating James Bond, the FBI, Mitre10, and AA Insurance.
The eclectic group has featured in “smishing” and phishing scams in recent days circulating in texts and emails.
AA Insurance has warned its customers about one of the scams and Mitre10 said scams were increasinglycommon.
Mitre10′s name has been used in a scam where recipients were told they could win a Makita power drill.
“It will take you only a minute to receive this fantastic prize,” the email added. It then has hyperlinked text saying “confirm now!”
“We’ve seen a marked increase in scam activity across the sector over recent months and have taken measures to alert, educate and protect our customers,” said Jules Lloyd-Jones, Mitre10 NZ chief marketing officer.
The hardware retailer had a scam warnings page on its website to alert customers about scams.
“The page includes information to help people identify non-legitimate communications and keep themselves safe,” Lloyd-Jones said.
“We also use our Facebook page to alert people if we learn of scams becoming widespread and prevalent.”
The company said the clearest indicator in the recent scam was the sender’s email address, which was not an “@mitre10.co.nz” address.
“We’re aware of a scam text that’s currently circulating asking our customers to arrange payment for their policies online,” AA Insurance said on its website.
“Please do not respond to this message or follow any suspicious links.”
AA Insurance said it did not send texts to customers with links requesting payment.
Meanwhile, an FBI scam reaching New Zealand inboxes impersonates a United States federal agent who claims to be investigating fraudsters.
Some variations of the scam include official locations and phone numbers for FBI field offices.
“Please be informed that during our investigations we found out that there is a total amount of $4.5 million that has been assigned in your name as the beneficiary and these fraudsters are busy swindling you without any hope of receiving your fund,” one scam email adds.
The fake FBI agent anticipates a “swift response” from the recipient and adds, for those who find the email in their spam folder: “Kindly move to your inbox before replying”.
The scammer will then ask for money to be sent by a mobile payment service application, or send the victim a QR code, the El Paso Times reported.
James Bond's moniker has been deployed in one suspected email scam.
“The QR code will direct the victim to a website run by the scammer, where the victim is asked to make the payment.”
Another scam email circulating is from “James Bond” and has an attachment purportedly showing a receipt for a Norton Antivirus product.
Although the sender’s name would likely set alarm bells ringing, the attachment when previewed resembled a legitimate Norton 360 invoice.
Another current scam email impersonates the US Supreme Court and asks recipients to email a specific address.
Online safety is the topic of a transtasman conference scheduled for Christchurch's new Te Pae convention centre next week. Photo / Supplied
Most of these scams are variations of phishing expeditions.
Government cybersecurity agency Cert NZ has described phishing as spam sent with the intention of gaining access to a recipient’s personal or financial details.
“Smishing” refers to phishing scams sent by text or SMS.
Sometimes, information harvested by phishing initiatives is later used in impersonation emails, which can be more convincing than crude phishing spam.
Cert NZ last month told the Herald that email addresses could be obtained through a dump of credentials harvested through phishing campaigns or even just scraped off public-facing websites.
In the year’s second quarter, $4.2 million in direct financial loss was reported to Cert NZ.
Reported phishing incidents increased 26 per cent in the June quarter.
Phishing and credential harvesting were the most common hassles reported to Cert NZ, well ahead of malware, ransomware and botnet incidents.
Meanwhile, Netsafe NZ said it would co-host a bilateral online safety conference with Australia’s eSafety Commissioner next week.
It features Jenny-May Clarkson as MC and guest speakers include Harvard graduate, AI and human rights expert Brittan Heller.
John Weekes is online business editor. He has covered courts, politics, crime and consumer affairs. He rejoined the Herald in 2020, previously working at Stuff and News Regional, Australia.
