Latest news with #NationalCyberSecurityCentre
BBC News
a day ago
- BBC News
Warwickshire council alert after fake QR codes in car parks
Warnings of fake QR codes on parking machines have been issued by Warwickshire County are being used to direct drivers to bogus sites, which can then see people fall prey to payment hotspots - like parking meters and restaurant menus - are common targets of criminals who stick their own QR codes on signage, the BBC has previously council said fake QR codes were spotted in Leamington last week and have also been seen in Warwick. A council statement posted on social media said: "It has come to our attention that some of the pay and display machines in the Warwick area have had stickers attached directing drivers to bogus sites."We would caution motorists from scanning any QR codes or bar codes that may appear on our pay and display machines."Any QR or barcodes affixed onto our machines have not derived from Warwickshire County Council."Machines operated by the council take cash and use the RingGo parking app, the statement who scan the fake QR codes using mobile phones and other electronic devices are directed to websites controlled by the scammers, and can be tricked into handing over data such as bank including the National Crime Agency and the National Cyber Security Centre, have said it is vital that people "stay vigilant". Follow BBC Coventry & Warwickshire on BBC Sounds, Facebook, X and Instagram.
Scoop
5 days ago
- Business
- Scoop
Rise In Financial Losses Reported To The NCSC
The National Cyber Security Centre's Cyber Security Insights report for Q1 2025, released 13 June, shows a 14.7% quarterly increase in financial loss reported by New Zealanders. For the period from 1 January to 31 March 2025, a total of 1,369 incidents were reported to the NCSC. Of these, 77 incidents were triaged for specialist support because they were of potential national significance. Financial losses of NZ$7.8 million were reported to the NCSC, compared with $6.8 million in the previous quarter. 'This is the second-highest quarterly total loss figure the NCSC has ever recorded," said the NCSC's Response and Investigations Team Lead, Tom Roberts. 'Many of these losses again came from scams and fraud, particularly through business email compromise – where an attacker targets the email systems of a business to obtain money or information – and unauthorised money transfers. This is consistent with what we saw in the previous quarter.' 'The true scale of losses is likely to be much greater, since we know only a small proportion of losses are reported to us,' said Mr. Roberts. 'We urge people to be cautious online because bad actors are always waiting for an opportunity to steal money or information.' More than half of the losses reported to the NCSC were to businesses. "We have seen that cyber criminals are often targeting organisations that manage large financial transactions, like law firms and real estate agencies," said Mr. Roberts. 'We encourage individuals and businesses to report incidents to us. Our staff have deep expertise in analysing cyber threats, and we can help people respond to and recover from incidents. The reports we receive also help us to gain a better picture of the current threat environment. This information shows us where we can best focus our efforts to protect New Zealanders online.' Key highlights from 1 January to 31 March 2025: 1,369 incident reports were recorded by the NCSC. Of these, 77 were triaged for specialist technical support because they were of potential national significance. The remaining 1,292 were handled through the NCSC's general triage process. These incidents were largely reported to the NCSC by individuals and businesses. Compared to Q4 2024, this is an increase of 0.8% in total incident reports. Direct financial loss was $7.8 million. This is a 14.7% increase compared to the previous quarter's $6.8 million. This is the second-highest financial loss in a quarter ever recorded by the NCSC – the largest was $8.9 million recorded in Q3 2022. There were 10 recorded incidents in which more than NZ$100k was lost. With 486 total reports, Scams and Fraud was again the most reported incident category. The second-highest number by category was Phishing and Credential Harvesting, with 440 total incident reports.
1News
13-06-2025
- Business
- 1News
Kiwi businesses reporting large losses to online scammers
People are losing more money to fraud and online scams, with recent months bringing the second highest total loss figure on record. There has been a 14.7% quarterly increase in financial loss reported by New Zealanders, according to the National Cyber Security Centre's Cyber Security Insights report for the year's first quarter. From January 1 to March 31, a total of 1369 incidents were reported. Of those, 77 were triaged for specialist support because they were of "potential national significance". It equalled a financial losses of $7.8 million, up from $6.8 million in the previous quarter. ADVERTISEMENT The largest ever was $8.9 million, recorded in the third quarter of 2022. Mike Jagusch from the National Cyber Security Centre explains who's being targeted and how it's happening. (Source: Breakfast) Response and investigations team lead Tom Roberts said many of those losses came from scam and fraud. "Particularly through business email compromise — where an attacker targets the email systems of a business to obtain money or information — and unauthorised money transfers," Roberts said. "The true scale of losses is likely to be much greater, since we know only a small proportion of losses are reported to us. We urge people to be cautious online because bad actors are always waiting for an opportunity to steal money or information." Director of mission enablement Mike Jagusch said the difference this quarter was that it was mostly businesses reporting losses, rather than individuals. The report showed more than half of the losses reported to the NCSC were to businesses, with criminals often targeting law firms or real estate agencies which handled large transactions. ADVERTISEMENT The morning's headlines in 90 seconds including Air India crash, ferry still out of action, and ignoring TikTok KiwiSaver hacks. (Source: 1News) "A business email compromise is an attack where a bad actor looks to gain access to an organisation's email system, and then they use that email access to trick staff, or clients, or another organisation, into paying them money." That could take the form of a fake invoice, sent from the organisation's own email account, listing the attacker's email address as the destination for payment. Jagusch said organisations should make sure staff were using long, strong, unique passwords and that they have multi-factor authentication turned on, to make it harder to break into their email systems. According to the report, there were 10 recorded incidents in which more than $100,000 was lost. With 486 total reports, "scams and fraud" was again the most reported incident category. The second-highest was "phishing and credential harvesting" with 440.
Techday NZ
12-06-2025
- Business
- Techday NZ
NZ cyber incidents cause NZD $7.8 million loss in early 2025
The National Cyber Security Centre's latest report shows a significant rise in financial losses due to cyber incidents reported in New Zealand during the first quarter of 2025. From 1 January to 31 March 2025, the NCSC recorded a total of 1,369 reported cyber incidents. Of these, 77 required specialist technical support having been assessed as potentially significant for national security, while the remaining 1,292 were managed via general triage. Financial losses attributed to these incidents totalled NZD $7.8 million. This marks a 14.7% increase compared to the previous quarter's figure of NZD $6.8 million, and it represents the second-highest quarterly loss ever recorded by the NCSC. The highest was recorded in the third quarter of 2022, when losses reached NZD $8.9 million. Tom Roberts, Response and Investigations Team Lead at the NCSC, noted the seriousness of the increase in losses. "This is the second-highest quarterly total loss figure the NCSC has ever recorded. Many of these losses again came from scams and fraud, particularly through business email compromise – where an attacker targets the email systems of a business to obtain money or information – and unauthorised money transfers. This is consistent with what we saw in the previous quarter." Roberts further commented on the likelihood that losses are being underreported. "The true scale of losses is likely to be much greater, since we know only a small proportion of losses are reported to us. We urge people to be cautious online because bad actors are always waiting for an opportunity to steal money or information." Of note, over half of all reported losses affected businesses rather than individuals. Law firms and real estate agencies were highlighted as sectors frequently targeted by cyber criminals looking to exploit large financial transactions. "We have seen that cyber criminals are often targeting organisations that manage large financial transactions, like law firms and real estate agencies," said Mr. Roberts. Incident and threat landscape The total number of incidents reported in the first quarter rose by 0.8% compared to the previous quarter. In total, 486 incidents were categorised under scams and fraud, making this the most frequently reported kind of cyber crime. Phishing and credential harvesting was the second most reported category, with 440 incidents. The scale of individual losses also drew attention. Ten separate incidents involved losses exceeding NZD $100,000 each, highlighting the scale at which some attacks are being perpetrated. Roberts encouraged both organisations and individuals to make use of the NCSC's resources by reporting cyber incidents. "We encourage individuals and businesses to report incidents to us. Our staff have deep expertise in analysing cyber threats, and we can help people respond to and recover from incidents. The reports we receive also help us to gain a better picture of the current threat environment. This information shows us where we can best focus our efforts to protect New Zealanders online." Reporting and response The NCSC's triage process sees reports from the public, businesses, and other organisations. The majority of incidents are handled through this initial process, although those that meet certain criteria for complexity or potential impact receive specialist attention from within the agency. Business email compromise, unauthorised money transfers, and mass-market fraud continue to be the main vectors for financial loss, illustrating a consistent pattern in cyber criminal tactics in New Zealand. The NCSC has stated that incident reporting not only supports victims but also contributes to a wider understanding of threats and trends. This, in turn, assists the agency in focusing protective measures where they are most needed. The report indicates ongoing risks for both individuals and businesses from cyber crime, particularly for those organisations managing significant transactions or sensitive information.
NZ Herald
12-06-2025
- Business
- NZ Herald
Cyber incidents cost Kiwis $7.8m in three months, 10 lose over $100k each
Ten Kiwis lost more than $100,000 each in cyber incidents in the first three months of the year, according to the National Cyber Security Centre (NCSC). The NCSC's Cyber Security Insights report revealed $7.8 million in financial losses were reported to the government agency in the first quarter. Financial losses
