CERT NZ recently published their quarterly report for Q4 of 2018.
What happened in Q4?
- Reported incidents rose by 53% to 1,333 in Q4, the largest quarter to date. This is 3.5 times the count for the same period in 2017. Incidents reported across every region increased by more than 60% with the exception of Auckland (47%).
- Scam and fraud reports made up half of the reported incidents in Q4 and was up by 236% from Q3. More than 90% were about individuals across all age groups and regions. More than a third of the scam and fraud reports were driven by email extortion scams. These are threat-based emails that attempt to trick recipients to pay money to make the threat go away.
- Malware reports from organisations continue to rise. Phishing campaigns targeting New Zealand businesses contributed to this rise. The top three organisations with reported incidents are financial and insurance services (55%), technology (6%), and public administration and safety (3%).
- Direct financial losses almost doubled in Q4 to $5.9M from Q3. For the year 2018, the direct financial losses from reported security incidents topped $14 million. This is 1.68 times the total loss in 2017. The financial impact to New Zealand businesses and individuals is rising at a fast pace.
- While all age groups experienced security incidents, the direct financial loss of the 65+ age group was the highest at $3.6 million. This almost quadrupled the amount in Q3 ($93,000). The total financial loss in 2018 for this vulnerable age group amounted to $5.65 million. What makes this remarkable is that only 27% of the targets in Q4 are in this 65+ age group, yet it totalled 61% of the total financial loss.
Email extortion scams were the greatest threat from Q4
Scammers collect customer records from data breaches which are available online. Typical information scammers collect include email addresses, passwords, and other account details, which the scammers use to send extortion emails.
Their style and approach keep changing to evade being caught.
CERT NZ advises to report the scam to them and not to contact the sender or respond to the threat. If the scam includes a password, make sure to change the password on any account where that password is used.
What is the most common vulnerability highlighted in Q4?
Vulnerabilities in websites and web servers continued to be the most common, contributing to 68% of vulnerabilities reported in Q4. This reflects a consistent trend in 2018.