This is our seventh information security bulletin, all about the recent phishing attempts and what to do if you suspect you’ve fallen victim to phishing.
New phishing campaigns impacting New Zealanders
Recently there has been a surge in compromised accounts being used to send phishing emails from trusted or known contacts. These emails are being sent using Microsoft OneDrive/SharePoint sharing invitations and redirecting users to malicious websites.
If you click the link in a file sharing invitation email and are directed to a login page, make sure to check if the domain in the address bar matches the expected account login page (e.g. login.microsoftonline.com or login.live.com) before entering your information. Check this every time!
Just getting the email doesn’t put you at risk, but if you click the link or enter any information, your risk increases. You could be affected if you have you have provided login details and/or two-factor authentication codes to unfamiliar domain. Check for any unfamiliar logins, which may be from an odd location or an unknown device; and make sure to check for any unfamiliar email rules, which could delete, move, mark as read or forward messages.
What is phishing?
Phishing is a type of email scam where the sender attempts to get you to provide them with personal information, especially financial details. Often the sender will pretend to be a trustworthy organisation, like a bank or a government agency. Phishing emails will ask you to either click a link and enter personal information, open an attachment in the email, or buy a gift card or voucher.
These emails often look legitimate, using the same design and logos as the company or organisation they’re pretending to be. While it used to be relatively easy to spot a phishing email due to spelling errors or poor grammar, these scams are a lot more sophisticated now and will often use the same tone of language as the organisation they are purporting to be.
How do I spot a phishing email?
- Reputable companies and organisations will never ask you to provide personal information by email – any email you get that does this is a huge red flag.
- Double check the sender’s email address to see if it looks legitimate. Companies like banks won’t have email addresses that end in gmail.com or hotmail.com.
- Be wary of any unexpected emails.
- Any anomalies in the email’s tone, language or signature that differ from the sender’s usual style could point to a phishing email.
- Check where links lead by hovering your mouse over the link to see what the domain is – often a suspicious link will point to an address which isn’t related to the content of the email or the wording on the link.
What happens if I open the attachment?
Opening an attachment from a phishing email allows the sender to infect your computer with malware – malicious software. Malware can allow the senders to access your personal information without you knowing. Malware can spread through your programs and files, corrupting them and slowing down your computer or causing your computer to stop working. If you have malware on your computer, you are more vulnerable to other attacks, like ransomware.
What do I do if I receive a suspected phishing email?
If you suspect you have received a phishing email, do not click any links or open any attachments, these are typically in the form of payment requests or remittances. Contact the supposed sender through a different communication channel (e.g. call through to their contact centre – making sure to get their phone number from their website, not from details in the email) to verify whether the email is authentic or not. Report the email to your IT department and/or relevant authority (e.g. CERT NZ).
Want to know more?
CERT NZ is regularly updated with the latest scams targeting New Zealanders, you can view their alerts here https://www.cert.govt.nz/individuals/alerts/
We also highly recommend signing up to Cert NZ’s regular email updates by clicking on the ‘Subscribe to updates’ button at the top of every page on their website.
We are here to help! You can email us to ask for copies of past security bulletins. You can also review our outsource provider statement at the bottom right-hand corner of every page on the site at www.quotemonster.co.nz. More information about relevant certifications, policies, and procedures will be shared in future information security bulletins. We recommend you keep these with other compliance documents.
Please contact us on 09 480 6071 or at [email protected] if you have any concerns or questions.
Stay vigilant and safe.
ISB 07-202406
