Scammers honing artificial intelligence and robocalling technology will snap at the heels of any new economic and social trends after the coronavirus lockdown, a security expert says.
Two major cybersecurity scandals have focused attention on cybercrime recently.
Team New Zealand lost $2.8 million to a scammer’s Hungarian bank account and the NZX stock exchange called in Government security agents late last week after disruptive blackmail attacks.
Netsafe chief executive Martin Cocker said cybercriminals would try to take advantage of any new socioeconomic trends emerging from the impact of coronavirus.
* Cyber-crime reports rose, but scam losses fell during Covid-19 alerts
* How I almost lost thousands after falling for email hacking scam
* Coronavirus: Kiwis warned to be extra careful as virus-related scams rise
He said criminals are still using income scams, romance scams and fake “remote support” scams to target New Zealanders.
But if unemployment surges, an increase in jobseeker scams is likely, he said.
These scams overseas have involved con artists promising jobs in exchange for upfront payments.
Cocker said online imposters are also likely to try to fraudulently secure subsidies or payouts if a surge of Government stimulus spending is unleashed.
Crooks could deploy more artificial intelligence (AI) and robocalling techniques in the near future, Cocker said.
Scammers last year used AI to in a “voice-spoofing” scam in Europe in an attempt to defraud a company of NZ$359,000.
The Wall Street Journal reported the scammers used AI-based software to impersonate a chief executive’s voice.
Robocalling includes many strategies. Some local targets might get a call from a foreign number but find the caller hangs up quickly.
Curious Kiwis might then call back, and the scammers use technology to divert calls to a premium rate number overseas.
Robocalls exploiting Covid-19 fears have also been used to trick people in the United States into handing over personal and financial information.
In New Zealand, reported scams surged in April, when the national level 4 lockdown was in force, according to the Government’s Computer Emergency Response Team (CERT NZ).
Reported webcam extortion emails rose from 34 in the first three months of the year to 478 in the second quarter.
Phishing and credential harvesting reports also jumped in the second quarter.
But CERT NZ said reported financial losses in the second quarter were $1.8 million, down from $6 m in the first quarter.
It isn’t immediately clear if the challenging economic conditions Covid-19 created have driven scammers to be more desperate.
Cocker said the Team New Zealand scam was a fairly “traditional” con where somebody went to the trouble of intercepting or changing credentials.
Court documents viewed by Stuff suggest the substitution of a single character in an email address triggered the scam.
The assaults on NZX and other organisations in recent days were DDoS (distributed denial of service) attacks which broadly aim to overwhelm targets with internet traffic.
Cocker said the high-profile attacks and ongoing threat of cybercrime should encourage businesses and agencies to take cybersecurity seriously.
“It is hard to get proactive attention on security and safety matters. In organisations, people often think about it after the fact.”
Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.