FBI, Mitre10, AA, James Bond used in imposter scams targeting Kiwis
Kiwis are the targets of scammers impersonating James Bond, the FBI, Mitre10, and the Automobile Association. The eclectic group has featured in “smishing”... An eclectic group of entities have found their names used in imposter scams targeting Kiwis. The AA has warned its customers about one of the scams, which includes an apparent scam where recipients are told they can win a Makita power drill. An FBI scam is also reported to have reached New Zealand inboxes impersonating a United States federal agent who claims to be investigating fraudsters. Government cybersecurity agency Cert NZ has described phishing as spam sent with the intention of gaining access to a recipient’s personal or financial details. Meanwhile, Netsafe NZ will co-host a bilateral online safety conference with Australia's eSafety Commissioner next week.
/cloudfront-ap-southeast-2.images.arcpublishing.com/nzme/7ZML5L4JGZE2JFRI5B45WBP3DQ.jpg)
Published : 2 years ago by John Weekes in Business
An eclectic group of entities have found their names used by suspected scammers. Photo / Supplied, Mead Norton
Kiwis are the targets of scammers impersonating James Bond, the FBI, Mitre10, and the Automobile Association.
The eclectic group has featured in “smishing” and phishing scams in recent days circulating in texts and emails.
The AA has warned its customers about one of the scams.
“We’re aware of a scam text that’s currently circulating asking our customers to arrange payment for their policies online,” the organisation said on its website.
“Please do not respond to this message or follow any suspicious links.”
The AA said it did not send texts to customers with links requesting payment.
Mitre10′s name has been used in an apparent scam where recipients are told they can win a Makita power drill.
“It will take you only a minute to receive this fantastic prize,” the email adds. It then has hyperlinked text saying “confirm now!”
Mitre10 has been approached for comment.
“Smishing” refers to phishing scams sent by text or SMS.
Meanwhile, an FBI scam reaching New Zealand inboxes impersonates a United States federal agent who claims to be investigating fraudsters.
Some variations of the scam include official locations and phone numbers for FBI field offices.
“Please be informed that during our investigations we found out that there is a total amount of $4.5 million that has been assigned in your name as the beneficiary and these fraudsters are busy swindling you without any hope of receiving your fund,” one scam email adds.
The fake FBI agent anticipates a “swift response” from the recipient and adds, for those who find the email in their spam folder: “Kindly move to your inbox before replying”.
The scammer will then ask for money to be sent by a mobile payment service application, or send the victim a QR code, the El Paso Times reported.
“The QR code will direct the victim to a website run by the scammer, where the victim is asked to make the payment.”
Another scam email circulating is from “James Bond” and has an attachment purportedly showing a receipt for a Norton Antivirus product.
Although the sender’s name would likely set alarm bells ringing, the attachment when previewed resembled a legitimate Norton 360 invoice.
Another current scam email impersonates the US Supreme Court and asks recipients to email a specific address.
Most of these scams are variations of phishing expeditions.
Government cybersecurity agency Cert NZ has described phishing as spam sent with the intention of gaining access to a recipient’s personal or financial details.
Sometimes, information harvested by phishing initiatives is later used in impersonation emails, which can be more convincing than crude phishing spam.
Cert NZ last month told the Herald that email addresses could be obtained through a dump of credentials harvested through phishing campaigns or even just scraped off public-facing websites.
In the year’s second quarter, $4.2 million in direct financial loss was reported to Cert NZ.
Reported phishing incidents increased 26 per cent in the June quarter.
Phishing and credential harvesting were the most common hassles reported to Cert NZ, well ahead of malware, ransomware and botnet incidents.
Meanwhile, Netsafe NZ said it would co-host a bilateral online safety conference with Australia’s eSafety Commissioner next week.
The event on October 24 and 25 is at Te Pae, the new Christchurch Convention Centre.
It features Jenny-May Clarkson as MC and guest speakers include Harvard graduate, AI and human rights expert Brittan Heller.
John Weekes is online business editor. He has covered courts, politics, crime and consumer affairs. He rejoined the Herald in 2020, previously working at Stuff and News Regional, Australia.