Story image

$10.1m lost: Why Kiwis are losing so much to scammers & how we need to fix it

25 Jan 2018

Tech-savvy scammers are swindling more money from New Zealanders out of their cash - $10.1 million may only be the tip of the iceberg, according to Netsafe.

Last year New Zealanders reported the combined $10.1 million loss resulting from online scams and fraud – while the average loss was $10,771, the highest single loss was a substantial $480,000 to an investment scam.

Because many people are embarrassed about falling victim to scams or believe reporting won’t do any good, Netsafe believes it is likely the reported losses are only a small percentage of the real figures.

Netsafe CEO Martin Cocker says we should not think of scam victims as foolish or greedy.

"We need to correct that misconception, get more creative with prevention education, and improve coordination between the agencies and organisations that can disrupt scam and fraud activity.”

Tech support scams were the most common: In these cases, scammers say they are from legitimate firms such as Spark, Vodafone or Microsoft and convince people that there is a problem with their computer or internet connection.

The scammers then request remote access to the person’s device. They may install malware, encourage people to log into their bank account details and transfer money offshore, or compromise the device.

Investment scams are also catching people off guard. They often cold call and ask people to invest in shares or investment programmes that do not exist. They maintain communications and when people ask to withdraw their money, the scammers either stall or disappear completely. 

Netsafe says New Zealanders also lost $1.4 million to online romance scams last year.

A number of scammers rely on Western Union as a means of receiving money - and Western Union is finally doing something about it as part of the Western Union Remission Scheme.

"People who have lost money to a scammer who had them pay via Western Union between January 1st 2004 and January 19 2017 may be eligible for a refund," Netsafe says.

"In order to claim the remission scam victims will need to provide evidence of the transaction including the Western Union Money Transfer Control Number (MTCN) and the date of the transaction. The remission scheme is available to people worldwide. All claims to the remission scheme must be submitted by the 12th February 2018." Find out more here.

Cocker says that scammers are changing tactics to use more advanced technology and personal information to prime their victims.

Previously they would use cheap forms of mass technology to find the small pool of vulnerable people.

Now scammers are using marketing techniques, technology and personal data on the web to hone their approaches to seem more authentic.

“These scams are multi-faceted, often using several well- executed marketing elements designed to mimic well-known organisations and processes that people trust. The recent scams imitating Air New Zealand and Whittakers are good examples of this,” Cocker says.

Last year Netsafe launched an automated email bot called Re:scam, which engages scammers in a continuous cycle of emails. Re:scam's responses are designed to mimic genuine human interaction and is designed to waste scammers' time with a bot instead of duping an innocent person.

“The simple message of 'If it seems too good to be true, it probably is' no longer reflects the reality of the online scam and fraud landscape. It would be more accurate to say, 'even if it seems like a reasonable deal, it could still be a scam.”

Netsafe offers the following tips:

• Don’t respond to phone calls or contact about your computer asking for remote access to fix it. No one will contact you out of the blue about a problem with your computer.
• Use good, strong passwords on your online accounts and don’t tell anyone what they are. Legitimate organisations will never ask for your passwords. Use two-factor authentication on accounts where you can.
• Always keep your personal information secure. Think carefully before entering your details online, or giving them to someone.
• If someone offers you money or another offer, but you have to make a payment up front, ignore it. This is a common tactic of scammers.
• Use a good antivirus and keep your software up to date. This will help to protect your device from someone trying to access it.
• Be wary of unusual payment requests. Scammers try to use payments that can’t be traced such as pre-loaded debit cards, gift cards that can be used online, iTunes cards or money transfer systems.
• If you're using a trusted trading or booking website or app, always complete the deal using the payment system in the platform.

You can also report scams to Netsafe at or phone 0508 NETSAFE (638723).

Read more about our coverage on scams below:

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.