SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Kiwi business owner suspicious email auckland office dusk scene
#
Malware
#
Phishing
#
Advanced Persistent Threat Protection

NZ cyber losses more than double amid email scams

Thu, 18th Dec 2025
Author image
By Sean Mitchell, Publisher

New Zealand's National Cyber Security Centre has reported a sharp rise in direct financial losses from cyber incidents in the third quarter of 2025, driven by a small number of high-value cases involving unauthorised or falsified money transfers.

The agency recorded NZ$12.4 million in direct financial losses between 1 July and 30 September. The figure represents a 118% increase on the NZ$5.7 million reported in the previous quarter.

The NCSC received 1,249 incident reports during the quarter from individuals, businesses and organisations. The figures sit within the NCSC's Cyber Security Insights reporting, which tracks trends in malicious activity targeting New Zealand.

Spike in high-value losses

The centre said the jump in reported losses resulted from a small number of high-value incidents involving unauthorised transfers. Attackers used falsified instructions and compromised communications channels.

Business email compromise featured prominently in the data. Attackers gained access to legitimate email accounts and then altered payment details or sent fraudulent invoices.

"This quarter, we have received a number of reports of significant financial losses resulting from business email compromises. This is where a bad actor gains access to email accounts and then sends fake invoices or changes payment details to redirect payments to their bank account," said Mike Jagusch, Chief Operating Officer, National Cyber Security Centre.

Business email compromise scams usually target finance teams, senior leaders or suppliers. Attackers often rely on social engineering and detailed knowledge of internal processes.

Nationally significant incidents

The NCSC triaged 110 incidents for specialist technical support because they were of potential national significance. That represented a 96% increase on the 56 incidents in that category in the second quarter of 2025.

These cases included intrusions and threats that could affect critical services, government systems or large sectors of the economy. The NCSC did not break down losses associated with the nationally significant subset.

Jagusch said increased unauthorised access to email accounts was a key factor in the higher number of serious incidents.

"A rise in unauthorised access to email accounts was one of the main drivers of this increase in potentially nationally significant incidents," said Mr. Jagusch. "Another reason was a general uptick in other malicious activity that we linked to cyber criminals and financially motivated actors."

The remaining 1,139 incident reports went through the NCSC's general triage process. These cases largely involved individuals and private sector organisations.

Malware trends

Reports involving malicious software also rose during the quarter. The NCSC highlighted recent developments in malware and outlined practical steps that New Zealanders can take to reduce their exposure.

The agency noted that criminal groups have adopted more advanced tools and service-based models. Attackers can now rent or subscribe to malware platforms instead of building their own.

"The cyber threat landscape is evolving quickly," said Mike Jagusch. "Malware is becoming much more sophisticated. For example, bad actors now offer malware-as-service platforms that give criminals who lack advanced technical skills the ability to deploy malicious software."

The NCSC said these models lower the barrier to entry for financially motivated criminals. They also expand the pool of potential attackers who can launch disruptive or financially damaging campaigns.

Scams still dominant

Scams and fraud remained the most frequently reported incident category in the quarter. The NCSC received 446 reports of scams and fraud, more than one-third of the total caseload.

The second-largest category was phishing and credential harvesting, with 355 incident reports. These attacks sought to trick users into disclosing passwords or other sensitive information.

The centre reported a 50% increase in scams that involved employment and business opportunities. These scams often promised lucrative jobs, remote work or investment partnerships.

The latest Cyber Security Insights report includes a feature that describes common employment and job scams. It also lists warning signs that people can look for when assessing job offers and online recruitment messages.

Financial exposure

The latest figures underline ongoing financial exposure among New Zealanders and local organisations to online crime. Direct losses logged by the NCSC do not capture indirect costs such as recovery spending, business interruption or reputational damage.

The agency said it will continue to track trends in scams, phishing and malware and will publish further advice for businesses and the public as tactics change.

Jagusch said the shift in criminal methods and the growth in serious incidents will remain a focus for the centre. "The cyber threat landscape is evolving quickly," said Jagusch.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Asimily boosts Cisco ISE with new device microsegmentation
Deepfake boom fuels relentless wave of celebrity scams
Visionplatform.ai adds AI agents to Milestone XProtect
Phishing services drive 389% surge in account breaches
isVerified launches AI voice deepfake defence for execs

Top stories

Cloudflare: outdated apps stifle APAC AI investment gains
Rubrik unveils sovereign cloud to keep sensitive data local
Capture The Bug adds US tech leaders for North American push
Executive-level CISO titles surge amid rising scope strain
Cyb3r Operations raises $5.4m to tackle cyber risk