Story image

Online attackers abusing Kiwis' generosity in wake of Chch tragedy

19 Mar 2019

It doesn’t take some people long to abuse people’s kindness and generosity in a time of mourning. Unfortunately scammers have been quick to harvest their own selfish opportunities after last week’s shootings in Christchurch.

CERT NZ and Westpac have both issued alerts warning people to be on the lookout for email donation scams in the wake of the tragedy.

CERT NZ says that it has received numerous reports of scams and attacks, including online donation fraud, malware in video files, New Zealand websites defaced, and denial-of-service reports.

Online donation fraud is being conducted through phishing emails that include links to fake online banking logins. The emails also contain fraudulent bank accounts to which the scammers ask for donations.

Westpac has posted an example of one such email. “The scammers are sending out an email that carries Westpac branding,” the company says.

“Customers can identify the scam by hovering over the link in the email – they will see the link will take them to a website called mothersawakening. We ask anyone who receives this email to forward it to”

For those who want to make genuine donations, the Christchurch Foundation’s Our People, Our City Fund has been set up. Donations can be made at most banks nationwide or by bank transfer to account number 15-3976-0091104-80. 

CERT NZ also outlines that videos containing footage related to the shootings may contain malware. The malware is embedded in the footage and is being shared across compromised websites, as well as social media.

Some reports also note that attackers are defacing New Zealand website to spread political messages about the Christchurch tragedy. In some cases, some New Zealand websites are receiving threats about denial-of-service attack, which would take the websites offline.

The Government Communications Security Bureau (GCSB)’s director-general Andrew Hampton has also posted a statement saying that the GCSB had not “collected or received from partners any relevant intelligence ahead of the terrorist attacks”.

“New Zealand’s intelligence and security agencies do not currently have the legal authority, technical means or resources to actively monitor all online activity that occurs in New Zealand. In addition, all intelligence and security agencies are grappling with the challenges of encryption and closed online communities,” Hampton says.

“GCSB has stood up a 24 hour operation response team which is working with domestic agencies and foreign partners to support Police and NZSIS.

“It is important that there will be the inquiry and GCSB is committed to providing all necessary support. It is of the utmost importance that the public are assured that GCSB acted lawfully and appropriately.

“Due to our focus on supporting the ongoing Police investigation and the inquiry I do not intend to comment further at this time.”

CERT NZ advises the following:

“If you receive a phishing email or have found a website hosting political messages, report it to CERT NZ.

“If your website has been taken over with political content relating to the tragic events in Christchurch, report it to CERT NZ. We recommend you consent to share your report with our partner agencies (in this case, DIA and NZ Police).”

“The Department of Internal Affairs considers the footage related to the attack as objectionable material, and therefore considered an offence to possess, share and/or host the harmful content. If you are aware of online footage related to the attack report it to the Department of Internal Affairs.”

If you need to talk to someone, the following free helplines operate 24/7:

•    Depression helpline: 0800 111 757

•    Lifeline: 0800 543 354

•    Need to talk? Call or text 1737

•    Samaritans: 0800 726 666

•    Youthline: 0800 376 633 or text 234

Safety solutions startup wins ‘radical generosity’ funding
Guardian Angel Security was one of five New Zealand businesses selected by 500 women (SheEO Activators) who contributed $1100 each.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Why AI and behaviour analytics should be essential to enterprises
Cyber threats continue to increase in number and severity, prompting cybersecurity experts to seek new ways to stop malicious actors.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.
Princeton study wants to know if you have a smart home - or a spy home
The IoT research team at Princeton University wants to know how your IoT devices send and receive data not only to each other, but also to any other third parties that may be involved.
Organisations not testing incident response plans – IBM Security
Failure to test can leave organisations less prepared to effectively manage the complex processes and coordination that must take place in the wake of an attack.