NetSafe is warning New Zealand businesses to be on the alert after a major retail chain was targeted by cyber criminals in a well planned phishing attack that attempted to convince store staff to install rogue software on their computers.
IT staff at the company found one branch had downloaded a file and infected computer systems after being called by an individual claiming to work for the well-known chain. The caller, who identified himself as a senior member of the company, directed employees to a fake website that was designed to look like the official tech support site.
Following instructions from the caller, staff at the store downloaded a malicious program that tried to take over computers. Fortunately, the company’s real IT staff noticed what was happening and managed to block further access to the fake website on all their systems before cleaning up and alerting all stores to the bogus caller. No data was accessed or lost.
“The effort that has gone into creating a convincing fake website and the use of a real executive’s name is what concerns us,” said Chris Hails, NetSafe’s cyber security programme manager.
“The website which delivered the malicious software was designed using the company’s branding, logo and corporate style and the criminals had gone to some effort to register a .co.nz URL which contained the chain’s name,” said Hails.
The FBI warned Americans back in July that spear phishing attacks targeting business executives and selected companies were on the rise but this is the first time that NetSafe has received this kind of report from a New Zealand company.
“This is well beyond common phishing tactics designed to harvest account login details – the cold caller posed as a genuine member of the company and tried to convince store staff that they should download the system update,” said Hails.
“This is targeted spear phishing and could have seriously impacted on the business if IT staff had not been quick to respond by blocking access to the fake site and warning all branches.”
The website was registered to a Nigerian address through an Indian company and based in Switzerland. NetSafe is concerned that the overseas criminals involved may try to use this set-up again to target another New Zealand business and is encouraging companies to warn their staff about these kinds of threats arriving via email and over the phone.
Help and advice from NetSafe
NetSafe highlighted the risks associated with online phishing attacks back in May this year as part of Cyber Security Awareness Week. The non-profit published a light-hearted take on the famous fish and chip shop poster designed by cartoonist Chris Slane and titled ‘New Zealand Phishing Species’.
The ‘phish’ can be seen online at www.securitycentral.org.nz/phishing/ and businesses of any size keen to educate their staff on cyber threats can order free copies of the poster and other resources from NetSafe by calling 0508 NETSAFE or emailing firstname.lastname@example.org.
You can report your concerns about cyber incidents in one central location at www.theorb.org.nz. NetSafe will direct your report through to the partner best able to investigate or advise you. For preventative computer security advice visit www.securitycentral.org.nz