Accessible News

Top storiesNew ZealandPoliticsBusinessEntertainmentSportsWorld

MBIE customers hit by emails containing malicious software

Tuesday, 20 August 2019

Kiwis are being warned to be vigilant as a phishing scam hits Ministry of Business, Innovation and Employment (MBIE) customers. 

MBIE announced on Twitter it was aware of phishing emails claiming to be sent from the agency that contained malicious software. 

The agency advised people who had received the email to not click on, or try and open the PDF attachment. 

The Law Society posted an alert on their website warning their members that lawyers were among the groups targeted by the phishing emails.

**READ MORE:

* 'Good practice' would have stopped most of 700 cyber-attacks reported to Cert NZ

* Cambridge computer users caught by phishing emails

* How to avoid a cyber attack: Malware and ransomware explained**

A spokesman for MBIE said the phishing emails used MBIE branding and currently included 'Complaint Case' at the beginning of the subject line. 

The emails encouraged the recipient to open an attached PDF.

'When this document is opened, the malicious software is downloaded onto the recipient's computer,' the spokesperson said. 

'If you've opened a suspicious email, do not click on or try to open the PDF attachment. These emails were not sent by MBIE and should be deleted. If you've opened a suspicious email or have any concerns about an email you've received, please report to Cert NZ.'

Do you know more? Email debrin.foxcroft@stuff.co.nz

Phishing has increasingly become a problem for New Zealand companies. 

In early August, Air New Zealand announced a security breach that had begun with phishing emails to staff.

Exposed data included information associated with Airpoints members' visible in internal documents, the spokeswoman said.

This varied by member and could include details such as Airpoints number, members' name and email.

What to do if you are a victim of phishing:

* Change passwords regularly

* Monitor credit card accounts

* Don't put common security information on social media

* If you receive an official email, check email addresses and go to company websites independently of emailed links

* Delete suspect emails immediately