Almost half of NZ employers have been scammed

Yet half of SMEs say cyber security training isn't a priority

Almost half of NZ employers have been scammed

More than half of New Zealand employers admit that cyber education training is not a current priority for them, despute research showing that businesses are a "lucrative target" for scammers. Research from the Bank of New Zealand found that 53% of SMEs said cyber security training isn’t at the forefront of their minds, while only 31% said it was.

This is despite the research also finding that 47% of businesses became victim to scammers, a significant increase from the 21% the year before. For businesses, the top five reported scams are:

  • Call scam (28%)
  • Phishing scam (16%)
  • Invoice scam (12%)
  • CEO scam (9%)
  • Ransomware (9%)

Read more: Beware! Phishing scam uses voice calls to 'trick' workers

Ashley Kai Fong, BNZ head of financial crime, said that while businesses are targeted by many of the same scams that consumers do, they are also targeted by the so-called "in-voice" scam. According to BNZ, an invoice scam sees a business system compromised and the bank account number on invoices changed to a scammer-owned one, so payments are redirected.

"In a new development, we've also seen scammers posing as employees changing the bank account where their wages are paid," said Kai Fong in a statement. "These scams are notoriously difficult to spot and are the leading scam by value of losses."

With more businesses falling victim to scams, the report also found that only 41% of businesses say they are prepared to manage a scam or cyber event.

Among SMEs with more than six employees, 52% said they are prepared and 68% said cyber education training is a priority for their business.

Read more: FBI: Hackers target HR, payroll in phishing scam

For businesses who might find it hard to get scam protection, Kai Fong suggested that all employees should be vigilant against links on text or email messages from unknown senders.

"Make sure everyone in your businesses knows to never tap or click links in emails and text messages from unknown senders," said the BNZ official. "Keep your systems and antivirus up to date and use long, strong, and unique passwords or passphrases."

"Chasing your overdue accounts is also vital. It's better for your business to have the cash coming in, but it also means you'll uncover an invoice scam more quickly and have more of a chance to recover lost money," added Kai Fong.