Isolation Scam Alerts NZ – Stay Safe During Isolation
It has been brought to our attention that before and during the isolation period caused by COVID-19, there has been a growing number of isolation scams in NZ. We deal with an average of 200 scam enquiries from customers each month. However, we have had an alert from the government about a phishing isolation scam and scams on the popular digital meeting platform Zoom. Let’s take a look at what these scams are and how they operate.
ISOLATION SCAM ALERT: VEHICLE LICENCE (REGO) RENEWAL EMAILS
The following scam that has come to light is a phishing email scam (see below for more information on what a phishing scam is).
The email was widely published and replicates an email asking customers to renew their vehicle licence (registration / rego). However, when you click on the link, it takes you to a counterfeit website that then steals your confidential information. This can then be used for more advanced crimes like stealing money.
Waka Kotahi NZ Transport Agency spokesperson Andy Knackstedt explained. “These emails are not from the NZ Transport Agency. They are part of a phishing scam which leads people to a counterfeit website. If you receive one of these messages you should delete it immediately.”
A legitimate email asking you to renew your vehicle license and sent from NZ Transport Agency will include your specific vehicle details. Such as your license plate number, vehicle make and the licence expiry date on the registration label of your vehicle.
If you have concerns about an email you have received, where there are incorrect details or some information missing, we advise you not to click on any links or fill out any forms with your information. If you are suspicious and would like us to clarify whether your concerns are legitimate then please email firstname.lastname@example.org or call 0800 424 335.
What is Phishing?
The term phishing is used in the media regularly but what does it actually mean?
A phishing scam is a fraudulent attempt by a third party to steal your personal information, usually made via email or telephone. The scammer will attempt to convince the target that they are a representative of a trusted brand that the customer has used before. While this is usually a bank or internet/ phone service provider they can also pretend to be a smaller service.
Usually, there are two main ways that a phishing scammer will attempt to contact a target. Firstly, a scammer may try to send an email. This email message will look as though it has been sent by a trusted contact. It will often have imitation branding of the bank or internet service provider you trust. They will start by telling you that there is an issue with your account and that you must log in by clicking the link in the email. This will redirect you to a fake website that looks like your real bank or internet providers site. They will then get you to put in your login details. These are immediately captured by the scammer giving them access to your accounts.
For information about phone phishing scams click here.
ISOLATION SCAM ALERT: ZOOM MEETINGS KEEP GETTING HACKED
During isolation, the use of video chatting has become extremely popular. Whether it is for business purposes or a chat with friends. There is no doubt that it is a great way to keep in contact with colleagues, family and friends. However, we have noted that in America there have been Zoom incidents caused by hackers that have resulted in disturbing results.
An example of this is when a Zoom meeting was taking place about cyber attacks. The presenter started to talk about misinformation on social media regarding the coronavirus. As he did so, an intruder scribbled all over the screen. This resulted in the meeting ending early.
Users not being careful about where they share meeting links has also resulted in trolls trying to upset participants of a meeting or chat. They do this by shouting racial slurs or showing offensive images. Hackers can also gather sensitive information by recording a meeting and then using this for blackmail in the future.
Although these incidents have happened in America, there is no reason why it wouldn’t happen in other countries too. It is important to stay safe and follow the steps below!
So is Zoom Safe to Use?
The majority of the attacks aren’t specifically caused by a flaw in the Zoom app itself. Instead, it is a result of poor cyber security and Zoom settings from users themselves.
If a Zoom meeting is set to public, it can be accessed by anyone with the correct link. According to Roy Zur, co founder and CEO of cyber security firm Cybint, bad actors can find these addresses simply by searching for “zoom.us” on social media sites like Facebook or Reddit, where public meeting links are often posted.
We’ve had information that Zoom is working to update their app so that your meetings have to be password protected. However, until then we recommend changing your settings and making sure you need a password to get into meetings. Do not share your password publicly. Our technical support and development manager Chris said ‘Zoom is safe to use if you make sure your meeting requires a password’. We recommend reading Zoom’s detailed guide, which covers precautions for keeping your meetings safe.
Isolation Scam Checklist :
- Do not publicly share meeting links
- Distribute links through a private method. We recommend email.
- Set your meetings to ‘private’ – Zoom has now set all meetings to private but users can opt to make them public for the sake of convenience.
- The company recommended users read this detailed guide, which covers precautions for keeping their meetings safe.
- Share your personal meeting ID only with your most trusted contacts. Every registered Zoom user has a personal meeting ID, linked to what is essentially a permanent virtual meeting room. Because that ID doesn’t change, sharing it publicly increases the chance that future meetings using your personal ID might be Zoom bombed.
- Restrict video sharing. If the meeting host is the only person who needs to share a video, such as in a seminar or presentation, the host should change Zoom’s screen-sharing setting to “Host-only.” Zoom has already made this change by default for K-12 classes using the software.
Overall we wanted you to know that we are passionate about keeping you safe, especially at this time. If you are unsure, need an update on cybersecurity or would like some clarification on this subject then call us and book a remote appointment on 0800 424 335.