The Computer Emergency Response Team New Zealand (CERT NZ) urged New Zealanders to exercise caution as text messages, phone calls and emails asking people to install remote access software to access further personal or financial information and send text messages using their devices are on the rise.
The advice was made in response to increased phishing schemes targeting New Zealanders and employing a range of communication methods. These messages may employ different languages, formats or styles.
Typically, these messages seem to originate from various institutions, including banks, the Inland Revenue, NZTA, postal services and makers of computer security software. Frequently, the notes indicate that an unusual payment has been found, tax refunds are available, or tolls or other fees are due. They might also have callable phone numbers or connections.
Individuals may be in danger if they receive an unwanted text message with a link or a phone number to contact. However, receiving the message doesn’t necessarily put devices in danger. The risk is increased by clicking the link or dialling the number or if the scammers persuade their victims to install remote access software.
A person may be impacted if they followed the directions in the message and submitted their credit card information, personal information, downloaded software or installed apps. Once access has been granted to these bad actors, they may get into messaging and banking information on the device.
People should not click on links in text messages or call the phone numbers listed in the messages to avoid falling for phishing schemes. Instead, they should visit the company’s website or contact the number listed there if they have questions after receiving an unauthorised text message from the company. Apps downloaded from untrusted sources should not be installed.
In case people have installed such applications, the agency has asked users to delete them, modify their passwords and, whenever possible, use two-factor authentication. In the settings menu, people can disable the option to “install unknown apps” on Android devices.
CERT NZ advised anyone who has installed software or paid money to a con artist should contact their bank immediately. These programmes might offer remote access or text messages on behalf of the victim.
In the face of the pandemic, companies and organisations employed remote access software in commercial settings to enable personnel to connect remotely to the company’s network. However, attackers can sneak into the software to access victims’ devices, gain access to corporate networks, or steal sensitive data. Additionally, they encrypt the files and demand payment to decrypt them.
These attacks may severely impact the company’s operations, which may cause system outages and downtime, as well as the theft and sale of operational data. Investigating and purging the attackers from the network takes much time and money to recover from one of these assaults.
According to an article from CERT NZ in 2021, most ransomware attacks are caused by improperly set up remote access systems, which enterprises use to let personnel access systems while away from the office. Over 2,500 instances of Remote Desktop Protocol (RDP), one of the most popular remote access protocols, have been found in New Zealand. However, RDP has several flaws that open it to attack when used online. Additionally, it accounts for a significant portion of the ransomware incidents that CERT NZ receives.
Organisations are encouraged to check their remote access systems immediately and make sure they are safe, according to Michael Shearer, Principal Advisor – Threats and Vulnerabilities at CERT NZ. Organisations may need to consult their IT staff or service suppliers.