A record $20 million was taken from New Zealanders by scammers last year as a cybersecurity advisor warns cyber-criminals are becoming more sophisticated.
The new report from CERT NZ shows financial losses increased 19 percent year-on-year to be the biggest loss reported to the advisor in a single year.
Instances of phishing and credential harvesting, scams and fraud and unauthorised access were the top three methods of online harm seen in the 8160 incidents reported to CERT NZ.
The number of scams and frauds reported climbed 21 percent on the previous year, accounting for 86 percent of the total financial losses reported.
CERT NZ director Rob Pope said the amount of money lost to online scams and fraud was particularly worrying, as cyber-criminals were becoming more sophisticated.
"These are quite big businesses, they're run like businesses, they're big enterprises," Pope said.
"They have the weight of technology, they have their own research and development, so they're continually refining how they can best fleece New Zealanders from either their money or their personal information, which they will then use to leverage off other campaigns, so it's an ongoing battle."
Financial scams often engineered a sense of stress and urgency in customers to further their means, Pope said.
"All of these attacks, whether they be scams or phishing, business email compromises, they all rely on the reactions of the individual who are in a fight or flight type arrangement, an urgency-type approach and if people aren't sufficiently familiar with these types of issues, then it is very, very easy for them to fall on the wrong side live," he said.
"It's always wise to just pause, take a moment and think about if the investment opportunity, bank warning, or romantic engagement is legitimate or not.
"Call the organisation on an official number, scout online to see if their photos have been taken from someone else; a little bit of work can avoid the heartache of losing your hard-earned money.
"All of this will go a long way to reducing these significant financial losses."
Pope said the number of incidents reported was down 8 percent from 2021, largely due to a drop of 88 percent in reports of malware, but when malware was excluded from total reporting counts, reports of incidents had increased 15 percent on the year prior.
"Unlike 2021, there were no large-scale campaigns targeting New Zealanders - such as the Flubot malware - in 2022," Pope said.
"However, we did see smaller campaigns, such as unauthorised money transfer scams, that targeted individuals for large losses."
CERT NZ received a record number of ransomware reports and an increase in fake extortion and blackmail scams reported - with a new report every three days or so.