IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
Malware
#
Phishing
#
Advanced Persistent Threat Protection

AI-fuelled scams & phishing soar in New Zealand, says Gen

Yesterday
Author image
By Melania Watson, Interview Editor

Gen has released its Q1/2025 Threat Report, highlighting a substantial increase in AI-driven, highly personalised cyber threats impacting New Zealand and global internet users.

According to the report, breached data sets and the growing availability of AI tools are enabling cybercriminals to craft more sophisticated and convincing attacks, with New Zealand identified as one of the nations most affected by these developments.

Fake update scams, where fraudulent browser update notifications are used to trick individuals into installing malware, have surged dramatically. In New Zealand, such scams increased by over 11,000% in terms of blocked attacks. Globally, there was a 1,711% increase in risk associated with these fake update scams compared to the previous quarter.

Alongside scams involving fraudulent browser updates, other prevalent threats in New Zealand during the first quarter of 2025 included malvertising, phishing, romance and e-commerce scams, adware, and what Gen refers to as "Scam-Yourself Attacks." These attacks often use social engineering to manipulate individuals into infecting their own devices.

The report also recorded a significant global rise in breached personal information, with a 186% increase in exposed data such as passwords, emails, and credit card numbers. In New Zealand, incidents involving infostealers—a type of malware that targets personal and financial information—rose by 137% in the quarter. These include advanced threats like password stealers and banking trojans targeting credentials, cryptocurrency wallets, and instant payment systems.

Gen stated it helped protect over 4 million people worldwide from Scam-Yourself Attacks in the quarter. This attack vector is increasingly being powered by AI-generated personas, deepfake influencers, and even hired actors, who are used to convince users—sometimes via compromised YouTube accounts—to install malware, engage with fake CAPTCHAs, or grant unnecessary device permissions.

"Online threats are evolving at a startling pace," said Siggi Stefnisson, Cyber Safety CTO at Gen. "Attackers are moving away from broad, indiscriminate campaigns to highly personalised, AI-enhanced deception. Breached data and AI tools are giving cybercriminals just enough personal information and design sophistication to more easily manipulate people. That's why we constantly evolve our cybersecurity solutions to be an interactive partner in fighting scams and to be one step ahead of cybercriminals."

The Gen report notes a 36% increase in the number of company data breaches compared to the previous quarter, with attackers employing advanced infostealers such as Lumma Stealer. These tools make data compromise faster and harder to detect for individuals and organisations alike.

Phishing remains a significant concern with reports to the Norton Genie scam detector platform rising by 466% compared to the previous quarter. Nearly 32% of all scam submissions were related to phishing, making it the fastest-growing threat after generic scams. "Phishing is the fastest-growing threat, second only to generic scams, which accounted for 51% of reports. The good news is that people are becoming more wary of potential phishing scams and reporting these messages," the report states.

Phishing campaigns are increasingly using dynamic DNS services, subdomain providers, and free website builders to host deceptive login portals, mimicking trusted brands and creating a false sense of security. An observed trend is the use of urgent messages claiming account issues or prompting users to review sensitive documents, which increases the effectiveness of these scams even if the language is poorly written. Use of familiar domains allows these phishing attempts to bypass security filters more readily.

Fake update scams have grown to over 17 times their frequency from the prior quarter. Gen describes how these attacks mimic the branding, language, and layout of genuine software updates, often displaying messages such as: "Your version is out of date, click to update now!" to increase the likelihood of user interaction.

On the financial threat front, mobile financial crime, particularly on smartphones, continued to grow. Attackers use malware and banking trojans that exploit accessibility features to overlay counterfeit login pages, stealing sensitive information like cryptocurrency wallet credentials. The report underscores a rise in credit and transaction fraud alerts as attackers increasingly view mobile devices as entry points to financial data.

Digital currencies also remain a prime target. In early 2025, the cybercrime group CryptoCore was able to steal close to USD $4 million through over 2,000 transactions by using deepfake videos of public figures on compromised YouTube accounts, timed around the US presidential inauguration.

Gen has reiterated that it will continue to evolve its cybersecurity offerings to address the shifting threat landscape. Its range of solutions includes identity protection through LifeLock, scam detection via Norton Genie, and mobile device protection with Avast Mobile Security.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Experts warn of surge in Google, Apple, Microsoft breaches
Safari users at heightened risk from new fullscreen BitM attack
Most high-traffic email domains still vulnerable to phishing
Genetec enhances Cloudrunner with advanced ALPR mapping tools
Sysdoc wins two awards for supporting NZ Defence Force change
Top stories
APJ region accelerates AI adoption as Dell rolls out new innovations
Farmlands FLEX to deliver solar microgrids for rural sector
Is it time to re-think the business browser?
SEON expands APAC team as demand for fraud tech solutions rises
Mirantis k0rdent unifies AI, VM & container workloads at scale