NCSC General Security Advisory GSA-2018-582

Posted August 17, 2018
Security Advisories

Business emails being compromised and used to facilitate fraudulent payments

The National Cyber Security Centre (NCSC) advisory GSA-2018-582, is a general security advisory to business. The NCSC is aware of New Zealand organisations business email accounts being compromised and used to facilitate fraudulent payments. Criminals undertaking this activity gain access to an organisation’s email account to change or create illegitimate business-to-business transactions for their own financial gain.

The NCSC recommends organisations take steps to protect their business email accounts. Organisations should ensure they have internal financial controls appropriate to the size and nature of their business to prevent and detect fraudulent payment requests. These common business practices would help to mitigate the risk of falling victim to a fraudulent payment request based on a business email compromise.

Download Advisory GSA-2018-582 [PDF, 360KB] [PDF, 360 KB]

Business emails being compromised and used to facilitate fraudulent payments

Latest headlines

NCSC and partner agencies publish top 15 common vulnerabilities for 2023

Cyber Security Alert: CVE affecting Synology Photos

NZSIS, NCSC and partners launch security advice for tech start-ups

Don’t give to the Scamathon!