Phishing Disruption Service – Helping to Protect New Zealanders from Phishing Attacks
Phishing is a type of cyberattack that involves sending fraudulent emails that appear to be from a legitimate source, such as a bank or government agency. The emails often contain a link or attachment that, when clicked, installs malware on the victim’s computer or steals their personal information.
Phishing attacks are a serious threat to businesses and individuals alike. In New Zealand, phishing attacks cost businesses an estimated $1.2 billion each year.
To help protect New Zealanders from phishing attacks, CERT NZ has developed the Phishing Disruption Service (PDS).
The PDS is a free service that provides a verified list of New Zealand specific phishing indicators that organisations can act on and block from their network.
The PDS works by collecting phishing reports from a variety of sources, including CERT NZ’s own honeypots, email providers, and social media platforms. These reports are then manually analysed by CERT NZ staff to identify phishing activity.
The phishing emails often contain a link or attachment that, when clicked, installs malware on the victim’s computer or steals their personal information.
Once a phishing email has been identified, CERT NZ generates a phishing indicator, which is a unique identifier that can be used to block the email from being delivered to other users. The phishing indicator is then distributed to PDS subscribers via an API.
PDS subscribers can use the phishing indicators to block phishing emails from their network. This can be done by adding the phishing indicators to their spam filters or firewalls.
By utilising the PDS, NZ organisations can significantly reduce the risk of falling victim to phishing attacks. By blocking known phishing indicators, they can prevent malicious emails from reaching their employees’ inboxes and potentially compromising their systems.
The PDS also offers benefits to individuals by helping to protect their personal information. When organisations block phishing emails, it reduces the likelihood of individuals unknowingly clicking on malicious links or downloading harmful attachments.
The PDS is an ongoing service that constantly updates its list of phishing indicators as new threats emerge. This ensures that organisations have the most up-to-date information to protect themselves and their employees from phishing attacks.
In addition to providing the list of phishing indicators, the PDS also offers guidance and resources to help organizations strengthen their cybersecurity defenses. This includes information on best practices for email security, employee training, and incident response.
By offering the PDS as a free service, CERT NZ aims to make it accessible to NZ organisations of all sizes and industries. This helps to level the playing field and ensure that even smaller businesses have the tools and resources needed to defend against phishing attacks.
The Phishing Disruption Service plays a crucial role in protecting New Zealanders from the financial and personal harm caused by phishing attacks.
By providing a verified list of phishing indicators and supporting organizations in strengthening their cybersecurity defenses, the PDS helps to create a safer digital environment for businesses and individuals alike.
- If you think you have received a phishing email, you can report it to CERT NZ here: https://www.cert.govt.nz/report-an-issue/
- You can also learn more about phishing and how to protect yourself from it here: https://www.cert.govt.nz/individuals/common-threats/phishing/
By staying informed and taking steps to protect yourself, you can help to keep your personal information safe from cybercriminals.