Many New Zealanders are still unaware of common cyber scams, don't know who to report them to and are overlooking key steps to protect their sensitive data despite the growing threat, according to new research.
Last week, global IT solutions company Unisys published research saying the majority of Kiwis aren't comfortable with employers monitoring their technology use, regardless of its purposes.
New findings, just released from the company's survey of 1000 people in New Zealand in July, found more than half are unaware of SMiShing, which is when a scammer texts asking for personal or financial details.
And 82 percent were not aware of SIM jacking; when a fraudster is able to transfer a phone number to a phone they control, which can give them access to two-factor authentication data.
With many Kiwis still working from home due to the COVID-19 pandemic, that can leave both personal and business information vulnerable.
It comes despite the New Zealanders surveyed saying they are very concerned about protecting their privacy and data, with 52 percent worried about identity theft and 51 percent about hacking and viruses.
The survey also found a third of respondents aren't concerned about clicking on links in text messages, emails or in other social apps, a common way of causing malware to be installed on devices.
"Employers rely on employees to do the right thing to prevent cyberattacks," Gergana Winzer, industry director of cybersecurity, Unisys for Asia Pacific said.
"But this is a big ask when New Zealanders are being targeted by more ransomware attacks than ever before. Moreover, the research shows that Kiwis are not attentive to cyber risks on mobile devices."
Over 40 percent of respondents said they aren't as careful on their phone as they are on computers when it comes to protecting personal and financial details, and that is a concern given the proliferation of scams like the FluBot malware.
Unapproved software can also introduce risks, with a third of respondents saying they had intentionally downloaded apps and programs for work purposes without authorisation.
Nearly 40 percent said they did this because they wanted to use the same tools they use in their personal life for work purposes, with 33 percent saying it was for entertainment and personal use.
"Security and employee experience are fundamentally integrated: Employees who download unauthorised software risk creating unsecured links to devices and systems," Winzer said.
The survey also found that nearly three-quarters of Kiwis didn't know which organisation to report a scam to if they fall victim.
Besides their employers, scams should be reported to CERT NZ, the Government's cybersecurity organisation.
It helps triage reported incidents and assist businesses, organisations and individuals in getting help and passes on appropriate details to the NZ Police in incidents of identity theft.
It also tracks threats and makes the public aware of them, like it did with the FluBot malware in October.