New Zealand online scams surge as trust is exploited
Fri, 17th Jul 2026 (Today)
Gen's half-year threat report shows a sharp rise in online scams and remote access attacks in New Zealand, pointing to growing abuse of digital services consumers already use and trust.
E-shop scams in New Zealand rose 87% in the first half of 2026, while malicious remote access incidents climbed 73%. Tech support scams increased 27%, and so-called Scam-Yourself attacks, in which users are tricked into installing harmful software, were up 45%.
The report argues that many of the most effective cyber attacks now blend into ordinary online activity rather than relying on obvious malware or straightforward technical breaches. Instead, attackers are exploiting booking systems, messaging services, online advertising, software update channels and other familiar digital environments.
That trend is visible in New Zealand's online retail market. The report says fake shopping sites are becoming more convincing and are designed to capture payment details from consumers who believe they are dealing with a legitimate seller.
Malicious remote access reflects a similar shift. In these cases, an attacker gains control of a victim's computer or phone, often after persuading the user to approve access through a message or supposed support interaction.
Global data in the report shows the same pattern across a broader range of scams. Gen recorded a 387% increase in government impersonation scams and a rise of more than 454% in family impersonation scams, which it linked in part to abuse of account-linking features on messaging platforms.
It also identified more than 304 million scam ad impressions across the EU and UK in less than one month. Separate breach notification alerts with attributed lead sources rose 628.1% to 3.3 million, while total breach notifications exceeded 10 million.
Another measure in the report points to the scale of data exposure feeding online fraud. Gen identified more than 15.7 million breached records containing email addresses, giving cybercriminals more opportunities to target consumers with phishing, scams and account takeover attempts.
Trusted channels
The report's central theme is that trust itself has become a route for attack. Rather than pushing victims to clearly suspicious software or websites, cybercriminals are increasingly embedding their efforts within services and workflows that appear normal.
Examples in the report include scams delivered through a hotel booking platform that referred to a genuine reservation, and compromised WhatsApp accounts where users were tricked into approving an attacker's browser as a linked device. It also describes financial fraud moving through verified bank accounts held by people recruited on social media with promises of easy money.
Vita Santrucek, Chief Technology & Development Officer at Gen, said the danger is becoming harder for users to spot.
"The most effective attacks in the first half of 2026 didn't look like attacks," Santrucek said. "They arrived through booking platforms, family message threads, software update channels and AI agent workflows, all places people already trust. As attackers blend into everyday digital experiences, protection has to move closer to the moments where confidence is earned, exploited or broken."
In New Zealand, the rise in shopping scams comes as colder weather drives more consumer activity online, the report says. That shift in behaviour creates more opportunity for fake stores and fraudulent ads to reach buyers while they browse from home.
Mark Gorrie, Vice President APAC at Norton, said shoppers should be cautious when they encounter pressure tactics or unfamiliar sellers.
"Your guard can slip when you're scrolling and shopping from a warm room," Gorrie said. "A price that's too good, a shop name you've never heard of, and a message tugging at your emotions to rush you. If you feel any of those, stop right there. Rather than following a link straight from an ad or a social post, search the shop's name and check it's a real business. That small extra step prevents most of the harm."
AI risks
The report also highlights agentic AI as a developing area of concern. As AI systems are given permission to browse, install software, access files and connect to services on behalf of users, Gen says attackers are starting to target those permissions and relationships.
Early telemetry from Sage, the company's agentic security platform, found that the most common high-risk AI agent behaviours included attempts to run dangerous system commands, open remote command channels, download and execute code from the internet, read credential files without authorisation, create persistent remote access and override an agent's instructions.
Alongside the threat data, Gen reported the volume of attacks it said it blocked across several categories globally. It recorded 114.2 million e-shop scam attacks blocked, up 109%; 20.3 million tech support scam attacks blocked; and 1 million web skimming attacks blocked, up 212%.
Gen also said it blocked roughly 1.9 billion tracking attempts during the first half of 2026.