A cybersecurity company is warning Kiwis to be careful - as a malicious computer virus has been targeting New Zealanders.
CERT NZ, a cybersecurity government agency, says there is a recent surge of increasingly sophisticated cyberattacks, aiming to steal revenue and data of an individual or company.
The virus, known as Emotet, installs malicious software (malware) onto a computer without the owner knowing.
Once the attacker gains entry into the computer, the malware steals login details, sends fake invoices to business customers, blocks access to your files and demands money to get it back.
The agency says approximately 800 New Zealanders have been affected so far.
"Computer malware is a common theme that people have to protect against," CERT NZ's Deputy Director Declan Ingram said.
"However, this particular one is quickly and continually evolving globally."
The infection starts when someone clicks on a link or attachment sent via email.
Not only does the person's device become infected with malware, but the virus then sends the same emails to the person's contact list - continuing the cycle.
- NZX chief information officer resigns following slew of cyber attacks
- SIS called in as Kiwis targeted by data firm linked to Chinese military
- NZ academic on Chinese intelligence list with 793 other New Zealanders
- Attackers using COVID-19 themed scams
"The tricky thing is, these malicious emails often don't come from spam email addresses, which is usually a sign that an email is suspicious," Ingram said.
"As the cyber attacker has access to someone's contact list, the email is sent from a person you know and could even be interspersed into an email conversation thread you're having with them."
"That's why it's extremely important to have up-to-date antivirus software on your computer."
If your device has been affected, CERT NZ recommends disconnecting the affected computer from your network immediately and contacting your IT support team.
The malware would have access to your computer, including account login credentials and passwords, including things like online banking - these will have to be changed.
It is important you only change your passwords using a different computer, CERT NZ says, as the malware may record any changes you make.