A scam that saw the country's largest Maori training provider pay fraudsters more than $100,000 is hitting local businesses with "near misses" almost every day.
Te Wananga o Aotearoa is working to retrieve the money after its chief financial officer transferred US$79,000 ($118,000) to an overseas bank account in a "whaling" email con, Stuff.co.nz reported.
Whaling - a take on the term 'phishing' - targets high-level executives, using email addresses similar to employee addresses, to make it appear as though they're requesting the funds.
In the wananga's case, Stuff.co.nz said the email appeared to be from the organisation's chief executive, Jim Mather, asking for cash.
Instead the email came from scammers based in China, who had forged Mather's email address.
The incident is the latest in a series in New Zealand, and believed to be one of the largest amounts sent overseas.
In September, Internal Affairs sent a warning about the fraud, saying five other companies had also been involved.
The amount of money to be transferred varied, with transfer requests ranging from $24,500 to $89,400. In most of the reported cases the chief financial officer or accountant had become suspicious before the funds were actually transferred.
Netsafe executive director Martin Cocker said the scam had since continued unabated with reports coming in once every couple of days. Most of those were near-misses, but there had been a handful of other successful cons, he said.
"This is definitely a significant issue for businesses. The reason is because there is a lot of info about businesses and the people who work in them in the public domain, so the cyber criminals have all the info they require to launch sophisticated attacks."
Mr Cocker said the scammers read business websites, Facebook and LinkedIn to work out who knows who, and who worked where.
They also had access to huge databases that had been leaked illegally, meaning they were able to effectively target individual people with expert knowledge.
The success of the scam depended on the actions taken within the businesses and the alertness of staff, he said.
He warned that businesses with a more "relaxed practice of communication" were more likely to be targeted.
"Internal cross-checking is the thing that can prevent losses. Most businesses should have a form of double-checking and not using email as a request to make a payment of large sums of money," Mr Cocker said.
He asked that people reported every serious incident to Netsafe, as he suspected a large number were going unreported.
Te Wananga o Aotearoa chief executive Jim Mather told Stuff.co.nz efforts were under way to retrieve the funds. Police had been notified, he said.
Mather joined the wananga in 2013 from Maori Television. The wananga was established in 1984 and operates from 80 locations, with around 30,000 students.
