New Zealand’s National Cyber Security Centre has tracked 1,315 cybersecurity incidents over the second quarter of 2025, 3% less than the previous quarter. Despite a small decrease in the number of incidents, financial losses decreased significantly by 27% to NZ 5.7 million vs Q1$ssuanz point to NZ 7.8 million. Social engineering attacks targeting organizational helpdesks became a hot spot with scams and fraud retaining their top spot as the most reported class of incident.
Social engineering attacks play the helpdesk card
“We are seeing a type of attack where a cyber criminal calls up an organisation’s helpdesk and pretends to be a staff member who needs help getting access to their account,” said NCSC Director Mission Enablement, Mike Jagusch. These attackers use the access provided by these tools to do something malicious such as download sensitive information or deposit malicious codes like ransomware.
The advanced social engineering techniques used by cybercriminals include creating a sense of urgency, appealing to authority, or manipulating the victim to create a sense of sympathy for the cybercriminal. These attackers rely on psychological manipulation to circumvent security protocols and get unauthorised access to sensitive organisational systems. Once access is gained, threat actors go on to carry out malicious activities like exfiltration of data and dropping of ransomware, and could inflict significant operational and financial harm on targeted organizations.
Scams and Fraud top of the incident reporting categories
With a total of 514 reports, Scams and Fraud remained the most reported category of reported incidents. The second-highest number by category was the exploitation of ‘Phishing’ and ‘Credential Harvesting,’ with a total incident report number of 374 reports.ย The most common loss value reported was less than $500,howeverincidents10,000 and over accounted for $5.3M (94%) of reported loss, even though it only comprised 50 incidents.
Specialist technical support tackles nationally significant threats
Of the 1,315 incidents that were reported, 56 were triaged for specialist technical support because they were potentially of national significance. The other 1,259 incidents were processed using the normal triage managed by the NCSC. These incidents were only reported to the NCSC to a large extent by individuals and businesses across New Zealand’s digital infrastructure landscape.
A case study for an incident for which NCSC had provided specialist support is also provided in this report. It shows how an organisation in New Zealand was targeted by a sophisticated actor who attempted to infiltrate the organisation.
“This case study uses everyday operations to center on the effectiveness of good cyber hygiene.” Due to the successful implementation of good passwords, multi-factor authentication, and network segmentation by the organisation, “the NCSC were able to verify no data had been stolen,” said Mr Jagusch.
The quarterly had a case study showing successful defensive measures against a sophisticated threat actor trying to gain access to a New Zealand organisation.
Defensive success is proof of cybersecurity best practices effectiveness
The incident showed how the basic cybersecurity measures were effective in preventing data breaches. Strong passwords, two-factor authentication, and network segmentation came into play as important forces in stopping the sophisticated attempt to attack a system. Due to the success of these security measures undertaken by the organisation, the NCSC was able to determine that no sensitive data had been compromised in the infiltration attempt.
New Zealand’s Q2 Cybersecurity Landscape: Not All Vicious Cyborgs On one hand, you can’t help but be heartened by the positive trends in New Zealand’s cybersecurity ecosystem, and on the other hand, you must remain vigilant about what vicious cyborgs? While financial losses dropped to a significant level, the fact that social engineering attacks geared towards helpdesk operations are still widely prevalent suggests a need for more human-centric security awareness.