Cyber Threat Trends in New Zealand | What’s Rising, What’s Falling, and What It Means for You
Cyber threats in New Zealand are not disappearing but rather evolving. Recent data from ESET shows a noticeable shift in how cybercriminals operate, with fewer overall threats detected in early 2026 but a clear increase in more sophisticated and targeted attack methods. For home users and small businesses, this shift is critical. It means the risk is no longer about volume, but about how convincing and effective scams have become.
Cyber Threats in NZ Are Decreasing, But Risk Is Not
At first glance, the numbers appear encouraging. February 2026 saw a 23% decrease in detected threats compared to the same time in 2025, while March 2026 recorded an even larger drop of 28%.
However, this decline doesn’t mean New Zealanders are safer online. Instead, it highlights a shift in attacker behaviour – cybercriminals are focusing on fewer, more targeted attacks that are designed to succeed.
Phishing Remains the #1 Cyber Threat in New Zealand
Phishing continues to dominate the threat landscape in New Zealand. The most common detections in March 2026 were phishing-related trojans embedded in everyday file formats such as HTML and Word documents.
These attacks are designed to look legitimate and familiar. For everyday users, this might appear as:
- An invoice or billing email
- A delivery notification
- A document or social post asking you to “open” or “enable content”
Once clicked, these can lead to fake login pages, checkout pages, or capture sensitive information without you realising.
Multi-Format Cyber Attacks Are on the Rise
One of the biggest emerging cyber threat trends in New Zealand is the rise of multi-format attacks. Instead of relying on a single method, cybercriminals are combining multiple techniques into one seamless attack.
For example, a single scam email may include:
- A document or image with embedded scripts (these can install malware or harvest information from active browsing)
- A redirect to a phishing website
- A “support” phone number that puts you in contact with a scammer
This layered approach makes attacks harder to detect, more convincing, and more likely to bypass basic security measures, if one avenue fails, there is another one “just in case”.
QR Code Scams (“Quishing”) Are Increasing
QR code phishing scams are becoming more common across New Zealand. These scams use QR codes to hide malicious links, making it difficult to verify the destination before scanning.
Popularised during COVID-19, such as QR Code scanning before boarding AT Transport for tracing – QR codes have become a part of everyday life, it’s used in parking, menus, and payments. Scammers are exploiting this familiarity.
A single scan can lead to:
- Fake payment pages
- Phishing login screens
- Data-harvesting websites or apps
This trend is particularly important for both consumers and small businesses to be aware of.
Some Scam Types Are Declining, But Being Replaced
There is some good news: certain scams, such as “Clickfix” attacks (fake pop-ups or prompts to fix issues), are declining.
However, this doesn’t reduce overall risk. Instead, it shows that attackers are evolving their tactics. They are moving toward:
- More personalised phishing
- AI-generated scam content
- Less obvious, more subtle manipulation techniques
Why Cyber Threats Are Becoming More Dangerous Despite Decreasing
Even though fewer threats are being detected overall, the attacks that remain are more targeted, realistic, and difficult to identify. This evolution means cybercrime is increasingly focused on human behaviour, not just technology. Attackers rely on trust, urgency, and familiarity to trick people into taking action.
Small businesses in New Zealand are increasingly being targeted because they often have fewer resources and security controls in place. A single successful attack can lead to financial loss and reputational damage. That’s why businesses need to combine technology with process, such as verifying payment requests and training employees to recognise suspicious activity, such as fake Invoices. Staying informed is your best defence against this ever-changing landscape.
Threats aren’t always about not clicking that suspicious link; for example, HTML attacks can embed themselves into the checkout pages of completely legitimate websites without you knowing and harvest your card information, unless you have security software that can detect this and block it.
Cybersecurity in NZ Is About Awareness