The Financial Services Complaints Limited (FSCL) has issued a public warning about fraudulent activity involving the misuse of its name and branding.
According to the FSCL, recent scams have involved unauthorised websites and emails that display the FSCL logo and identity, and in some cases, mimic the branding of other well-known organisations.
One of the main tactics identified includes financial service providers falsely claiming to be FSCL members.
Additionally, some emails have been reported requesting recipients to release funds or make payments, using the FSCL’s name to appear legitimate.
The FSCL has clarified that it does not request payments via unsolicited emails and advises that any such request should be treated with caution.
It encourages anyone who receives a suspicious communication referencing the organisation to verify its authenticity.
“If you receive a communication with our name, branding, or from someone claiming to work for us, or be a FSCL member, you can contact us to verify its legitimacy,” it said.
Insurance professionals and the wider public are advised to consult the Financial Service Providers Register to confirm whether a provider is officially associated with the FSCL’s dispute resolution service.
The FSCL also recommends reporting suspected scams to Netsafe.org.nz and contacting FSCL directly for verification if there is any uncertainty about a message’s origin.
FSCL reminds stakeholders that its official website is https://fscl.org.nz/ and that all legitimate emails will originate from addresses ending in @fscl.org.nz.
The organisation can be reached at 0800 347 257 or info@fscl.org.nz for further assistance.
The National Cyber Security Centre (NCSC) has released its latest Cyber Security Insights report, covering the second quarter of 2025 (Q2 2025).
During this period, the NCSC recorded 1,315 cyber security incident reports. While scams and fraud remained the most frequently reported issues, the total financial losses reported by New Zealanders fell to $5.7 million, compared to $7.8 million in the previous quarter.
Of the incidents reported, 56 were escalated for further technical investigation due to their potential national impact. The remaining 1,259 cases were managed through standard triage processes.
The majority of reports came from individuals and businesses. The NCSC noted a 3% decrease in overall incident reports compared to the first quarter of the year.
The report highlights the ongoing use of social engineering by cyber criminals.
Mike Jagusch, director mission enablement at the NCSC, noted a trend where attackers impersonate staff members when contacting organisational helpdesks, seeking to gain access to internal accounts.
“We are seeing a type of attack where a cyber criminal calls up an organisation’s helpdesk and pretends to be a staff member who needs help getting access to their account,” he said.
Once access is granted, attackers may extract sensitive data or install ransomware.
Jagusch said that these attacks often rely on manipulating helpdesk staff by creating a sense of urgency or invoking authority.
“They use social engineering techniques to sound more convincing. This might be using a sense of urgency, appealing to authority, or tricking you into feeling sympathy towards them,” he said.
