From AI crypto cons to fake holiday bookings, Norton reveals the scams catching out Kiwis, plus advice to stay ahead of the scammers
As winter sets in the ruthless scams targeting Kiwis heat up. Norton, a global leader in consumer Cyber Safety and part of, has released information about the 5 biggest scams facing Kiwis this winter, along with practical advice on how to avoid them.
To support the report findings and to help Kiwis enjoy a scam free winter, Norton cyber security experts have put together a hotlist of the biggest scam red flags:
· If a stranger is fast-tracking the relationship, slow down. Romance, business, investments, friendship… speed is the tell.
· If a message uses real details about you, that doesn’t make it real. This is the game in 2026, the presence of personal data isn’t proof, it’s the trap.
· If a link is doing the urgent work, don’t click it. Go to the source. Type the URL yourself. Open the app.
· If something feels off, it likely is. Trust the instinct, hang up the call, close the tab, ask a friend.
Mark Gorrie, VP APAC at Norton, said, “The cold and wet winter is already here, and scammers were ready for it. We spend more time searching online, some of us chasing a warmer holiday, others looking for a better return on their money. That's why the scams hitting Kiwis run from fake investment platforms to reservation hijack scams. With AI, scams are cheap to make and deploy, and easy to make convincing. The lesson is simple. Before you pay anyone, stop and ask yourself why you're paying this money to this person, every single time.”
Norton Top 5 Scams of Winter 2026 in NZ:
1. Crypto and Investment Fraud Scams
Crypto and investment fraud scams are long-con financial scams where fraudsters use fake trading platforms, “guaranteed return” pitches and recover schemes to steal money.
Gen blocked more than 83,000 financial scam attacks in winter 2025, a 225% increase compared to the rest of the year. Similar figures are expected this year. Interestingly, investment scams are tied very closely to romance scams where people are distracted taking faster decisions than normal.
How it works: There are three main ways to encounter this scam.
· Fake crypto trading dashboard. You get invited to a private group, app, or platform, usually by someone you’ve built rapport with over weeks on a dating or networking app. You “deposit” a small amount of money and the dashboard show your money growing. You withdraw a small amount and get it back. Then you go bigger, and the withdrawal never comes.
· “Guaranteed return” investment groups. Discord servers, Telegram channels, and Instagram DMs promising returns no legitimate investment can offer.
· Recovery scams: Scammers target people who have already been scammed, promising to recover their lost money – for a fee. Often, they’re the same people who scammed you the first time.
How to avoid this scam:
· No legitimate investment guarantees a return. None. If what you’re being proposed does, cut off contact.
· A dashboard showing your money growing is not your money growing, it’s a webpage. Always use legitimate, well known investment pages that you’ve sourced the URL for yourself.
· The person DMing you about a “no-risk opportunity” is not your friend. No risk does not exist, avoid immediately.
· If someone offers to “recover” money you already lost to a scam, that’s a second scam. Real recovery happens through your bank, your card issuer, and law enforcement. Do not use other recovery providers.
2. Imposter Scams
Impostor scams were one of the scam types seeing observable upticks in June, July, and August of 2025, compared to the rest of the year, up 128%. And thanks to AI voice cloning, that figure is only going up.
How it works: You receive a panicked call from a friend, loved one or government body, like IRD. They ask urgently for money, why would you not – the call is from their number and their voice. But it’s a scammer using an AI voice clone to impersonate your trusted source.
How to avoid this scam:
· Set a safe word with family and groups of friends now, before anyone needs it.
· If a call sounds urgent and emotional, hang up and call the person back on the number you already have for them.
· Real agencies ask you to get in touch through official channels, not to act immediately on a link.
3. Tech Support Scams
Tech support scams are social engineering attacks where fraudsters impersonate tech companies, tracking victims into giving them remote computer access, or transferring money to “protect” their accounts. These surge in winter as people spending more time online.
Gen blocked more than 16,000 tech support scam attacks during winter 2025, up 115% in New Zealand compared to the rest of the year. Unfortunately, most victims are over 60 because they’re less online savvy, retired, or relying on their savings. They find it harder to spot a scammer and therefore are more vulnerable.
How it works: A browser pop-up claims your computer has a virus, followed by a “Technical Support” message from a known provider. You click and give them access. Once they’re in, they install real malware, charge for fake clear ups or convince you to transfer money to “protect” your bank account.
How to avoid this scam:
· Microsoft, Apple, and companies like Norton do not put their phone numbers in browser pop-ups. Ever.
· A legitimate antivirus alert won’t ask you to call a number. It’ll tell you what it blocked and let you keep going.
· If a pop-up locks your browser, force quit. Don't call the number.
· Never give remote access to your computer to someone who called you, or someone you called from a pop-up.
4. Lottery & Sweepstakes Scams
Lottery and sweepstakes scams are “unexpected money” frauds where scammers claim you’ve won a prize or earned a reward, then require you to pay a fee to claim it. But as much as we all want some extra “fun money” in the winter, there is no prize. The fee is the entire scam.
Gen blocked more than 4,000 unexpected money scam attacks over winter in 2025, up 55% in New Zealand compared to the rest of the year.
How it works: An email or DM claims you’ve won a lottery, gift card giveaway, or sweepstakes, (often from real-sounding companies) that you don’t remember entering. To claim the prize, you have to pay a “processing fee”, “tax”, or “shipping cost.” After you pay, nothing arrives or you get a fake check that bounces.
How to avoid this scam:
· You did not win a lottery you did not enter. If you’ve been presented with a random lottery prize, this is a scam. Do not click the link. Delete the message and forget about it.
· Real sweepstakes prizes do not require upfront payment of any kind. End contact immediately with that provider if you are presented with this offer.
· Never open emails or click on links that are from sources like Nigerian princes. These are the oldest tricks in the book. Delete the email without opening it.
5. The Reservation Hijack Scam
The Reservation Hijack Scam is a phishing attack where fraudsters use stolen booking data to impersonate hotels and steal payment information from travellers. Since late 2025, research at Gen, the company behind Norton, has identified 353 fraudulent landing pages, representing roughly 350 distinct accommodations and 38,000 rooms across rented accommodation all over the world.
How it works: After booking your hotel, a new message from your booking platform arrives within a few days. It appears legitimate, referencing all correct booking information, but requests another payment due to a ‘payment problem’. It all looks legitimate, and you don’t want to lose your reservation, so in go your card details… to the scammer!
How to avoid this scam:
· If you get a “re-verify” or “problem with your reservation” message, don’t click the link, even if it looks real.
· If you think there could be an issue with your reservation, manually enter the URL in your browser to log into the booking site or contact the accommodation directly using their official contact information.
· Stick to official communication channels. Real hotels will never transfer you to text or WhatsApp to re-enter your card details.