Accessible News

Top storiesNew ZealandPoliticsBusinessEntertainmentSportsWorld

Scammers are going to try access your computer. This is what you need to know

Wednesday, 31 May 2017

In 2017, police released a phone recording and a transcript of a call to a police officer in which the scammer tries to get the recipient to log on to a dodgy-sounding website.

A brazen attempt by a phone scammer to get remote access to a police computer recently shows that everyone needs to be on the lookout when it comes to online con artists. 

In the latest incident, the call to police, published on Facebook on Tuesday, was an attempt by someone from overseas to get remote access to the computer of the person receiving the call.

From the sound of the exchange, the caller had no idea whom he was contacting, and he sounded less than impressed when informed who it was on the other end of the line.

Criminals operating on the internet have come up with many ways to clean out the bank accounts of unsuspecting victims.
Criminals operating on the internet have come up with many ways to clean out the bank accounts of unsuspecting victims.

It's the kind of scam online safety organisation Netsafe describes as a cold call PC tech support scam. There are also less specific cold call scams, where the scammers aren't claiming to be trying to fix computer problems.

**READ MORE:

Dunedin man loses $9000 in bank scam

Business start-up grants scam

Scam victims can be young and savvy

Scammers almost swipe $12,000 from Motueka woman

Elderly victims of $120,000 phone scam 'tip of the iceberg'

WannaCry ransomware victims told not to pay up by Cert NZ**

So, how do they work?

Scammers phone up and pretend to offer to help with slow or infected computers. They use the names of well known companies such as Microsoft or Spark to convince targets they are genuine. They often try to get remote access to a victim's device, which would enable them to access a network or computer from another location.

What are the scammers after?

According to Netsafe they may be trying to get online banking or credit card details, and get targets to pay for a fake security check. Sometimes they also ask for personal information such as copies of passports and drivers licences that can be used for identity fraud.

How often does this happen?

No one really knows, but Netsafe says it gets thousands of reports of this scam. In 2015 it received 859 reports of what was then called the PC doctor scam. In the cases reported to Netsafe in 2015, targets lost nearly $104,000. That was likely to be 'just the tip of the iceberg'.

In the 2015 report, Netsafe acknowledged it was advised of 'only a fraction of the total number of online challenges that New Zealanders experience each year'. In 2015 it received 6 per cent more requests for advice or support - for a wide range of online issues, not just scams - than it did in 2014. Reporting rates provided an indication of possible trends, it said.

Where do the the scams originate?

Identifying those behind cyber incidents is notoriously difficult, Netsafe says. Caller ID for the PC doctor scammers showed incoming numbers theoretically tracing back to various countries including Egypt, India, Romania, Australia, the Philippines and the US. 

Other targets reported getting a browser pop-up asking them to call a NZ 0800 number for virus removal that clearly connected to an overseas call centre.

What other kinds of scams are there?

Among the scams highlighted by Netsafe are:

Email phishing: The aim of this widespread scam is to get personal information such as bank account numbers and passwords. Usually a large number of people are sent emails in the hope some will fall for the scam.

An example is the lottery scam, where people are told they have won a prize, and need to provide some details to claim their winnings. In others, scammers pretend to be lawyers or from the government and threaten legal action if targets don't provide information or money. Netsafe warns that not all phishing scams are obvious, and the scams are becoming more difficult to spot.

Fake invoicing: Scammers send an invoice - printed or email - that looks like it has come from a legitimate business. The bills are for goods or services that haven't been requested, of for something that doesn't exist such as a fake trade directory. They can also ask for changes to usual billing arrangements.

Facebook trading scams: These involve scammers posing as sellers on a buy and sell Facebook page or group, or setting up fake business pages. They pretend to have goods or services for sale, but once they're paid they disappear, or buyers are blocked from their sites, or buyers' messages are ignored.

What should people do if they are targets of a scam?:

Netsafe, which deals with a whole range of issues to deal with the internet, would like to hear about it. Reports can be made through Netsafe.org.nz, or Netsafe can be phoned on 0508 638 723 (NETSAFE). In some cases other agencies could be involved.

The Government has also set up a new national Computer Emergency Response Team (CERT NZ) funded by Budget 2016 with an allocation of  $22.2 million. It is responsible for monitoring, tracking and advising on cyber security incidents or attacks. CERT NZ wants to hear from anyone with a cyber security problem.

Recent threats it has warned about on its website include the WannaCry ransomware  that involved large scale attacks around the world during May.

Ransomeware works by blocking people's access to their computers or files until they pay a ransom.

Another recent attack was a Google Docs phishing attack about a month ago. It involved Gmail users receiving an invitation from a friend in their contact list to join a Google Doc. The link directed users to google.com, while also giving the attacker access to users' email inboxes.

As a result, the attacker was able to read, send and delete emails and communicate with users' contacts. Google disabled the attack but by then thousands of people had reported clicking on the link.