How Telephone Scams Work
We have seen hundreds of our customers affected by telephone scams, now in ever increasing numbers. Awareness that this type of criminal activity is a "thing" is the best defence. No amount of internet security software or login/password strategies work if you are using your computer under instructions from the scammer. This advice is designed to give you a heads-up as to how the typical phone scam works
The ACCC provides a lot of useful information on their ScamWatch page
It starts with a phone call
Typically, you receive a random phone call from the scammer, ie they have no idea who you are, they just have your number
There will usually be a short delay before anyone speaks
This is because they use computers to make the calls and when someone answers it gets assigned to one of the scammers
It is also possible for a message to be displayed on your computer screen suggesting you call the displayed number for support
These messages can pop-up at any time through ordinary browsing of the internet
Scammer routinely place their scam messages within paid advertising links
The message will specifically instruct you not to switch your computer off (because it clears the message completely)
If you do call the number on the screen as suggested, it is even more likely you will be scammed
The scammer will pretend be calling from a company or organisation you are familiar with
Typically, the caller will pretend to be from Telstra or Microsoft
They may also pretend to be from the NBN, Australia Post, Australian Tax Office, Australian Federal Police, your energy supplier, etc
The scammer will convey a sense of urgency
You may be told your internet connection is about to be disconnected for several days/weeks/months
You may be told your internet connection is slow and they will help you make it faster
You may be told that "hackers" have tried to access your computer and the scammer asks for your assistance to catch them
You may be told that your computer is being used to send email spam
You will be told that you have to take action immediately (with the scammers help) there is no time to lose!
The scammer is ready for any objections and/or suspicions
They will have an answer for pretty much everything you ask or say
They may give you an Australian sounding name
It is no longer unusual to hear a foreign accent from a genuine support call centre which is often located overseas
They may give you a familiar physical location they are calling from, usually an Australian capital city
They may give you a genuine support number to ring where they know you will just hear a familiar recorded message
They will tell you they are your only support option and you must act quickly
They will reject any suggestion that you might call or visit your regular IT support people
The scammer will attempt to convince you that there is a problem with your computer
They will ask you to run one or more commands on your computer
They may lead you to an alphanumeric expression where they read out exactly the same expression
They will tell you this is the "serial number" of your computer
The expression they show you is the same on ALL windows computers, ie it is not all unique to your computer
This is a very convincing though becuasde you are left wondering how they could possibly know the expression!
They may lead you to a screen which displays a list of "error messages" on your computer
Again, these messages are on EVERY Windows computer, they vary sightly, but the list looks exactly the same
They will try and convince you this is prrof your computer is failing, or it is evfeidence that hackers have tried to access your computer
Either way, the intention is that you become more alarmed as the conversation goes on
The scammer will try and convince you to allow them to login to your computer
Sometimes they will state this plainly so you knowingly allow them to do this
Sometimes they just get you to browse to a web page and then relay the numbers on the page to the scammer
Either way, they will then have remote access to your computer and be able to observe and control anything you can see on the screen
It is at this point that most people bail out of the conversation
Once logged in to your computer the scammer may attempt to show you further proof there is a problem with your computer
Your mouse cursor will move by itself, windows will open and close and you will see numbers and text typed on the screen
Again, this is usually the first warning that the whole thing no longer seems like a good idea
The scammer will now try and relieve you of a small amount of money
Depending on the scam being used, they will come up with a reason for you to pay them some money
The pretext will be quite plausible
It will generally be a small sum, ie you can afford to lose it
It may be postage for a new modem to be sent to you to "fix" your internet connection
It may be a few hundred dollars for "servicing" your computer for an extended period of time
What the scammer really wants is for you to login to your internet banking while they have remote access to your computer
In the cold light of day, this is very alarming
But in the sequence described above it may seem quite a reasonable request
They will be very reassuring if you state any doubts or objections, after all, you can trust Telstra/Microsoft/NBNco et al
If you login to your internet banking while they have remote access to your computer, they will then have your banking credentials
The scammers know how the internet banking system works
They know that only the first internet banking payment needs authentication
Each subsequent payment to the same payee does not need authentication up to a certain limit (say) $5000
So the scammer will encourage you to authorise a small amount and then use your credentials to transfer larger sums
They even know how to request an increased limit for the new payee
Online payments above the lower limit still need an SMS authentication
The scammers are known to have convinced the target to tell them this code under the pretext of fixing the computer/internet etc
Under no circumstances ever give out an authentication code which has been sent to your phone
The scammers may ask you to go out and purchase (say) iTunes gift cards up to a certain value
This is requested under the pretext of "catching" the hackers
They will pretend to pay you a sum of money to do this
This seems quite reasonable because you will be using "their" money to buy the gift cards
Trouble is, they simply transfer money from one of your other accounts to your credit card (or vice versa)
They are hoping you do not notice where the money bhas come from
They will then show you the higher balance in your account
You then go out and buy as many gift cards as you can find
You then return and verbally advise the scammers of the code on each gift card
Once this is done the money is gone and cannot be retrieved
They will often ask you to leave them logged into your computer while you go out and buy the gift cards
On the pretext that they will check and remove any traces of the "hackers"
And then the scammer disappears....
Having successfully completed the scam and pocketed their ill-gotten gains, they just disappear
It is quite likely that the remote access software which was used is still installed on the computer
It is possible that the computer has been exposed to malware and other unwanted programs
Recommended Actions
Just hangup whenever you get an unsolicited call from any organisation
The genuine callers will find another way to contact you
You could state "this call looks like a scam" before you hangup
Don't engage in any conversation where the caller tries to convince they are not a scammer
If your computer has been accessed remotely as described above, switch the computer off
Or just pull the plug, you will not harm your computer
On a laptop, just depress the on/off button for approx 8 seconds to kill the power to the computer
Immediately contact your preferred IT support people for advice
Do not restart the computer until it has been professionally checked
If you logged into your bank account while the scammers were remotely accessing your computer
Contact your bank immediately
They will shut down your internet banking, change your passwords and wait for an all-clear report for your computer