Story image

Scammers pose as Microsoft, target New Zealanders

14 Sep 15

New Zealanders are the target of a new scam involving fake viruses and people posing as Microsoft.

According to Microsoft New Zealand and NetSafe, there has been a significant increase in reports of scammers trying to defraud people by claiming to be calling from Microsoft and that there is a problem with their computers.

 The cold callers offer to fix compromised computers and ask for remote access to computers which can reveal credit card details or bank account numbers. Some people have allowed access and one is reported to have lost around $5,000.

Martin Cocker, NetSafe executive director, says this pattern of scamming is not new and the scammers use the Microsoft brand as the company is known to have trusted experts.

“Unfortunately some people believe the calls are genuine and are led to believe they are doing the right thing by handing over private passwords or details.

“They can find themselves losing money or ending up with a computer infected with viruses or other malware that compromise their security,” says Cocker.

Frazer Scott, Microsoft NZ marketing and operations director, says the big message they want to get out to New Zealanders is that the company will NEVER call them asking for remote access to their computer.

“We do not call customers at home saying that we have detected a problem with their computer. We will never ask for passwords or other private details in any forum,” says Scott.

Cocker says their advice is to hang up immediately and report the incident to NetSafe.

“If you have given someone on the phone access and start to worry, then disconnect the machine from the internet and then hang up and report the incident to us. If you have given any bank details to a caller, then advise your bank as soon as possible,” he says.

Microsoft and NetSafe will be running advertisements across the country and writing to community groups to alert as many people as possible to be wary of these calls.

The average scam call plays out as follows:

  • Overseas caller states they are from Microsoft or a Microsoft certified technician.
  • Suggests the victim’s computer is infected and harming others online or that their ISP has identified their system as a problem.
  • Will get the computer owner to give the caller remote access using a genuine networking service or website like logmein123 or teamviewer.
  • They will use the ‘Event Viewer’ tool on the computer to highlight error messages which are supposedly signs of an infection.
  • The cold caller will offer to clean up the infection and/or install security software and provide an ongoing support service costing anywhere up to $500.

How to deal with the overseas cold callers, according to Microsoft NZ:

  • Hang up the phone - engaging with or taunting these companies can lead to you receiving many more calls at all times of the day or night. Some technicians have resorted to threats or abuse to get computer owners to give remote access.
  • If you do give access but become suspicious, disconnect the machine from the internet immediately. NetSafe has received some reports of these cold calling companies installing ransomware on the computer to ensure they get paid to unlock the PC.
  • If you have previously given remote access, it may pay to check what has been installed on your computer and be certain there is no way for the company to continue accessing your system and files. Consult a trusted local PC technician if unsure.
  • If you have paid money to these companies using a credit card, call your bank and discuss your options. If you sent funds via Western Union or another wire transfer service then the money is gone and cannot be recovered.
  • To report the call or incident to NetSafe, either log the incident via its website or call on the NetSafe toll-free number 0508 NETSAFE (0508 638 723)
ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).
'DerpTrolling’ faces jail time for Sony DoS attacks
A United States federal court has charged a 23-year-old man for the hacks on Sony Online Entertainment and other major companies back in 2014.
Kiwis concerned about being scammed – survey
This unease is warranted given the growing sophistication of scammers and their activities, and numbers of attempted fraud.
It's time to rethink your back-up and recovery strategy
"It is becoming apparent that legacy approaches to backup and recovery may no longer be sufficient for most organisations."
Dropbox strengthens security with raft of new partnerships
Integrations will keep customer content protected and secure with tools for controlling identity access, governing data, and managing devices.
Interview: Aruba’s NZ country manager talks channel strategy
“What we're taking to market is that message around simplification and having everything in one place.”
Companies swamped by critical vulnerabilities – Tenable
Research has found enterprises identify 870 unique vulnerabilities on internal systems every day, on average, with over 100 of them being critical.