Story image

Scammers pose as Microsoft, target New Zealanders

14 Sep 2015

New Zealanders are the target of a new scam involving fake viruses and people posing as Microsoft.

According to Microsoft New Zealand and NetSafe, there has been a significant increase in reports of scammers trying to defraud people by claiming to be calling from Microsoft and that there is a problem with their computers.

 The cold callers offer to fix compromised computers and ask for remote access to computers which can reveal credit card details or bank account numbers. Some people have allowed access and one is reported to have lost around $5,000.

Martin Cocker, NetSafe executive director, says this pattern of scamming is not new and the scammers use the Microsoft brand as the company is known to have trusted experts.

“Unfortunately some people believe the calls are genuine and are led to believe they are doing the right thing by handing over private passwords or details.

“They can find themselves losing money or ending up with a computer infected with viruses or other malware that compromise their security,” says Cocker.

Frazer Scott, Microsoft NZ marketing and operations director, says the big message they want to get out to New Zealanders is that the company will NEVER call them asking for remote access to their computer.

“We do not call customers at home saying that we have detected a problem with their computer. We will never ask for passwords or other private details in any forum,” says Scott.

Cocker says their advice is to hang up immediately and report the incident to NetSafe.

“If you have given someone on the phone access and start to worry, then disconnect the machine from the internet and then hang up and report the incident to us. If you have given any bank details to a caller, then advise your bank as soon as possible,” he says.

Microsoft and NetSafe will be running advertisements across the country and writing to community groups to alert as many people as possible to be wary of these calls.

The average scam call plays out as follows:

  • Overseas caller states they are from Microsoft or a Microsoft certified technician.
  • Suggests the victim’s computer is infected and harming others online or that their ISP has identified their system as a problem.
  • Will get the computer owner to give the caller remote access using a genuine networking service or website like logmein123 or teamviewer.
  • They will use the ‘Event Viewer’ tool on the computer to highlight error messages which are supposedly signs of an infection.
  • The cold caller will offer to clean up the infection and/or install security software and provide an ongoing support service costing anywhere up to $500.

How to deal with the overseas cold callers, according to Microsoft NZ:

  • Hang up the phone - engaging with or taunting these companies can lead to you receiving many more calls at all times of the day or night. Some technicians have resorted to threats or abuse to get computer owners to give remote access.
  • If you do give access but become suspicious, disconnect the machine from the internet immediately. NetSafe has received some reports of these cold calling companies installing ransomware on the computer to ensure they get paid to unlock the PC.
  • If you have previously given remote access, it may pay to check what has been installed on your computer and be certain there is no way for the company to continue accessing your system and files. Consult a trusted local PC technician if unsure.
  • If you have paid money to these companies using a credit card, call your bank and discuss your options. If you sent funds via Western Union or another wire transfer service then the money is gone and cannot be recovered.
  • To report the call or incident to NetSafe, either log the incident via its website or call on the NetSafe toll-free number 0508 NETSAFE (0508 638 723)
SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.