The Australian Cyber Security Centre has warned that scammers are seeking to impersonate ACSC staff over the phone, telling a prospective victim that they need help to “act against cyber criminals.”
“These scammers try to coax individuals into actions that could compromise computers or reveal bank information. These types of scams are also called ‘remote access scams’ or ‘impersonation scams’,” an ACSC statement said.
“The scammers ask you to enter a URL in your web browser and provide your bank account details, and sometimes they try to entice you to transfer money – in one case, scammers asked for $20,000 to be transferred.”
The ACSC said its staff will never contact people by phone “to request access to your computer, ask you to install software, transfer money or request financial information.”
Last month the Australian Competition and Consumer Commission (ACCC) released the latest edition of its annual roundup of scams activity.
The ACCC’s Targeting Scams report revealed that in 2018 Australians last year lost at least $489 million to fraudsters, based on more than 378,000 incidents lodged with the ACCC, the Australian Cybercrime Online Reporting Network (ACORN), and state and territory government agencies.
The report described remote access scams as a “more elaborate version of the classic tech support scam in which scammers impersonate the police and ask for access to a victim’s computer to catch scammers, resulted in increased losses for ‘remote access scams’ in 2018”.
During the period covered by the report, the ACCC’s Scamwatch received more than 11,300 reports of remote access scams with $4.7 million in reported losses, which it said was an increase of 95 per cent over 2017 losses.
“Many Australians have received annoying ‘tech support’ scam calls in which a scammer, claiming to represent Microsoft or Telstra, tells the victim that their computer is ‘sending viruses’ and this is a serious problem that needs immediate attention,” the ACCC report said.
“The scammer would ask for remote access to the victim’s computer and if granted, they would pretend to fix the imaginary problem, while actually installing malware and searching the computer for personal information that could be used for identity theft.”
New variations of the scam can involve claiming to be from the police or from Telstra acting on behalf of the police. Victims are told that they have been hacked, but offering remote access to their computer and then sending money via online banking can be used to track down the hacker.
“The victim is told they will not lose anything because the government will reimburse any money sent,” the ACCC report said. In some cases, the victim is told they could face legal action for not assisting a police investigation.
The ACSC said that victims of a scam could report it to the Australian Cybercrime Online Reporting Network (ACORN). People who have experienced identity theft are urged to contact IDCare.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.