As of today 15 November 2017 the "Phone scammers posing as Telstra technical support" is still doing the rounds.
I am gobsmacked by how easily people are fooled by these scammers. I had a client phone me up at 11:20 pm last night, frantically suggesting that she had been "hacked" and that she had given the "hacker" her bank account details and a copy of her passport. I asked her to drop off her computer at my office so that I could investigate.
The next day she arrived giving me more details about her unpleasant ordeal. My mouth hung open at how gullible she was, she elaborated on the motive of attack. "I was on the phone for five hours with him, he said I have been hacked! He would help me for a small fee. It sounded legit so I did it"
How The Scam Works
- You receive a phone call from someone claiming to be a representative of Telstra or BigPond
- They claim your computer has been hacked or infected with malware and they need access to your computer to help
- They ask that you install a remote access application so that they can access your computer
- In order to fix the problem they ask for payment
What To Do
If at some point you realise that you have been victim to this scam follow these steps:
- Unplug your computer from the internet or switch it off
- If you have given the scammer details about your bank, call your bank notifying them of your concern
- Report the incident to ScammWatch
- Report the incident to the Police
- Call an IT Professional that can remove the remote access application, clean your computer of malware and validate that it is safe to use
How To Protect Yourself From Being Scammed
- If you receive a phone call from someone claiming to be a representative of Telstra, take their details and hang up. Call the official Telstra support desk (https://www.telstra.com.au/contact-us) and tell them about your concern
- Never give your personal, credit card or online account details over the phone unless you made the call and the phone number came from a trusted source
- Never give a stranger remote access to your computer, even if they claim to be from a reputable business
- Use a reputable, up to date anti-virus and anti-spyware
- Do regular full system Anti-Virus scans of your computer
- Keep your operating system up to date via automatic updates
- Have offsite backups of your valuable data
- Use a drive encryption system