Australians have already lost over $4 million to remote access scams this year according to Scamwatch, powered by the Australian Competition and Consumer Commission (ACCC)
The ACCC have received over 8000 reports of scammers attempting to access a victim’s computer and online bank accounts by impersonating well-known brands.
These scammers usually pretend to be from a technology company like Telstra, NBNco or Microsoft in order to gain the trust of their victims. They often claim there is something wrong with the victim’s computer and they need to install software to ‘fix’ it. What this software actually does is give the scammer full control of the device and allows them to steal login information for sites like online banking.
ACCC deputy chair Delia Rickard said this year’s losses have already surpassed those for the whole of 2017.
“The scammers are becoming more sophisticated. The old trick scammers used to use was to call people and say there was a virus on their computer that needed fixing but, in a new twist, scammers are now telling people they need their help to catch hackers."
In this latest scam, the real scammer claims they need to use the victim’s computer and online banking accounts to catch the pretend ‘scammer’ – still with us?
Once they have control of the bank accounts, the scammer will deposit money into the victim’s account, claiming that it is bait, but in reality they are just moving money across accounts giving the illusion of depositing money.
The ‘bait’ is then used to catch the fictitious scammer, but it actually going straight into the real scammer’s bank account.
“If you receive a phone call out of the blue about your computer and remote access is requested, it’s a scam 100 percent of the time. Just hang up. Unfortunately there are many stories from people who give a scammer access to their computer and are then conned into giving access to online banking.”
Even though these scammers are targeting the personal accounts of people, it’s important to remember that many people use their work devices or bring their own device to work and there is often a crossover of professional and personal information on a device.
If a scammer installs a keylogger onto a device that is used for work, they will very quickly have access to login information for business accounts, which could result in a breach of data requiring you to report under the Mandatory Data Notification laws.
Staff should be trained to pick out red flags and the techniques that hackers use to encourage people to give up valuable information.
Cyber Security is becoming more important for both clients and businesses with clients expecting that their personal data is protected. Businesses now have a responsibility to make sure their client’s information is protected and reasonable steps are made to ensure it never falls into the wrong hands.