Byte Me #316 Phone Scams 3

1st April 2017


Today is the final article about phone scams and hackers.  We have already looked at the popular scam of impersonating a Telstra or Microsoft employee and gaining access to a computer by randomly calling land lines.  There are many other sinister ways that overseas groups use to gain money from unsuspecting Australians and some of the more elaborate ones as surprisingly effective.

For instance if you run a business then a hacker can see that you may have larger sums of money transferred through your bank accounts.  They may then try to gain access to your emails.  This can easily happen if you have weak passwords.  A hacker can then intercept emails before you get them and change the BSB and Account details on large invoices that are sent to you.

Once done the hacker can send you an invoice making his email look the same as your normal supplier with the same letterhead as your supplier and the same amount that you are expecting to receive an invoice for.  The only details that will be different will be the account details for payment – which will often result in you paying a large sum of money direct into the hackers’ bank account.

We had this happen to a new customer recently and they lost an amount that was equivalent to an expensive car!  In this case their email password was not nearly complex enough and it was a well-orchestrated scam that paid dividends to the hacker.  We have since helped them to secure their email however they will not get this money back.

We also had a previous customer that insisted on using a remote control application called VNC viewer which was not configured for reasonable security.  They had a hacker breech this software and get onto the CEO’s main PC, which was also left turned on 24/7.  The hacker could then remote in a night and search for personal details in the email sent items.  An email to a travel agent was found which contained passport photos and all other personal information.

The above scan resulted in the hacker logging into the CEO’s business banking account – which was also stored on the PC and transferring a large amount of money to Western Union after he had called that same back to organise a transfer from them to another off-shore bank.  The hacker had been able to send copies of proof of identity to Western Union (from the CEO’s) actual email address and organise everything to run smoothly.

No matter how much money is or isn’t in your account, I’m sure that what is there is important to you and I’m also sure that your credit card is valued the same.  Unfortunately $100 Australian is worth many weeks of work to people in other parts of our world and so everyone is a bountiful target.  Never stay on the phone with someone from Telstra or Microsoft that has called you and never give remote access to your PC unless you actually know the person.

For the sake of ongoing security go out and buy a little black book to keep in a drawer near your computer and keep all of your passwords in that.  You can then have complex passwords that at first, even you can’t remember and you can also have one password for important sites and a separate email address and password for less important sign ins.

The main threat to your security is now another person on the other side of this world that is not within reach of our Western laws – but still connected to the Internet, just like us.  Until next week future Byte Me topics can be emailed to [email protected] and Bruce is contactable at Kerr Solutions, 205 Musgrave Street or on 49 222 400.

  • August 25, 2017