Scam Warning: Fake NBN Calls

Just a quick warning that scammers are going around pretending to be from NBN and claiming that your computer has malware or is currently getting used by hackers. NBN will never contact an end user of a service, and if there is a legitimate issue, your ISP will contact you and ask you to reach out to them.

These scammers are relying on people who are unaware of the scam to grant them access to the recipient’s device via remote access screen sharing software. Once the scammer has access to the computer, they will use tools like command prompt, a website called hacker typer, and Window’s event log to try and convince the user that the machine is compromised.

The scammers rely on things that look scary to those who don’t understand the deep workings of a windows computer yet are ultimately benign and can even help an IT expert to solve problems for users.

After gaining the trust of the call’s recipient, the scammers will do one of several things. They will try to sell fake security software for an excessive amount of money, often $1000 per year or more, while reasonable antimalware solutions are usually $50-70 per year. Another thing they will often try to do is rifle through your files for things like password lists, bank account details, or digitized identity documents to use for identity theft.

If you get such a scam call pretending to be from someone like Microsoft, NBN, Google, or Telstra, the best thing you can do is to hang up. These criminals are professionals, and if you have fallen for them, there is no shame in it but, you will need to start taking steps to secure your personal information and bank accounts from further fraud.

The first thing to do is to determine what the scammers have accessed. Your computer stores a history of files and websites that the scammers have accessed and the times of access. Use this list to work out what passwords you need to change, starting with critical financial services like your bank or Paypal account using a clean device such as your smartphone, tablet, a second PC or a device belonging to a trusted relative or friend. The second step before using the device is to perform a deep clean using a special USB stick containing a bootable antimalware package that can cleanse known malware that can cloak itself from Windows.

A trusted IT expert is essential for your peace of mind and to help gather any evidence that a bank or financial institution may need to reverse transactions. If you are unsure how to access a device’s history, the IT expert will be able to do so and to help you change passwords.

Ultimately the best way to avoid being the victim of scammers is education, and the Australian government has a great website on how to identify the different types of scam and how to avoid them. Regular visits to https://www.scamwatch.gov.au/ will teach you the tricks these criminals use and how to avoid them.