AS A journalist my laptop and connection to that wonder of technology, the world wide web is obviously important, so anything that threatens my access is guaranteed to bring on a fit of jitters – like an alcoholic facing a dry day.
Then of course there are the three teenagers in my home for whom the thought of time without the internet is nothing short of child abuse and their agonised protests are enough to drive a prohibitionist to the bottle.
You can understand then that I will go to great lengths to keep the bits and bytes streaming without interruption to my data-hungry household.
So when my home phone rang one Monday afternoon and a very nicely-spoken lady from Telstra told me my internet connection was about to be switched off because they had discovered my computer was infected by a particularly nasty malware (a computer virus), I experienced instant panic – for all of a second.
You see, I’m not with Telstra. In fact I haven’t been for years.
Not only that but logic told me it was unlikely Telstra would know about an infection on my personal computer. It would be a bit like the Australian National Centre for Disease Control knowing I had a cold and threatening to quarantine me.
This was a scam call, commonly known as phishing – cast your net out and see what poor people you can haul in and rip off.
Knowing many readers of The Senior had fallen victim to this particularly nasty racket, I decided to stay on the line, play along and see how it panned out.
Me: “Oh no, what can I do? Do I have to get a computer repair man (excuse the sexism here) out immediately? What if I can’t get anyone in time? I’m not very experienced with technology you know!”
Fake Telstra person: “Madam, please don’t panic. I can fix this for you very quickly.”
Me with relieved sigh: “Oh good. What do I need to do?”
Fake Telstra person: “ I will need to take control of your computer and I will remove the infection. I will talk you through giving me control, it is very easy. If you don’t do this I will have to disconnect your service.”
“I bet it’s easy,” I thought to myself.
Me: “But if you disconnect my service when will I get it back?”
Fake Telstra person: “Madam, everything will be fine if I fix your computer. It’s very easy for me to do and then I won’t need to disconnect your service.”
Me: “What will it cost?”
Fake Telstra person: “It won’t cost you anything. It’s all part of our service. We don’t want to allow your computer malware to infect all of our systems and everyone else’s computer. It could even bring down all of Telstra services. Which is why I will have to disconnect your service if you don’t let me fix it.”
Me: “Oh I feel terrible. I don’t want my computer’s infection bringing down all of Telstra. What about the banks, the government, the airlines?”
I could go on at length describing my conversation with the hacker but instead here is a summary.
I said I had to go and get my computer, then the charger, I couldn’t remember my log-in, then I thought I had better wait for my husband to come home. I asked for an explanation as to how my computer could have become infected etc etc etc.
After 20 minutes or so the scammer’s patience was obviously wearing thin and her attempts to intimidate me intensified.
She warned if my service was disconnected it would cost me hundreds, if not thousands, of dollars to have it reconnected. She said my computer would be permanently compromised and I would never be able to use it again. Even worse, I would be financially liable for damage to the Telstra network – which could run into tens or hundreds of thousands of dollars – and I could be held responsible for losses incurred by other users who were affected by my computer.
People had been taken to court in the past, she said.
I was actually having a really good time (please don’t try this yourself at home) but the web-addicted adolescents had heard those two terrifying words – “internet disconnection” – and were now hovering around like a bad smell, their teenage faces a triptych ricktus of fear.
Unable to bear the sight of their anguish any longer, I said to the scammer, “You know, it’s really strange you should offer to help me, you see I’m not with Telstra, so how did you get my phone number?”
The phone went dead!
“It was a scam call,” I told my hyperventilating offspring. They sighed in relief and disappeared off to play their latest game or watch the latest trending Youtube video. I like to think they’re doing homework.
In case you don’t know why these scam artists would want to go through the time and trouble to get control of my computer – or your computer – it’s quite simple. Once they have control they can hold the device to ransom – you pay up or you might as well toss it in the bin. Or they’ll coax passwords out of you (they are trained to be very persuasive and believable) and then it’s not long before they are in – and clearing out – your online bank accounts.
Scammers are increasingly catching out people by impersonating well-known businesses or even the police so they can get access to computers and steal money or banking information.
Even if they don’t get access to bank accounts, the threat of being locked out of a computer is enough to make many people pay the ransom. After all, computers are the repositories of precious photos, documents, research, books, music and videos, which you may not have backed up to the cloud or a portable storage device.
Computer technicians are often unable to unlock the device without wiping it and the loss of all memories and resources can be devastating.
Sadly, even if you pay the ransom there’s no guarantee the hackers will unlock the computer.
According to the Australian Competition and Consumer Commission’s Scamwatch there has been a significant spike in these types of scams, known as remote access scams, with more than 8000 reports recorded in 2018 so far and losses totalling $4.4 million.
Now, however, the scammers have become more sophisticated and have adopted a new twist on the old “virus on the computer” angle.
The scammers are now telling people they want their help to catch the hackers!
The scammers claim they are tracking the “scammers” or “hackers”, and tell the consumer their computer has been compromised and is being used to send scam messages. This is where they say that with the victim’s help, they can use the victim’s computer and online banking to trap the (fake) “scammer”.
The scammer will then pretend to deposit money into their victim’s account. In reality the scammer just shuffles money between the victim’s accounts (for example, from a person’s credit card account to a savings account), which gives the illusion of money being deposited. The money is then sent out of the victim’s account as part of the con to “catch a scammer”, straight to the scammer’s own bank accounts.
“The spike in remote access scams is very concerning; losses so far in 2018 have already surpassed those for the whole of 2017, and sadly it is older Australians that are losing the most money,” ACCC deputy chairwoman Delia Rickard said.
“Unfortunately there are many stories from people who give a scammer access to their computer and are then conned into giving access to online banking. Some are also tricked into providing iTunes gift card numbers over the phone to these scammers.”
Once the scammer has a victim on the hook, if they start to doubt the situation, the scammer will become threatening, stating that the victim would jeopardise the investigation if they refuse to help and may even face legal consequences.
These types of scam can be very scary, as scammers can become threatening and aggressive if they sense they are “losing” the victim. This is particularly frightening for older people who may not be as tech savvy.
“It’s vital that people remember they should never, ever, give an unsolicited caller access to your computer, and under no circumstances offer your personal, credit card or online account details over the phone,” Ms Rickard said.
“If you receive a phone call out of the blue about your computer and remote access is requested, it’s a scam 100 per cent of the time. Just hang up.”
For more advice on how to avoid or report scams, visit Scamwatch.