Please beware of these scams - which caught out 3 iTandCoffee clients this week alone

In the past two days alone, iTandCoffee has assisted three clients who had been scammed during this week. Another nearly fell for a 'Dropbox' scam email - but luckily checked with iTandCoffee before clicking the link.

Two of the three clients were caught out by a fake 'Telstra' caller who told them that their internet had issues, and who 'proved' that he was legitimate by providing some information that they were told only a legitimate employee of Telstra would know. One client lost $10,000 - money she is still not sure she will get back.

The third client was caught by a scam email from a work associate from a school - an email which supposedly contained a 'Google Doc' that the person was sending to her.

The Dropbox scam that nearly caught the fourth client was similar - asking the recipient to click a link to open a set of files with important information.

The Telstra phone scam 

Both victims of the 'Telstra' scammer followed the caller's instruction to download and install the AnyDesk remote support app, and then allowed the caller remote access to their computer. The scammer put up a SpeedTest screen to 'test' their internet speed. That window stayed on the victim's screen, masking what the scammer was doing being the scenes - accessing files and other information on the user's computer. 

One of the victims was scammed out of $10,000 after she gave her credit card details. She only did this after the scammer provided her the first part of her credit card number as 'proof' that he was from Telstra. He asked her to provide the rest to prove that she was the account holder. 

This first victim had already visited an Apple Authorised repair store for assistance with clearing off anything suspicious, and had been in contact with the bank to block her account and try to recover the money. She came to iTandCoffee to see if there was anything else she should do.

The other victim was lucky enough to have needed to terminate the call and remote support session early, to attend a Zoom meeting for work. But she noticed some strange things with her computer after the incident - which was why she contacted iTandCoffee.

We checked each computer for anything the scammers had left behind and cleaned up anything suspicious (including the AnyDesk app). For the second client, we noticed that the scammer had changed her Google Drive settings to force the download of all her documents, instead of the selective sync she previously had in place. So this change had to be reversed.

I recommended to both clients that they change their passwords for all important online accounts - especially email and banking accounts - just in case.

And I also highlighted the danger of storing a document that lists passwords on the computer - as scammers with remote access can steal the content of such a file, giving them access to so many accounts. Again, if there is any risk that a scammer has accessed such a file, it is essential that passwords for listed accounts are changed. And get that file off your computer.

Google Doc and Dropbox (or OneDrive) scams

The client who was caught out by the Google Docs email scam thought she had done the right thing. When she first got the email, she was a bit suspicious, so sent a separate email to the sender (i.e she didn't reply - she started a new message) asking if the email just received was OK. She received a reply that is was a legitimate Google Doc, so clicked the link.

She was then asked to enter her Google account email address - which she did. But she stopped at the password entry stage, and decided to call the school to triple-check the authenticity of the email. Lucky she did, because the school confirmed that the sender had themselves been the victim of a successful phishing attack - and that the scammer must have been 'camped out' in her email account, replying to anyone who questioned the scam document that had been sent.

We checked this client's computer for any issues, ran a MalwareBytes scan and confirmed that she was in the clear - so lucky that she had no entered that password. If she had, the scammer would have hacked her own email and send the same sort of message to all her contacts.

The Dropbox email scam is the same sort of phishing attack - tempting the recipient to click the fake document link and enter their Dropbox email address and password. Scammers know that, in many cases, that same email and password combination will have been used for multiple online accounts - so will try to hack those accounts as well.

Please Beware

There are so many different types of scam, via phone, email, text and even 'in person'. 

I received a text today about a delivery (a scam that I'm sure you are all familiar with), and the site it took me to when I tested it out looked so authentic - showing a tracking number and the progress of my (non-existent) delivery. I can see why so many people fall for these scam texts.

Please treat all emails and texts that ask you to click links or provide any financial information with maximum suspicion. Never tap/click the link.

If your web browser pops up a nasty message saying you have a virus, don't call the number on the screen. It is a scam. 

Beware of fake calls such as these:

• Telstra or NBN calling about your internet service;
• Windows support calling about a virus on your computer
• Amazon calling you about a purchase you have made - e.g. of a laptop
• The tax office calling about a debt.

Any call or message you receive asking you to provide sign-in details, financial details, identity details, or remote access to your computer will, in 99.9% of cases, be a scam.

If you are an iTandCoffee Club member, you can screenshot or forward any text or email to scamwatch@itandcoffeee.com.au and ask us to take a look at it. And if you have Plus or Premium membership, you also have an allowance of free remote support appointments  (3 for Plus, 10 for Premium) of up to 15 minutes that can be used to get assistance.

What if you get caught out?

Act quickly! Change passwords for accounts that may be impacted.

If it is a computer, run a virus/malware scan and get your computer checked by a professional.

If there is any chance the scammer still has access to your computer, disconnect it from the internet until you have secured the computer. Make sure any remote access tool added by the scammer is removed.

Contact your bank if there is any chance you have given away financial information or bank sign-in details.

If you think your identity data has been stolen, check out this page from the MoneySmart website. Visit www.idcare.org to learn how you can obtain support and assistance.

And if you need assistance with any of the above, request an appointment with iTandCoffee or call 1300 885 420 to book.