Call 1300 885 420
iTandCoffee | Patient help with your personal and business technology
  • Home
  • About Us
  • Classes
    • What's On
  • Appointments
  • Books | Videos | Tips
    • Books
    • Videos
    • Blog
    • Newsletter
    • Tips Library
  • Gift Vouchers
  • iTandCoffee Club
    • Members Area
    • About the Club
    • Membership Options
  • Store
  • Contact
  • Home
  • About Us
  • Classes
    • What's On
  • Appointments
  • Books | Videos | Tips
    • Books
    • Videos
    • Blog
    • Newsletter
    • Tips Library
  • Gift Vouchers
  • iTandCoffee Club
    • Members Area
    • About the Club
    • Membership Options
  • Store
  • Contact
Search by typing & pressing enter

YOUR CART

Tips, Tricks and News 
about all sorts of technology in your life!

16/12/2021 0 Comments

Three examples of scams that impacted clients this month

Picture
Getting scammed is an extremely distressing experience - and three iTandCoffee clients suffered that terrible experience recently.

One client found that someone had gained access to a range of her social media accounts - and had even changed the password and email address for one of these, so she was no longer able to access it.

Another client fell for a scam call, and the scammers initiated transfers of thousands of dollars - which were luckily stopped by her bank.

The third client received as strange message on her screen - saying she had a virus and to call the number provided, which she did.

Let's look at what happened in each of these cases - and what lessons can be learned from each.

Case 1: Multiple accounts hacked

In the case of the first client, multiple 'password reset' emails had arrived in her inbox from different social media accounts - alerting her to the fact that something was amiss. These emails had gone to her Bigpond mail account, which was (luckily) auto-forwarded to a separate Gmail account. Someone was trying to reset passwords on multiple online accounts.

She then found that she could no longer access one of the social media accounts - after receiving another email to say that the account's password had been successfully changed, then that the account's email address had also been changed. Her own email address was no longer valid when she tried to sign in to that account.

When she contacted iTandCoffee and showed me these emails, my first concern was for the security of her email account, which I suspected had been accessed by the scammers - and that this was how they were resetting passwords.

We signed in to the webmail version of her Bigpond email - only to find that the Inbox, Sent and Deleted mailboxes had been completely cleared - a sure sign that someone had been there, and was covering their tracks. Luckily she had the copies of the emails that had been auto-forward to Gmail.

The password for the Bigpond/Telstra account was then changed as quickly as possible, to lock out the intruders and prevent them from doing any more damage.

But how had they gained access to this client's mail account in the first place?

We checked the haveibeenpwned.com website to see if her email address and password were included on any stolen lists - which they were.

And it seems that the password used for one of the breached services on that haveibeenpwned list was the same as that used for her email account.

This made it easy for the scammers to log into her Bigpond webmail with the stolen credentials, then visit various websites where the email address may have been registered - and they obviously tried several - and choose the 'forgotten password' option to request a password reset link be sent to the email address. Because they had access to her webmail, they could then access each email with the 'password reset' link.

Another way she may have been caught out is by clicking a link in a phishing email or text, and being fooled by a fake login page - and providing login details there.

For this client, the most important thing now is to review all her online accounts - especially those associated with her identity and finances - and change the passwords to unique, strong passwords. She should also set up two-factor authentication wherever possible on these accounts, so that a password alone is not enough to access the accounts in future.

She will also need to advise friends that, should they have received an email from her during the breach period, that the email was not from her and they should let her know (so that she can be aware of what might have been sent to others). (Note. Because the Sent mail has been cleared, this client cannot be sure if any such emails were sent.)

Some lessons from this case:
  • Check if your email address is on any stolen list - at haveibeenpwned.com​
  • Never use the same password across multiple online accounts.
  • Make sure your passwords are strong and different for each account 
  • Where available, enable two-factor-authentication for accounts
  • Set up a Password Safe to store these strong, unique passwords.

Case 2 - Scam caller tricks client into providing credit card and banking details

This second client came close to losing thousands of dollars. She received a call that she thought was in relation to a set of charges that had appeared on her credit card statement. 

The caller offered to help her resolve those charges, and guide her through what to do. He got her to download an app called Zoho Assist - Remote Desktop, which facilitates remote support by another person. They also got her to download another app called Skrill, which is a payment platform like PayPal.

They then started a 'remote support' session using Zoho Assist, and guided her through how to share her iPad screen with them. Once they could see her screen, they guided her through setting up a new Skrill account, and then linking her credit card and (from what I can gather) her bank account to that Skrill account. 

This then allowed them to initiate transfers of her money to their own bank account.

Luckily the bank has a policy of holding payments to new payees for 24 hours, providing time for the client and bank to notice the transactions and put a stop to them. The bank also cancelled her credit card and put a hold on her bank account.

There are also emails that indicate the scammers tried to change her online banking password.

Of course, it is all very confusing for this senior client - and she is not sure what information she gave away to these people. Because many people are confused about the online world and the multitude of accounts they may have, it can be difficult to unravel what occurred and what was divulged.

We removed the apps that the scammers had added. We also identified that password changes were needed for her Apple account and her PayPal account - just in case. 

There is still the risk that the Skrill account that the scammers set up has her bank account details - so the bank will need to keep her account suspended to monitor activity, and take whatever action that is necessary to ensure no Skrill transactions are allowed in future.

Some lessons from this case:
  • Don't believe callers/texts who tell you they are from Amazon, the ATO, the police, Telstra, NBN, Microsoft, Windows, Apple, Australia Post - these are scams.
  • Be conscious of co-incidence when you receive a call/text. People so often get caught out because the call/text seemed related to something that is happening at that same time. Deliveries is the classic example - i.e. you are expecting a delivery, and then receive a text about your delayed delivery - a scam text!
  • If a caller says they are from your bank or some other organisation, they must be able to provide proof of identity - otherwise hang up and call the bank/organisiation on their normal number.
  • NEVER let someone gain access to your device (unless you are absolutely and completely sure they are legitimate)
  • NEVER follow instructions of a caller to go to a web page and click a link or to download an app.
  • If a caller ever tells you that you need to go and buy iTunes Cards from the supermarket, IT IS A SCAM.
  • Don't provide credit card or banking details to any caller - unless you are 120% sure they are legitimate.
  • Don't provide drivers license, passport or other identity information.
  • If you think you have given away your bank/credit card details, call your bank immediately.
  • If you think you have had your identity stolen, visit the IDCARE website or call 1800 595 160 (Australia)
  • Report the scam to Scamwatch

Case 3 - Virus message pops up in Web Browser and client calls number provided

In the case of the third client, a message had popped up on the computer, advising that there was a virus on the computer and providing a 1800 number to call. 

While this client did suspect this message was a scam, she consulted someone else who advised her to take it seriously and call the number.

She called the number and the person (of course) said he could fix the virus problem for a fee.

Luckily, she realised she was talking to a scammer before giving away her credit card details. But she wasn't sure whether she had clicked anything the scammer told her to click, and needed her computer checked for any issues.

We cleared the computer's browsing history and cache, checked for any recently downloaded apps, ran a deep virus scan, checked her list of startup processes, and the list of recently modified files. Luckily for her, all was well.

Some lessons from this case
  • Don't be fooled by a message that pops up in your web browser, saying you have a virus and to call a number - IT IS FAKE
  • Clear your browser's history and cache
  • If the browser pops up the message every time you open it, try starting the browser with the Shift key held down - which stops it opening previously open pages (and allows you to then clear the history and caches).
  • If you do get caught out and call the number - AND you follow the instructions of the person on the other end and download anything - you will need to turn off your computer immediately, or at least disconnect your router to cut off their internet access, and seek help from a professional to check and clean your computer.
  • The scammers may continue calling you and be very assertive and abusive - just hang up. Don't believe what they tell you about the dangers of ignoring them. 
  • And if you have given away financial or identity information, or any online account credentials, you will need to follow the advice provided above for the other two cases.

Need Help? iTandCoffee can help.

If you think you may have been caught out, or need to discuss any concerns you have about being scammed, make a time with iTandCoffee. Bookings can be made online here, or by calling 1300 885 420.

​If you are a member of our iTandCoffee Club and have 'free support' as part of your membership, here is the link to book a free 15-minute consultation using this free support allowance.

And iTandCoffee Club members are very welcome to forward any suspicious text/email to iTandCoffee for us to check. Use the email address scamwatch@itandcoffee.com.au
0 Comments



Leave a Reply.

    Receive great articles like this 
    fortnightly to your Inbox

    Picture

    Follow us on Facebook

    iTandCoffee

    Picture

    Join the iTandCoffee Club

    ​for free content, tutorials, videos, classes, offers, discounts and more

    Join our growing community of local and online members who love learning about their technology - through FREE club sessions, remote/phone support, online tips, tricks and tutorials, special members-only offers and discounts, and more. Membership starts at only $49/year.
    Find out more about The iTandCoffee Club

    What's on at iTandCoffee ?

    Below is our list of videos, classes and other events that are coming up soon.
    ​Videos shown are offered for eligible members of the iTandCoffee Club.
    If you have questions, why not join fun and informative 'user group' meetings, held once a month.
    All iTandCoffee classes are run as online classes (using Zoom), which means you can attend from anywhere.

    Archives

    November 2023
    October 2023
    September 2023
    August 2023
    July 2023
    June 2023
    May 2023
    April 2023
    March 2023
    February 2023
    January 2023
    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    May 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    November 2016
    October 2016
    September 2016
    August 2016
    July 2016
    June 2016
    May 2016
    April 2016
    March 2016
    February 2016
    January 2016
    December 2015
    November 2015
    October 2015
    September 2015
    August 2015
    July 2015
    June 2015
    May 2015
    April 2015
    March 2015
    February 2015
    January 2015
    December 2014
    November 2014
    October 2014
    September 2014
    August 2014
    July 2014
    June 2014
    May 2014
    April 2014
    March 2014
    February 2014
    January 2014
    December 2013
    November 2013
    October 2013
    September 2013
    August 2013
    July 2013
    June 2013
    May 2013
    April 2013
    March 2013
    February 2013
    January 2013
    November 2012
    October 2012
    September 2012
    August 2012
    May 2012

    Categories

    All 1800-number Accessibility Accessories Activity Monitor Adware Airdrop Airplay Airpods Alarms Alerts Android Apple Id Apple-id Appleid.apple.com Apple Music Apple News Apple-pencil Apple Tv Apple Watch Apps App Store App Windows Apss Audio Autolock Automatic-downloadsupdates Automator Backup Backups Battery Be-connected Be-connected Bigpond Big Sur Bitcoin Blockchain Bluetooth Books Boot Camp Business Buying Guide Calendar Camera Canva Captcha Catalina Cellular Data Centrelink Channel 9 Charging ChatGPT Christmas Chrome Classes Client Stories Cloud Cloud-storage Cloud-storage Club Club News Colours Com Compass Contacts Continuity Control-center Control Centre Convert Cookies COVID COVID 19 COVID-19 Cybersafety Datad777f385d3 Data Usage Delete Desktop Dictation Dock Do Not Disturb Downloads Dropbox DVD Education El-capitan Email Emergency Emojii Entertainment ESIM Ethernet Evernote Excel Facebook Family Family History Files Finance Finder Find My Find My Car Find-my-iDevice Fingerprint Sensor Fonts Force Reboot Forgetting Curve Fraud Free Friday Gift Ideas Gmail Google Google Drive Google Flights Google Photos Google Sheets Guides Handbrake Handoff Handy Hints Hard-drive-crash HDD Health High Sierra Home Button Homepod Home Screen Hotmail Housekeeping Humour ICloud ICloud Backup ICloud Drive ICloud Family ICloud Photo Library Identity Theft Images Image-to-text IMAP IMessage Imovie Instagram Internet Internet Issues Internet-options Internet-options Ios Ios-11 Ios-11 Ios-12 IOS 13 IOS 14 IOS 15 IOS 16 IOS 17 Ios Photos Ipad Ipad-tips Iphone Iphone-12 IPhone 13 Iphone8 Iphone-8 Iphone Basics Iphone-calendar Iphone Settings Iphonex Iphone-x Ipod Itandcoffee Itandcoffee Club Itandcoffee News Itandcoffee Services Itandcoffee-swap-shop Itandwine Itunes Junk Keyboard Keychain Kidsandtechnology Kids And Technology Lifestyle Lock Screen Mac Mac-basics Mackeeper Mac Mail Mac-mail Mac-monday Macos Mac Photos Mac-photos Mac Tutorials Mac-videos Magnifier Magsafe Mail Malware Maps Measure Media Medical-id Messages Messenger Microphone Microsoft Microsoft 365 Mobile Banking Mobile Data Mobile-data Mobile Porting Mojave Monterey Mouse Movies Multitasking Music MyGov My-health-record NBN Netflix Notes Notifications Number Porting Office 365 Onedrive Onenote Online Safety Online-safety Optusnet Os-x Outlook Pages Parental Controls Passwords Paypal PDF Personal Hotspot Phishing Phone Photo Book Photo-books Photos Photos On Mac Podcasts Popups Powerpoint Preview Printing Privacy Productivity Product Launch Publicity Publicityads57a389ac69 Purchasing-an-idevice Qa QR Code Quicktime Raise-to-wake Ransomware Reachability Reboot Recommendations Recovery Relay Reminders Remotewipe Repairs Restore Restrictions Rings Rotation-lock Router Safari Safari-favourites Samsung Santa Scam Scam Email Scams Scan Scannable Scanning School-ipad Scoopit Screen Screen-brightness Screensaver Screenshots Screen Time Scrolling Secondhand-devices Security Sell Seniors Seo Services Sessions Settings Share Shared-calendar Shop Shopping Shortcuts Sierra Signature Silent-auction Sim Siri Skype Slideover Slides Slideshow Slideshows Slow-device Slow-mac Smart-tv Sms Snapfish Socialmedia Social Media Softwareupdate Software Update Software Updates Sonoma Sounds Spam Spinning-beachball Split Screen Split View Spotlightsearch Startup Storage Storage Space Streaming Subscriptions Sunrise Switch Symbols System Preferences Task Manager Tasks Taskswitcher Task-switcher Teams Technology Technologyarticles Technologydependency Technology-lifestyle Technology-solutions Technologytips Techsupport Telco Telcos Telstra Telstracomplaint Text Text Replacements Theft The-katering-show Thermomix Thesenior Timemachine Time-to-leave Tio Toys Trackpad Training Videos Transcribe Translate Travel Travel Sim Tripadvisor Troubleshooting Tutorial Tutorials Two Factor Authentication Twofactor-authentication Two-step-verification Typing Typing Shortcuts Undo Universal Control Unlock Update Updates Upgrade Uppercase Usage User Group Utilities Ventura Video Video-blog Videos Virus Voice-and-data Voicemail Voice-memos Volume Vpn Wallet Wallpaper Warnings Weather Web Browser Website Weebly Whatsapp Widgets Wifi Wi-fi Wifi084d04ddac Wifia524b72547 Wifi-calling Windows Windows10 Windows-10 Windows-11 Word Wordpress Worldclock Yosemite Youtube Zoom

27 Sycamore St, Camberwell, Victoria Australia

​​Call 1300 885 420

​to book an appointment or class, or to enquire about our services and products


Seniors Card Welcome
SENIORS CARD WELCOME HERE:
Seniors Card holders qualify for a 10% discount on all classes booked and paid for online (excludes PTT sessions and classes already discounted during COVID-19 crisis). 
To activate the discount at the time of booking, select Redeem Coupon or Gift Certificate and enter 10OFFSEN before selecting Pay Now.

Services
Classes
Event Calendar
Private Appointments
Gift Vouchers
Remote support
​Business Services
​Help for families

Online Content
​Newsletter
User Guides
Video tutorials/classes
Tips and Hints
​Blog
iTandCoffee Club
About the Club
Free Club Sessions
Sign In/View Account
Members Area
Prices/Policies
Prices
Privacy
Cancellations, Refunds, Returns
About iTandCoffee
Home
About

​Contact us
Testimonials
In the press

Picture
​© 2012-2023 iTandCoffee Pty Ltd. All rights reserved  ACN: 606 340 434