0405119483 [email protected]
Computer Security - phone scams

I have over the course of the years I have had to check numerous computers after the owners have allowed phone scammers access to their computers. Common scams are that the caller will say they are from Telstra or NBN and they will say they have noticed strange activity on your computer.  They then will ask you to download and install some software so that they can remotely access your computer.

 

IT should be noted that neither Telstra nor the NBN will ask you do this.

 

 

 

They then will ask you for Bank Details so they can login.  Most of us  will recognise this as completely wrong and end the conversation there, unfortunately  this doesn’t always happen. I have known people’s accounts to be completely cleaned out.

 

The case I want to talk about today has a happy ending even though the user allowed the scammers access to their computer  and gave them their bank details.  A transfer of a large sum of money ensued to the scammers account however  the transfer was intercepted by the Bank of Queensland’s security protocols. My guess would be the transfer to an account in India was unusual as was the amount involved.

The bank got in touch with my client about the blocked transaction and once the bank became acquainted with what had occurred they insisted that they must follow strict procedures , see box below, before their Internet Banking would be reinstated

Bank Security Requirements

Internet Banking and Device Clean Requirements:
Your internet banking is currently blocked as a precautionary measure. To have your internet banking reinstated, you will need to have your compromised devices cleaned by an IT professional.

 

Please request the company to provide a detailed report noting the following:

  • Any malicious software, malware, suspicious programs, remote access tools that are found on the device
  • Any point of compromise that is identified
  • Steps taken to remove any of the above that is found and rectify any security compromises
  • Confirmation that the device is safe to use for internet banking purposes moving forward.

 

Once the devices have been cleaned please attend your local branch with confirmation of the device being cleaned including the detailed report of findings so your internet banking can be unblocked.

 

This a new and different twist banks are taking by insisting that users computers meet certain security requirements before they will re-enable Internet Banking and in my opinion this is a good thing.

The bank outlined 4 requirements

 

1            The identification of malicious/suspicious  software and remote access. This was an easy enough requirement to meet. I removed remote access tools and scanned the clients computer with

NORTON POWER ERASER

KASPERSKY VIRUS REMOVAL TOOL

TDSKILLER

MALAWAREBYTES

 

2            The second requirement  POINT OF COMPROMISE gave me pause for thought as no examples of what they might mean by that were given. As a computer professional I should know this right. 

Here are some points of compromise I thought relevant.

Latest fully updated OS.  Windows 7 or XP would not cut it.

A robust internet security program with emphasis on Internet Security. I chose Kaspersky but there are  other suitable choices.

Other questions arose what if REMOTE DESKTOP was required to access this computer by the client.

In this case I would change the default port for RDP from 3389 to something  more obscure. In addition passwords would need to be hardened to some standard.

              It soon became obvious the phrase point of compromise was way too nebulous and some minimum standard needed to be outlined as to what  a sufficiently secure machine would be.

The third requirement Steps taken to remove any of the above that is found and rectify any security compromises  is fine and all bugs/malaware were checked for and removed and as stated Kaspersky Internet Security installed.  A threat or compromise changes depending on who uses the computer and what it is used for eg A residential computer used at home by one person is easier to secure the a business PC or a server which has multiple users.

 

If you have been the victim of a Phone Scam you report this WA Scamnet at this link