It’s been all over the news, scams are on the rise. Here is what to look out for and what you should do.
Current Scams
While the types of threats seem to differ, they all appear to have one common goal. Access to your computer or your mobile device is the goal. We have seen a significant increase in mobile devices as the target in the last few months.
The attacks on moble devices can originate from a phone call or an SMS.
What you should do
If you are unsure of what you should do, consider these three things you should never do.
- Never give anyone access to your computer.
- Never install *foreign* apps on your mobile phone.
- Report the scam.
Access to your computer
If your organisation has Managed Services then your computer can be accessed to provide you with support without you installing anything or going to a web page or you doing anything else. Do not
fall for it. Do not install anything and do not visit a web site you have been told to go to.
Access to your Mobile Phone
We recently played along with a scammer that called to tell me that there was a warrant for my arrest. I actually selected 1 to talk to them and run through my “arrest warrant” and play along. I figured if we wasted their time on the phone then that’s less time for them to be scamming someone else.
The directions they provided were to install a remote control app on my phone from the app store. Obviously I did not do this and neither should you. They terminated the call pretty quickly and moved on to someone else when they realised they were not going to get anywhere. It’s a numbers game, so don’t be one of the numbers that gets caught.
The number of SMS messages that are scam related has exploded in recent months. The type of message you may receive can vary. A very common one is a. SMS you may receive for a recent purchase and a number to call to dispute the purchase. Most people will call the number to dispute the purchase which they obviously didn’t make. If you need to dispute a transaction that has appeared on your bank statement, call your bank!
Securing Company Data on Mobile Devices
With the number of attacks focusing on mobile devices skyrocketing, it is time to think about having your mobile device managed. If employees have access to organisational data on mobile devices, they should be managed by your managed service provider or IT department. Managed mobile devices cannot have applications installed on them that are not approved by the people who are managing them. This way, should your staff fall for a scam, your data stays safe.
Reporting the Scam
If no body reports a scam then the scammer will just keep on scamming. Its a continuous battle, as one scammer is shut down, another one will open up.
The phone and the phone number is the common denominator here. Every phone has a phone number so this is what needs to be reported. Here are a couple of places where you can report scams in Australia.
Scamwatch is run by the Australian Competition and Consumer Comission (ACCC) which is a government agency. They cannot help you recover any funds lost or help you track down a scammer. All they can do is potentially disrupt the scam and report it to others so they don’t get caught by it. It is extremely difficult for law enforcement agencies to track scammers down and take action against them.
ACMA is the Australian Communications Media Authority. ACMA allow you to put your mobile number on the “Do Not Call” register. When your number is on the Do Not Call Register, you can complain
- if you receive a telemarketing call and did not give permission
- if you think a company has broken any of the other rules
There are also applications that can be installed onto your mobile that will filter calls made to you. If a number that is calling you is on the database of scam numbers then the application blocks the call. Truecaller is one that comes to mind that seems to work reasonably well. Remember that you should always add any scam number that comes through to you to the scam list in your app. Reporting or adding the scam number in the app you are using will update the database for everyone.