New angle on old Microsoft scam following Windows 10 release
Cyber criminals offering computer software upgrades are installing malicious software and charging victims exorbitant fees.
Police have joined Microsoft and NetSafe in warning computer users against the long running scam, which has taken on a new look following the release of Windows 10 in July.
The scammers are using Microsoft's offer of a free, over the internet, upgrade to the Windows 10 computer operating system to trick people into thinking they are being helped over the phone or via email.
* Windows 10: What you need to know
* Windows 10's hidden 'Very High Quality'
* Say goodbye to password with Windows 10's Hello
* Installing Windows 10 on my MacBook won me back to Microsoft
The scammers say then can help install Windows 10 and talk computer users into installing software that gives them control and allows them to install malicious software that captures sensitive data, such as online banking user names and passwords.
They also charge to remove software they have installed and request credit card information so they can bill for counterfeit services.
The latest warning comes days after police revealed two Alexandra residents lost thousands of dollars to cold callers posing as Microsoft technicians.
And there are likely to be many others who don't realise they have been scammed, or who have not reported it to the authorities.
Acting Senior Sergeant James Ure urged anyone who received unsolicited calls regarding computer technical support to take the caller's information down and report it immediately to police and Netsafe at netsafe.org.nz.
Microsoft NZ head of legal and corporate affairs, Michael Brick, said Microsoft never cold called computer users and part of the problem was that New Zealanders were too polite to hang up on scammers.
"If you did not solicit a phone call, don't engage with them. The more you engage them the more likely they are to continue to call you back," Brick said.
"I know that New Zealanders are reluctant to hang up with someone because they don't want to be 'rude'.
"We do huge amount of work globally to combat the distribution of malicious software and spam to try and protect our customers," Brick said.
"Anyone receiving such calls should call NetSafe."
NetSafe executive director Martin Cocker was not available for comment but the internet safety advocate said, on its website, it had received thousands of reports of the scam in the past five years.
"Due to the persistent – and sometimes aggressive – nature of the people calling and the various angles being used to persuade you to give them remote access, we consider these companies to be operating a widespread scam," NetSafe said.
"They are watching people pay via PayPal or other online money transfer services and may be able to record your credit card and personal details for identity fraud or theft.
"They may be installing rogue software like Trojans or keyloggers to record your computer use and gain your login information for online banking, auction sites and more."
The only legitimate way of getting Windows 10 is through the Get Windows 10 app, a small white Windows logo in the bottom right of the computer screen, or use installation tools on Microsoft's official website.
What to do if you already gave information to a potentially bogus tech support person
If you think that you might have downloaded malware from a phone tech support scam website or allowed a cyber criminal to access your computer, take these steps:
Change your computer's password, change the password on your main email account, and change the password for any financial accounts, especially your bank and credit card.
Scan your computer with the Microsoft Safety Scanner to find out if you have malware installed on your computer.
Install Microsoft Security Essentials. (Microsoft Security Essentials is a free program. If someone calls you to install this product and then charge you for it, this is also a scam.)
Note: In Windows 8, Windows Defender replaces Microsoft Security Essentials. Windows Defender runs in the background and notifies you when you need to take specific action. However, you can use it anytime to scan for malware if your computer isn't working properly or you clicked a suspicious link online or in an email message.