Infected USB devices
This has reappeared recently in New Zealand. If, when checking your mail box, you find a brand new USB stick, just throw it in the bin immediately.
are placing these USBs in mailboxes pre-loaded with malicious software.
They are even going to the trouble of repacking them so they look factory
fresh. They are banking on the recipients being thankful for a free USB
or being curious as to what might be on them.
If you receive one it is part of a recurring scam and most likely not spearphishing. Spearphishing means that someone is targeting you as a member of an organisation .
If you make the mistake of connecting it to one of your devices such as a phone or a computer, it is likely that viewing the content (on a computer) will lead to a malware infection. Usually, it takes the opening of a file on a computer to activate the malware. It should not activate by connecting the device alone.
Simply throw the USB stick away without connecting it to any computer.
You can find more information on the Sophos blog (2016)
The PC Doctor Scam:
There has recently be an increase in the now classic scam by which so-called technicians are targeting New Zealanders with phone calls informing them that their computer had been infected. The scale of the problem has become such that Microsoft New Zealand and NetSafe have issued an alert this week (Fraud Awareness Week).
– The caller, often from overseas, states they are from Microsoft
– indicates that
- your computer is infected and harming others on-line users
- their ISP has identified their system as a problem.
– Con the computer owner to give the caller remote access using a genuine networking service.
– Use the ‘Event Viewer’ tool on the computer to highlight error messages which are supposedly signs of an infection.
– Offer to clean up the infection and/or install security software and provide an ongoing support service costing anywhere up to $500.
That software, looking like a security software could also be collecting your credentials for identity theft and financial fraud. The credit card number supplied can be used to purchase goods using your account. The remote technician could install ransomware on your device, which means that he or she could encrypt your data, and demand a payment to give you access back to them.
What you can do:
- ignore the call: hang-up
- if you fell for it, and gave access to your computer, disconnect the machine from the internet immediately then consult a genuine local PC technician to check that nothing serious has been installed on your PC or laptop
- report the call to NetSafe.
- If you have paid money, discuss your options with your bank.
This article has been inspired by this post on Geekzone.