By Dave McKay | November 7, 2020
A Bad Case of Wrong Number
A tech-support scammer making random phone calls in the hope of finding a victim to dupe accidentally rang the cybercrime squad of an Australian police force.
Officers at the Financial and Cybercrime Investigation Branch (FCIB) used the opportunity—and a secure sand-boxed computer—to discover the mechanics behind the attack.
“No one is safe from receiving scam robo-calls, not even the police,” the FCIB said.
The scammer told the police there had been a security breach on their computer, directed them to a bogus website, and asked them to click on various buttons. The buttons downloaded different, malicious, Windows executable files. One of these was called SupRemo.exe. This is a remote access software. It would have given the scammer direct access to the victim’s computer.
The tell-tale details that this was a scam are:
- The scammer said he was calling from Australia’s National Broadband Network (NBN), which as a wholesaler woulod never ring consumers directly.
- The URL used—www.nbn247.weebly.com—does not contain an official NBN domain. The .weebly.com shows the site is on a webhosting platform, not a corporate domain.
Never download and install software that a random phone call asks you to.
Don’t engage with the scammers like the police did.
“The police recommend that you do not engage with scammers. This incident was conducted by a Financial and Cybercrime Investigation Branch, utilising specialised software,” thay said.
Source: The Register