Crooks play Microsoft numbers game in fresh 1800 scam

It’s not a particularly new scam, but it is clever, and apparently brutally effective.

Devious crooks have gazumped a look-a-like 1800 telephone support number for Microsoft in Australia, registered the line for themselves and have been feasting on inbound victims thinking they checked the number is legitimate.

The scam appears to be so successful it has made the cut for the Australian Cyber Security Centre’s (ACSC) new catalogue of COVID-19 themed cons and tricks directed at exploiting the rash of alerts, warnings and deluge of customer messaging.

The threat update was released this week as the public-facing cyber security agency and its more secretive parent agency, the Australian Signals Directorate, go into overdrive to control cyber pests and spies, even meting out an offensive operations thumping to miscreants overseas.

Forgeries and fakes from banks and government topped the ACSC’s dedicated list of sham customer contacts, not a huge surprise give the pallets of cash now being shovelled into an otherwise catatonic economy.

But with almost the whole nation now working from home, often with people trying to use their personal machines amid a hardware shortage, demand for legitimate Microsoft was always going to go through the roof – even with the software being more cloudy and reliable.

According to the ACSC, the scam works by exploiting phone numbers that are cunningly similar – in fact numerically identical – to Microsoft’s real ones. The criminal artistry is in the country codes.

“Scammers are exploiting a legitimate United States Microsoft support number - (1) (800) 642 7676. However when dialling a 1800 number in Australia, only the next six numbers after 1800 will be accepted,” the ACSC advisory explains.

“When Australians dial the legitimate United States support number, they dial 1800 642 767 which has been registered by cybercriminals.”

And, who would have guessed, it connects you to a helpful callback service ready to assist callers with handing over their identity credentials, downloading a trojan, all the fun stuff.

“On calling the number registered by cybercriminals, victims are asked to provide their name and date of birth for verification and are informed someone will call back shortly. The cybercriminal calls back and directs people to download a remote access program that gives the criminals access to their computer,” the ACSC continues.

“Once access has been gained, the cybercriminal convinces the victim that their computer is compromised and that they need to pay a large sum of money for it to be fixed.

"The scammers are insistent that due to the COVID-19 conditions in Australia they are required to pay in untraceable crypto-currency. The scammers will also try to extract banking details while they have remote access and drain people’s bank accounts and access any other sensitive information.”

Microsoft has been contacted for comment.