Scam Alert! “Contact Microsoft to unlock your computer” and other remote access scams
There has been a significant increase in users reporting unexpected popups on their University of Adelaide devices stating that Microsoft has detected a virus on their device and that they should call the number displayed to receive assistance. This is most often triggered by clicking on a malicious link sent by email or from a website.
- This is an elaborate scam that will involve you calling the number displayed on the screen which purports to be ‘Microsoft support’, explaining that they have detected an issue or virus on your device.
- They will then proceed to walk you through installing a support tool such as TeamViewer or AnyDesk which will grant them access and control of your device.
- Normally after this they will tell you they have found the issue with your machine (normally a ‘virus’ or ‘malware’) and say they will take care of it as soon as you provide credit card details.
- They can also steal passwords stored in your browser leading to unauthorised access to your online service accounts as well as install “back door” programs that will allow them to have continuous access to your PC.
- They will also often lock down your machine further and attempt to extort you of more money.
There is another version of this same scam where a scammer will phone you and pretend to be a staff member from a large telecommunications or computer company, such as Telstra, the NBN or Microsoft. Alternatively, they may claim to be from a technical support service provider.
The scammer may initially sound professional and knowledgeable—however they will be very persistent and may become abusive if you don't do what they ask.
You don't have to be a Telstra or Microsoft customer to be called by these scammers. You don’t even have to own a computer!
Protect yourself and the University of Adelaide
- Never call the “Microsoft support number” when presented on your screen. Call Service Desk first to discuss your concerns.
- Never give an unsolicited caller or website notification remote access to your computer. The only time you will ever receive a remote access request to your University of Adelaide device will be from the ITDS Service Desk while you are on either a support call or a live chat with them.
- If you receive a notification in the top left of your browser stating something along the lines of “Allow notifications from https://supercoolwebsite” it is best practice to select block/cancel. If the website has been compromised, this can be a way for malicious actors to divert genuine website activity to their malicious “Microsoft Security” webpage and phone number.
- Never give your personal, credit card or online account details over the phone unless you made the call and the phone number you are calling comes from a trusted source.
- If you receive a phone call out of the blue from an unknown source about your computer and remote access is requested – hang up – even if they mention a well-known company such as Telstra/Microsoft
If you have any questions or if you ever want to clarify whether something is malicious, please contact the ITDS Service Desk on 08 8313 3000 or via the myIT portal - https://uniadelaide.service-now.com/myit