Phone scammers target Kiwis after WannaCry

Scammers have been cold-calling in the wake of the WannaCry ransomware attack. Picture / file photo

Scammers apparently inspired by the WannaCry ransomware attack have been repeatedly calling an unwell 80-year-old Palmerston North woman, even ringing at midnight to try and con her.

It is one of a handful of such cases the Herald has been made aware of, while the government's cyber crime agency has been kept busy with numerous reports of ransomware attacks.

The Computer Emergency Response Team (Cert) is not able to confirm whether the New Zealand attacks are connected to the WannaCry virus, which has been holding thousands of computer files hostage by locking devices unless the victims pay a ransom. It has been labelled the worst cyber attack ever recorded.

The attack, which has been largely focused in Asia, has locked computers in hospitals, factories, government agencies, banks and other businesses.

Deb Mulholland lives in Amsterdam but came back to Palmerston North to look after her elderly mother, Ngaire, who is not well at the moment.

"The phone rang just before midnight [Sunday] and I grabbed it because I thought it would wake my mum and it was an Asian woman's voice saying, 'Do you have a computer?'.

"I just said, 'How dare you phone this number at midnight. Don't you ever call this number again', and put the phone down.

Not deterred, the scammers called back 4pm Monday, by which time Ngaire, too, had had enough.

"I must have somehow got her fired up and she just said, 'I don't need a new computer', and slammed the phone down."

Mulholland said she didn't give the scammers time to mention WannaCry, but she suspected they were attempting to exploit the publicity around the ransomware attack.

Another email to the Herald said that the reader's laptop stopped working and a toll free number flashed on the screen.

When they called the number they were told to pay about $500 to get rid of the malware.

Another reader said they received a call from someone saying there was a major problem with their Windows. Despite the caller's persistence, the reader hung up.

Another said they received a call on Saturday from a man with a foreign accent requesting access to their computer to provide "additional software protection". The reader hung up.

Cert NZ operations manager Declan Ingram said they'd had a number of reports from people who had received cold calls from scammers pretending to be from computer companies and internet service providers.

"These callers pretend that they are able to prevent your computer from getting WannaCry ransomware," he said.

There were a small number of unconfirmed reports of WannaCry ransomware affecting New Zealanders.

"Because of the complicated nature of this campaign, and the many varieties of ransomware and malware that are available at any given time, we are working with people who have reported incidents to Cert NZ to understand their situation and what mitigations can be put in place."

Netsafe's director of outreach Sean Lyons said scammers often used issues reported in the media because they knew people were likely to be worried and let their guard down.

"WannaCry has had huge coverage and so people are naturally worried about it. People in New Zealand should always follow trusted advice from organisations like CERT NZ, and remember that brands like Microsoft will never call you to let you know there's a problem with your computer," he said.

Aura Information Security general manager Peter Bailey said despite a temporary fix that had slowed the spread of WannaCry, there remained the possibility that a second wave, or copycat, of the malicious software could be released.

Anyone who thinks they have been affected by the WannaCry ransomware or any other cyber security issue can report it to Cert by visiting www.cert.govt.nz or phoning 0800 2378 69.