On Thursday, August 19, I purchased an item through Amazon. It was one of three previous purchases and I was so impressed with the quality of the items and the speed of delivery. At the time of purchase, I also took up the offer of a 30-day free trial with Amazon Prime.
Later in the morning, I received a text message saying my bank account was to be debited for $99.99. I logged into my Amazon account; clicked on the box for Customer Support, and was spoken to by a man named ‘Roger’, who had a thick foreign accent. I believed I was speaking with a bonafide customer support employee of Amazon Australia.
Roger asked me to type in this and that, and before I knew it he had remote access to my desktop computer. I was immediately uncomfortable about this, so turned my computer off. However, when I turned it back on again, he still had access.
Roger had take the time to leave me a message on the computer’s Notepage.
“Mam (sic), don’t touch the new emails … Please. And don’t turn off your computer. Do your normal work. Thank you so much, Mam … Don’t shut down your computer Mam.”
I demanded he send me proof of his identity. He provided me with the following information:
“This is Amazon Customer Support … Name: Roger Radcclife. ID: AMZ0108199920.”
I asked for him to provide me with a photograph of himself and a direct phone number for Amazon and said, “I don’t appreciate my computer being commandeered.”
Despite saying he would, Roger did not provide me with any further information.
What he did do, was access my PayPal account. On the 19th, he purchased two PayPay Gift cards (each to the value of $200), and on the 20th he purchased another to the value of $500. My bank account was debited in the amount of $900!
I am on a disability support pension and it had been paid into my account on August 19.
First, I contacted my computer technician who told me over the phone how to disable the programs the hacker had installed. Then, I called the bank (who immediately cancelled my debit card), following which I contacted PayPal who put through an immediate claim for resolution. PayPal acknowledged that these purchases were fraudulent on August 24 and the $900 was returned to my bank account.
I can’t begin to describe the distress and anxiety I felt, not to mention the tears I shed over the matter. I’ve since discovered that the hack originated in Hong Kong.
My bank couriered the replacement debit card, and as a gesture of goodwill, advised that should my account go into overdraft due to direct debit payments, any interest charged would be waived. The institutions and organisations I contacted for assistance acted compassionately, promptly and with a complete understanding of the predicament I had found myself in. I can’t thank them enough.
No one was at fault. We had all suffered at the hands of a very smart computer hacker who’s probably never earned an honest dollar in his life. The likelihood is he never will.
Remote access scams (also known as technical support scams), such as this one, usually involve a scammer calling the victim or getting the victim to call them to get access to the victim’s computer with the aim of stealing their money. These scams are particularly dangerous because in addition to stealing your money, the scammer can continue to access your computer and cause more harm. Anyone can be the target of a remote access scam.
To protect yourself:
If you’ve been the victim of an online scam or identity crime, the Australian Competition & Consumer Commission (ACCC) has some useful advice. You can report scams to the ACCC’s ‘Report a scam’ webpage as well as report it to the appropriate agency to help warn others.