15 May 2017

Phone scammers claiming to provide WannaCry ransomware support

Phone scammers pretending to be from Microsoft are using the WannaCry ransomware news to gain access to New Zealanders’ computers.

What's happening

Systems affected

CERT NZ is aware of ongoing phone scams affecting New Zealanders. One such example is when a person pretending to be from Microsoft calls and asks you to follow a series of steps on your Windows computer. The caller will trick you into installing malware on your machine. They’ll then demand payment of around $400 to remove it. You’ll often be unable to access your computer while the malware is on it.

This campaign has evolved over the past few days. The callers will now claim that you’ve been infected with the WannaCry ransomware, or are vulnerable to it. They’re often aggressive and will tell you that you need to give them access to your computer so they can 'patch' the problem. They will also tell you that this is the same issue you’ve heard about on the news and in the media recently. 

What to do


We’ve released an advisory on the WannaCry ransomware, detailing the steps that you can take to protect yourself.

Read the WannaCry advisory

With regards to the phone scams, Microsoft has stated that ”Microsoft will never proactively reach out to you to provide unsolicited PC or technical support. Any communication we have with you must be initiated by you.”

Read Microsoft’s advisory on scams

More information

If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.

Report an incident to CERT NZ

Get advice on scams from Consumer Protection