My friend got scammed

N

Nil

Well, half-scammed that is. He got a call from one of those operations
that claim that they represent Microsoft and that they have detected
viruses on your computer and that they will fix the problem for a fee.
My naive friend went so far as to let them remote-connect to his
computer before he got suspicious and hung up the phone and turned off
the computer. I've agreed to visit him tomorrow and check out the
computer for any signs of possible tampering or malware that may have
been planted.

As far as I know this particular scam's primary goal is to separate
your money from your wallet, not to do actual damage to or infect the
computer. But they did have the opportunity to do so, so it needs to be
checked out. I'm going to do general scans for viruses, malware a few
tools I've got. I'll be on the lookout for keyloggers and rootkits.

Can anyone comment on their experience with this type of scammer and
know what, if anything, they tend to leave in their aftermath?
 
C

Charles Lindbergh

Well, half-scammed that is. He got a call from one of those operations
that claim that they represent Microsoft and that they have detected
viruses on your computer and that they will fix the problem for a fee.
My naive friend went so far as to let them remote-connect to his
computer before he got suspicious and hung up the phone and turned off
the computer. I've agreed to visit him tomorrow and check out the
computer for any signs of possible tampering or malware that may have
been planted.

As far as I know this particular scam's primary goal is to separate
your money from your wallet, not to do actual damage to or infect the
computer. But they did have the opportunity to do so, so it needs to be
checked out. I'm going to do general scans for viruses, malware a few
tools I've got. I'll be on the lookout for keyloggers and rootkits.

Can anyone comment on their experience with this type of scammer and
know what, if anything, they tend to leave in their aftermath?

He should contact his credit card company and contest the charge on
the basis of misrepresentation.

I would consider canceling the credit card and requesting a
replacement. Let's face it, he gave the bad guys all the info they
need to start running up charges or at the very least the ability to
sell his CC info to someone who will misuse it.
 
N

Nil

He should contact his credit card company and contest the charge
on the basis of misrepresentation.

I should have made it clearer that he ended the conversation before
there was any money or credit transaction. They only got so far as to
remote-connect to his computer. He's checked with his bank and credit
cards and there has been no suspicious activity.
 
K

Ken Blake, MVP

Well, half-scammed that is. He got a call from one of those operations
that claim that they represent Microsoft and that they have detected
viruses on your computer and that they will fix the problem for a fee.
My naive friend went so far as to let them remote-connect to his
computer before he got suspicious and hung up the phone and turned off
the computer. I've agreed to visit him tomorrow and check out the
computer for any signs of possible tampering or malware that may have
been planted.

As far as I know this particular scam's primary goal is to separate
your money from your wallet,


Primary? You're probably right, but that doesn't mean that they don't
infect of steal confidential info.
not to do actual damage to or infect the
computer. But they did have the opportunity to do so, so it needs to be
checked out. I'm going to do general scans for viruses, malware a few
tools I've got. I'll be on the lookout for keyloggers and rootkits.


Under the circumstances, I don't recommend relying on scans. If he let
them in, I highly recommend that he do both of the following
immediately:

1. Do a clean reinstallation of Windows.

2. Change all of his passwords, especially any for banks or other
financial sites.
 
N

Nil

Under the circumstances, I don't recommend relying on scans. If he
let them in, I highly recommend that he do both of the following
immediately:

1. Do a clean reinstallation of Windows.

They will resist that suggestion. I may make it after I see the
machine.
2. Change all of his passwords, especially any for banks or other
financial sites.

I've already told him that and I think he's already done that.
 
K

Ken Blake, MVP

They will resist that suggestion. I may make it after I see the
machine.


I understand their resisting it. It's a pain to do. Nevertheless,
regardless of what you find or don't find on the machine, as far as
I'm concerned, it's the prudent thing to do. The risk of not doing it
is too great.



I've already told him that and I think he's already done that.


Good. But he should do it again *after* he's reinstalled Windows.
There could be software that finds and reports back the changed
passwords.
 
M

Mike Easter

Nil

I understand their resisting it. It's a pain to do. Nevertheless,
regardless of what you find or don't find on the machine, as far as
I'm concerned, it's the prudent thing to do. The risk of not doing it
is too great.

Good. But he should do it again *after* he's reinstalled Windows.
There could be software that finds and reports back the changed
passwords.

The same people who resist the reinstall are those who are least
prepared to do it, in terms of how they backup and how 'adept' they are
at reinstalling.

So, the same kind of person who would allow a scamming cold caller to
connect remotely also needs to learn more about how to prepare for such
a reinstallation as well as how to comfortably reinstall, in addition to
putting up one of those 'Think!' signs near the computer station for a
reminder.

Since Nil is going to examine the machine, presumably he is also going
to give some guidance in those other areas as well.
 
N

Nil

I understand their resisting it. It's a pain to do. Nevertheless,
regardless of what you find or don't find on the machine, as far as
I'm concerned, it's the prudent thing to do. The risk of not doing it
is too great.

I understand. It may not happen.
 
K

Ken Blake, MVP

I understand. It may not happen.


Sorry to hear that, but you know him and I don't. But if he won't do
it, make sure he understands the risks he's running.
 
C

Charles Lindbergh

They will resist that suggestion. I may make it after I see the
machine.


I've already told him that and I think he's already done that.

At the very least, did you suggest he disconnect the machine from the
net or better yet just shut it down until you can get in there and
check it our for him?
 
B

Bob F

Nil said:
Well, half-scammed that is. He got a call from one of those operations
that claim that they represent Microsoft and that they have detected
viruses on your computer and that they will fix the problem for a fee.
My naive friend went so far as to let them remote-connect to his
computer before he got suspicious and hung up the phone and turned off
the computer. I've agreed to visit him tomorrow and check out the
computer for any signs of possible tampering or malware that may have
been planted.

As far as I know this particular scam's primary goal is to separate
your money from your wallet, not to do actual damage to or infect the
computer. But they did have the opportunity to do so, so it needs to
be checked out. I'm going to do general scans for viruses, malware a
few tools I've got. I'll be on the lookout for keyloggers and
rootkits.

Can anyone comment on their experience with this type of scammer and
know what, if anything, they tend to leave in their aftermath?

All I got after leading the clown on VERY SLOWLLLLLLLY up to loading the remote
control program, then telling him I've had fun with him, but this is a far as
this goes was a "f&ck you assh@le" left in my ear.
 
N

Nil

At the very least, did you suggest he disconnect the machine from the
net or better yet just shut it down until you can get in there and
check it our for him?

Yes, the computer has been shut down all weekend and they'll leave it
off until I get there Monday evening.
 
N

Nil

All I got after leading the clown on VERY SLOWLLLLLLLY up to
loading the remote control program, then telling him I've had fun
with him, but this is a far as this goes was a "f&ck you assh@le"
left in my ear.

Oh, how I wish he had stopped at that point, too. He only got
suspicious when they started asking him for money. They guy is way too
trusting of people.
 
M

Mayayana

I have a brother who had the same experience. The caller
said they were Microsoft. I think they told him his license
had expired. He downloaded the remote program as directed,
but the program itself seemed to be legitimate. My brother is
literally a starving artist with no credit card, so he wasn't
at risk there. We checked his PC and I tried also downloading
the remote program. There was no sign of problem. As you
said, the whole point seemed to be to get a credit card
charge.


| Well, half-scammed that is. He got a call from one of those operations
| that claim that they represent Microsoft and that they have detected
| viruses on your computer and that they will fix the problem for a fee.
| My naive friend went so far as to let them remote-connect to his
| computer before he got suspicious and hung up the phone and turned off
| the computer. I've agreed to visit him tomorrow and check out the
| computer for any signs of possible tampering or malware that may have
| been planted.
|
| As far as I know this particular scam's primary goal is to separate
| your money from your wallet, not to do actual damage to or infect the
| computer. But they did have the opportunity to do so, so it needs to be
| checked out. I'm going to do general scans for viruses, malware a few
| tools I've got. I'll be on the lookout for keyloggers and rootkits.
|
| Can anyone comment on their experience with this type of scammer and
| know what, if anything, they tend to leave in their aftermath?
 
S

Steve Hayes

They will resist that suggestion. I may make it after I see the
machine.

And I don't blame them.

That is a very drastic solution, that should only be done as a last resort.
 
D

David E. Ross

And I don't blame them.

That is a very drastic solution, that should only be done as a last resort.

I would first scan the entire machine -- which includes ALL drives if
there are more than one -- with at least two unlike anti-virus
applications. At least one of them should include scanning for rootkits
and for tracking cookies.

--
David E. Ross

The Crimea is Putin's Sudetenland.
The Ukraine will be Putin's Czechoslovakia.
See <http://www.rossde.com/editorials/edtl_PutinUkraine.html>.
 
S

Steve Hayes

I understand their resisting it. It's a pain to do. Nevertheless,
regardless of what you find or don't find on the machine, as far as
I'm concerned, it's the prudent thing to do. The risk of not doing it
is too great.

And the risk of doing it is greater still.

When I suggested recently that a quick way of deleting files from a USB drive
was to type "del *.*" all kinds of people said that that was a very bad
suggestion because someone might accidentally do it on the C: drive.

A clean install of Windows is far, far worse.
 
S

Steve Hayes

All I got after leading the clown on VERY SLOWLLLLLLLY up to loading the remote
control program, then telling him I've had fun with him, but this is a far as
this goes was a "f&ck you assh@le" left in my ear.

I've had several such calls, and had thought of doing that, and possibly
booting into Linux and telling them I couldn't follow their instructions, but
I've usually been too busy and just put the phone down.
 
D

David E. Ross

All I got after leading the clown on VERY SLOWLLLLLLLY up to loading the remote
control program, then telling him I've had fun with him, but this is a far as
this goes was a "f&ck you assh@le" left in my ear.

How about saying something as:
"I have to leave right now. I'm bleeding badly, and the paramedics are
here. Just give me your phone number, and I'll call you back after I'm
stitched up."

Actually, I have been telling telemarketers that I am David's brother
and that I am planning his (my own) funeral right now.

--
David E. Ross

The Crimea is Putin's Sudetenland.
The Ukraine will be Putin's Czechoslovakia.
See <http://www.rossde.com/editorials/edtl_PutinUkraine.html>.
 
M

Mike Barnes

Steve said:
And I don't blame them.

That is a very drastic solution, that should only be done as a last resort.

IME a clean reinstallation of Windows has a lot going for it. However I
suspect that restoring the victim's data wouldn't be easy. Someone who
could be scammed like that is unlikely to have planned for data recovery.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top