I should have made it clearer that he ended the conversation before
there was any money or credit transaction. They only got so far as to
remote-connect to his computer. He's checked with his bank and credit
cards and there has been no suspicious activity.
That happened to someone I know and the machine was set to boot to safe
mode only. He also hung up before they got his credit card.
I ran msconfig and took it out of safe mode and checked it over.
It seems no other harm was done. That was six months ago and he's had no