A family member got scammed by a telephone call from someone saying that they were from Microsoft, calling considering of PC mistake reports. Unfortunately, remote admission was given. What should be washed to forestall further compromise of the PC information? Help!
Annotation: MS scanner and a Norton scan were done and showed no problems. Remote access software files were removed manually from PC. Could the scammer once more access the PC data? Information is backed upwards to the external drive (non plugged in at the fourth dimension of the scam). Can the same files/information be safely loaded on to a new Hard disk drive/computer?
Every bit you point out, it's a scam. Microsoft doesn't call people considering of errors on their computers. Neither practise ISPs, security companies, or pretty much anyone else who might have some function of net authorisation.
To quote Admiral Akbar: "It'south a trap!"
In contempo years (aye, years) I've been getting lots of reports of this scam and its variants. Fortunately, many people are rightfully suspicious and cut information technology off before information technology goes besides far.
Unfortunately, your family unit member having fallen for the scam puts you lot in a difficult and dangerous position.
To start with, let's not claw upward that external hard drive only yet.
The Scam
The scam is very uncomplicated: someone calls you claiming to exist from Microsoft or your ISP or your anti-malware provider, or some other authoritative company. Of course, they are not. Microsoft, your Internet access provider or any of the other companies these scammers claim to be from are non involved in any way.
They merits that they've detected that your reckoner is causing many errors on the cyberspace or that there are "bug with your account". To evidence that there's something wrong, they ask if your calculator has been crashing recently. Or they have yous open up the event viewer and point out the many, many errors listed there.
And, of course, they tin can set it for you.
The scammer asks you to permit them to access your computer. Typically that means they accept you connect to a remote access site, such as logmein.com so you tin give them access to your computer. Important: Sites like logmein.com and other remote-admission servicesare not involved in the scam. They're merely web services that the scammer uses as a vehicle for accessing your automobile.
This then leads to the scam's hook. While accessing your car several things may happen:
The scammer installs malware.
The scammer "discovers" that in order to set your (non real) problem you'll need to purchase something and at this betoken, they enquire for your payment information.
Yous're quoted a high price for this "service".
Your payment information may be used not only for that quoted fee, but for other purchases you lot haven't authorized.
In the end you lot're either left with a malware-laden machine (that won't exist "fixed", by the way), bogus charges on your credit carte, or both.
It's a classic scam.
What almost those EventViewer messages?
EventViewer is a mess. Or, rather, the data that is logged past applications in the organisation and displayed by EventViewer is a mess.
It'due south highly technical, frequently incomprehensible, and honestly actually only useful to experienced technicians and software developers.
And here's the kicker: errors and warnings are expected in EventViewer. It's completely normal to have lots of ruby-red terminate signs and yellowish alarm signs in the list of events displayed by EventViewer.
Put another way, seeing errors and warnings in EventViewer doesnot hateful that at that place is annihilation wrong with your organisation.
Don't believe anyone who calls you up and tells you lot different. They're wrong; and using EventViewer to misguide you is a classic sign that someone is trying to scam you lot.
Fugitive the scam
Classic scam-avoidance 101: never completely trust someone who you lot don't know who calls you.
Heed to them, if you like. Ask questions, if y'all feel so motivated, justnever ever give them admission to your PC and never ever give them your payment information.
Let them know that you'll accept your local tech look into it (fifty-fifty if you lot don't have one).
Once information technology becomes articulate that you're not going to fall for the trap, it's very likely that yous'll become hung up on, or that the caller may even become calumniating. At that point, you can hang upwards on them.
If you're concerned that at that place is a real trouble, exercise the research yourself, or contact the technical resource that you trust and ask them about it.
Chances are at that place'south nada to see here.
Recovering from the scam
If you handed over payment information, you've just given that information to a complete stranger. Immediately contact your credit menu issuer or other payment provider and put them on fraud alert.
If yous allowed the scammer access to your auto … well, things become ugly.
The brusque answer is that y'all have no idea what they did. If y'all saw them install software in the guise of tools to help repair your system, information technology'due south very possible that software'southward really a bundle of malware that's now residing on your auto.
Even if you didn't see them download something, they nonetheless could have placed malware on your automobile.
Yous just don't know.
And there'south no way to bear witness that they didn't.
There are two approaches at this point:
Assume the worst. Revert to a system image backup taken before the access was granted. If you don't have such a backup, then backup your data, reformat, and reinstall Windows. This is the only way to know that any the scammer might have left on your motorcar is truly gone.
Hope for the best. Run up-to-appointment anti-virus and anti-spyware tools, making certain that each is running with an up-to-appointment database. I'd be tempted to scan with an boosted tool or two; I would specifically recommend a browse with MalwareBytes Anti-Malware, which seems to catch a lot of the more aggressive malware. I'd be tempted also to try the process outlined here, besides equally Windows Defender Offline. And so I'd promise that whatsoever may have been left was caught.
Information technology's a scam
This appears to be a common scam right now and the best defence force, as you tin judge, is to not fall for it in the get-go identify.
If y'all practise, so the next all-time thing is to make sure that you accept regular arrangement backups that you can revert to.
And if you walk abroad remembering simply one thing, remember this:
They won't call you.
If "they" do, be very, very suspicious.
Xray Repair Tech Did Not Fix My Machine Do I Pay For His Service?,
0 Response to "Xray Repair Tech Did Not Fix My Machine Do I Pay For His Service?"
Post a Comment