?
Solved

Microsoft scam computer

Posted on 2016-10-24
10
Medium Priority
?
103 Views
Last Modified: 2016-10-25
A moron friend of mine paid $300 for the scam about computer is infected.  I told him  to cancel the payment and unplug the computer.  He gave them access to the computer

Is he at any risk?
0
Comment
Question by:J.R. Sitman
10 Comments
 
LVL 57

Assisted Solution

by:Joe Winograd, EE MVE 2015&2016
Joe Winograd, EE MVE 2015&2016 earned 164 total points
ID: 41857984
> Is he at any risk?

In a word — YES! There's no telling what they did to his computer when he gave them access to it. Does he have his files backed up anywhere?
0
 
LVL 19

Assisted Solution

by:*** Hopeleonie ***
*** Hopeleonie *** earned 164 total points
ID: 41857998
If he has a backup reinstall / restore the computer.
0
 
LVL 30

Accepted Solution

by:
Dr. Klahn earned 1016 total points
ID: 41858015
That computer can not be trusted again for any purpose.  It will be necessary to erase the hard drive and reload Windows from scratch.
0
Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

 
LVL 84

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 164 total points
ID: 41858016
Let your friend know that the IRS (if you are an American) or the CRA (If you are a Canadian) is issuing a warrant for his arrest and he is being given this last ditch attempt to pay his outstanding tax bill by purchasing pre-paid credit cards and informing the person on the phone of the CC details.. If not he will be arrested within the hour..

Just one of many scams that are going around.  The CRA recently closed down a call center in India and have made many arrests

Restore from backup or flatten the machine and rebuild also change all passwords
0
 
LVL 65

Assisted Solution

by:btan
btan earned 164 total points
ID: 41858021
His machine is no longer trusted. Isolate the machine from any internet, change all his login credential (priority for those ebanking and online transaction) and password (go for 2FA for online). Rebuild the machine. Report the scam to Microsoft and also contact the bank that there is a scam transaction (they may still be able to withhold)
https://www.microsoft.com/en-us/reportascam/
0
 
LVL 20

Expert Comment

by:Mal Osborne
ID: 41858034
Yes, there is a risk.

Having said that, these guys have already got $300. Usually, that is what this type of scammer is after, they do not tend to plant Malware or anything.

If this is a home machine, and the guy does not care too much about any data he has, it may be OK to take the risk. If he has confidential information, or does banking, or runs a business, then it would be prudent to blow everything away and start again.
0
 
LVL 37

Expert Comment

by:bbao
ID: 41858109
agreed with all experts above.

what i am thinking are, why people could be so vulnerable to this kind of simple scam and keen to pay so much for something not existing at all? why could they be controlled in such an easy way? what are the common characteristics for those vulnerable people?
0
 
LVL 88

Assisted Solution

by:rindi
rindi earned 164 total points
ID: 41858170
Besides doing a clean installation as has been mentioned, change all passwords (email, cloud, user accounts etc.). If you had any banking and credit card info stored on the PC, get in touch with those institutions to cancel those cards or accounts and send you new ones. I'd also change the email addresses. If a phone number of the scammers is known, or also the payment address, get that info to the law enforcement agencies.
0
 
LVL 30

Assisted Solution

by:Sudeep Sharma
Sudeep Sharma earned 164 total points
ID: 41858339
Well if they said that you machine is infected then most likely they would have tried cleaning the system using some tools or application and also might have installed some AV product for which you might have been charged.

If you have made the payment using the Credit Card, claim the credit by calling your Credit Card company. Then as suggested above, clean wipe and re-install.

Take backup of your document/images/videos/favorites and other software license, if you don't have license keys of those software before wiping it out.

Sudeep
0
 

Author Closing Comment

by:J.R. Sitman
ID: 41858695
Thanks to everyone.   I'll have him bring it to me to rebuild it
0

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows Server 2003 introduced persistent Volume Shadow Copies and made 2003 a must-do upgrade.  Since then, it's been a must-implement feature for all servers doing any kind of file sharing.
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question