Computer scam advice.

[Sbudge]

Yep, format/re-install PC, inform bank and credit card companies PDQ, change as many passwords as he can remember (via a different/clean machine of course). Much better to assume the worst, these folks are, alas, professional IT scam artists (or at least employed by them).

 

[slowmotion]

Reinstall. If he's only had the computer for a week, getting all his stuff back onto a virgin hard drive shouldn't be that difficult. I don't think it's worth the risk of relying on software cleaners to sanitise a potentially heavily infested machine.

 

[Shut Up Legs]

Also ensure that if he restores any backups, not to restore any backups made just after this phone call, because they'll be suspect.

 

[marzjennings]

Happened to my father-in-law who spent hours on the phone with AT&T tech support from 'somewhere'. He only twigged when they asked for $400 for life time support and over the wire monitoring. We wiped the machine, reinstalled windows and then he had to reset every password for every website he uses.

 

[Hugh Manatee]

I have just had the parasites on again. No time to string them along for ages today. I asked 'David' if his mum was proud of what he does and hung up on him.

 

[mjr]

Also ensure that if he restores any backups, not to restore any backups made just after this phone call, because they'll be suspect.

Can Windows attach memory sticks and external hard drives as "non-executable" yet, so that any malware that's infested the backups can't reinfect a clean system?

 

[SD1]

Doesn't antivirus software cover this?
When you say change passwords is this when chrome store them for you?

 

[IBarrett]

Get your friend to contact the bank NOW.
They will not only stop any activity on his accounts but will give him links to software he can use to scan his machine and cleans it.
He should also get on someone elses system and get to any buying accounts he had setup such as ebay or paypal and change their passwords. He needs to do this today.

 

[Shut Up Legs]

Can Windows attach memory sticks and external hard drives as "non-executable" yet, so that any malware that's infested the backups can't reinfect a clean system?

I think you can, if you follow the steps in this web page: http://www.thewindowsclub.com/prevent-installation-programs-removable-media-source
Note: this will block installation of programs from any removable media, including CDs, DVDs, USB sticks, etc.

 

[colly]

Thanks for all the very helpful replies. I passed on all of what you said and he is taking back to the shop that supplied it. He's cancelled any cards he has used as well.

If he offers a drink to say thanks I'll do the right thing and take it for you.

 

[ColinJ]

Doesn't antivirus software cover this?

No!

In my friend's case, the fraudster phoned her and told her that problems had been 'detected' with her machine and he would fix them for her if she switched on Remote Assistance. He talked her through that and then took it over. At that point he could do what he liked and no antivirus software would stop it. She didn't suspect a thing until he started asking her for her bank details to pay for 'the repairs'. She put the phone down and switched off the computer but it was too late - he had already nobbled it.

I asked my friend why she had let a complete stranger do that ... If somebody walked up to her in Asda and said that something was wrong with her house, would she hand him her keys so he could go round there to fix it?

(She replied that of course she would not. I pointed out that she had just done the computer equivalent of that.)

 

[Nigel-YZ1]

I'm in the wipe and reload camp too.
If anyone needs convincing of the scam, tell them that Microsoft don't receive calls for less than £50, never mind make them

 

[DaveReading]

+1 for wipe and restore.

Having said that, I'd be surprised if the scammers were actually harvesting passwords (but change them anyway). The normal modus operandi of those bogus tech support callers is to try to con you into paying for a fix that you don't need. That can include persuading you to give them remote access to your PC so that they can b*gg*r it up and thereby demonstrate that you did have a problem after all.

 

[SD1]

+1 for wipe and restore.

Having said that, I'd be surprised if the scammers were actually harvesting passwords (but change them anyway). The normal modus operandi of those bogus tech support callers is to try to con you into paying for a fix that you don't need. That can include persuading you to give them remote access to your PC so that they can b*gg*r it up and thereby demonstrate that you did have a problem after all.

I am inclined to go with this.

No!

In my friend's case, the fraudster phoned her and told her that problems had been 'detected' with her machine and he would fix them for her if she switched on Remote Assistance. He talked her through that and then took it over. At that point he could do what he liked and no antivirus software would stop it. She didn't suspect a thing until he started asking her for her bank details to pay for 'the repairs'. She put the phone down and switched off the computer but it was too late - he had already nobbled it.

I asked my friend why she had let a complete stranger do that ... If somebody walked up to her in Asda and said that something was wrong with her house, would she hand him her keys so he could go round there to fix it?

(She replied that of course she would not. I pointed out that she had just done the computer equivalent of that.)

I was thinking about after you had finished with the con merchant and hung up and turned on your anti virus. Would it then detect it. I assume not??
I have done the same but it was a computer shop who sorted out a problem remotely. As I have dealt with them before I trusted them. Had no problems, so I assume I was okay.

 

[mjr]

I was thinking about after you had finished with the con merchant and hung up and turned on your anti virus. Would it then detect it. I assume not??

Not if the con merchant has done their job properly. They might have simply nobbled the AV, replaced its virus definitions with something that doesn't include the stuff they've installed or something more devious.