The Conservative Cave

The Help Desk => Computer Related Discussions & Questions => Topic started by: ChuckJ on March 19, 2018, 05:29:00 PM

Title: Tech Scam question
Post by: ChuckJ on March 19, 2018, 05:29:00 PM
Maybe you tech savvy folks can tell me if I did okay or not.

I got a call from my dad this afternoon asking when I could come by. When I asked why he said that his computer had "flashed" a screen saying that he had been hacked and he should call a number to get it fixed. Naturally he called the number and said my mom was still on the phone with them and that they were wanting $200 or some such to "fix" the problem. I told him to tell her to hang up on them and I'd be right there.

Thankfully I was too far away and it only took me about 15 minute to get there. When I got there my mom was still on the phone with them. I sat down at the computer in question and she handed me the phone. I could see that a remote access program had been installed and activated. I asked the guy on the phone what his name was and who he worked for. He had an Indian accent and responded with "we're working on it. Do not do anything." I asked his name and company again and got the same response. I asked a third time, got the same response, and told him that if he didn't answer my question I was going to "do something". When I wouldn't give me his name and company at the fourth request I hung up the phone and restarted the computer.

Once the PC rebooted I uninstalled the remote access program. I ran Malwarebytes which found a Trojan. I ran a scan with Avast which came up clean. I ran a scan with CCleaner which also came up clean.

I asked them if they had given the guy any information. They had given him a credit card number. I told them to call the credit card company and stop any charges on the card. Naturally they didn't know what to say to the CC company so I told them to call them, tell them that I had permission to talk to them, and that I would handle it. Thankfully no charges had yet been made and the CC company agreed to put a block on the card and send them a new one.

Looking at the history on the computer it looks like the company that would not give me their info was fixalltechwork.com

My dad says he was deleting emails when the "scary" screen appeared.

His history shows the following:
His webmail.
Then a secure site (https) called getmediajobs.org
Then another secure site (https) called larkins-autoservices.com  Now this site (non secure - http) appears to be a legitimate website for an auto repair shop in the UK.

My question to you guys and gals is (1) Was I correct in accessing it as a scam (2) Have you ever heard of fixalltechwork.com (3) Is there anything else I should have done?

Thanks
Title: Re: Tech Scam question
Post by: freedumb2003b on March 19, 2018, 05:44:58 PM
I think you handled it perfectly, given the damage that was underway when you were looped in.

The only thing better would be for you to find the physical address of these scum and beat the holy crap out of them.


Title: Re: Tech Scam question
Post by: FlaGator on March 19, 2018, 07:17:47 PM
A friend I work with pulled a fast one on one of these scam artists. He got a phone call from a guy claiming to be from Microsoft and that his computer was sending out some alert or another and he wanted my friends IP address so he could dial in and fix the problem. Knowing this to be a scam he gave the IP address anyway and while the guy was logged in hunting for personal info on my friend's hard drive, my friend planted a virus on his computer and then cut the connection. He never found out what happened but he said the virus was a pretty nasty one he had written and saved for just such an occasion.
Title: Re: Tech Scam question
Post by: ChuckJ on March 19, 2018, 08:18:49 PM
Mom just called me. Apparently the guy called back a few minutes ago and wanted to know why we hung up on him. She told him it was he wouldn’t give his name. He claims his name is Harry France and his number 1-800-252-8720 ext 16007. I don’t know whether to have some entertainment with him or not.
Title: Re: Tech Scam question
Post by: cclanofirish on March 19, 2018, 08:36:14 PM
Mom just called me. Apparently the guy called back a few minutes ago and wanted to know why we hung up on him. She told him it was he wouldn’t give his name. He claims his name is Harry France and his number 1-800-252-8720 ext 16007. I don’t know whether to have some entertainment with him or not.

https://www.reddit.com/r/scambait/comments/8098vy/these_people_robbed_my_mom_for_250/
Title: Re: Tech Scam question
Post by: ChuckJ on March 19, 2018, 08:41:51 PM
Your google-foo is stronger than mine.