1

some Indian man called home saying that he's calling from some Windows Security Department, and there are about 16 other people connected to my computer and the're doing illegal things on my computer. He told me to go to my computer, go to this site , save the file, run it, and then he asked me to tell him the numbers in the boxes. I did as he asked, then I asked him to be specific about the company he worked for, he kept hesitating, and saying Windows security department. I found it strange, and said this seems like a scam, and he said "what is this scam you speak of", and I knew it then that I was a victim to this. I was clicking on google to look it up, but my mouse wasn't working anymore. He was still trying to cover it up saying, "Let me show you the problems, and a bunch of WARNING this and that showed up on this page" and he said these are the issues. He was talking, and pausing, so I thought that he was accessing some data on my laptop that I couldn't exactly see.I shut off my computer immediately, and he was like, "what have you done, did you shut down your laptop?" And I was hesitating, like what if he's really legit, I've just interrupted whatever. He was like, it's ok, we'll call back in like 15 min, don't do anything to your computer, leave it as is, and I said, well that means that you'll be able to see everything I do, he said "yes, but". I cut him off, saying, "you know what, don't hang up, hold on, I'm researching something, this isn't right." He said, "what, why?" with a shaky voice, and I was like, "don't worry about it, just stay on the line", and he hung up.

I was pissed! Don't judge me for letting it go this far, I didn't know that there are things like this. I knew there are hackers online, and etc... but not those who call your house phone. I went in control panel and deleted something called (Pen Vpn) that was apparently installed today during the process, and deleted this (Team Viewer QS) thing that was also downloaded, hopefully that did the trick. Can you give any suggestions as to what I can try to stop them from having control over my laptop, cause I don't know if that did the trick, they could be reading this as I type.

AviD
  • 72,708
  • 22
  • 137
  • 218
  • 4
    And the advice is: disconnect from the 'Net, erase and reinstall all software, restore all data from backups. – Deer Hunter Jan 25 '15 at 01:02
  • 2
    If you know the phone number, you might also consider contacting the police and giving it to them. – cpast Jan 25 '15 at 03:53
  • ...given the likelihood this guy's calling from another state (or even another country), I _think_ it can get kicked up to the FBI for wire fraud. Of course, there's two major problems here: 1) There's entirely too many instances of this, so it's unlikely to have anything come of this specific case 2) If they're out of the country, you're pretty much out of luck. Both of those presume they can even **find** the guy, which isn't terribly likely either, usually. – Clockwork-Muse Jan 25 '15 at 07:50
  • 3
    This is a quite common scam. It's called the ["tech support scam"](http://www.wired.co.uk/news/archive/2013-04/11/malwarebytes). Usually they try to trick you into buying useless anti malware software from them. – Philipp Jan 25 '15 at 12:08
  • Some guy called me with the same pitch. He claimed that the FBI was going to come arrest me, I asked for special agent Fox Mulder. These guys are really aggressive, and they try to tell *pretty scary lies*. The answer from John Deteres is pretty good, particularly the part about leaving the machine turned off and disconnected from your network/the internet. – trognanders Feb 20 '16 at 02:36

2 Answers2

13

1. Do not turn your laptop computer on again

At this point your laptop computer has been compromised by the thief. The thief's software may already be installed and lying in wait for you to reconnect to the internet, and once it does it could automatically send him a copy of your saved passwords, banking bookmarks, email information, etc. Do not turn it on unless you are sure you have shut off the laptop's WiFi and that it cannot connect to any network, or the attack could automatically resume and finish the job of robbing you.

2. Use a different computer to immediately change all of your passwords

First, change the passwords to the web sites that have your banking or credit card information stored. Change your bank password first, then your credit card account passwords. Next, try to list all the shopping sites that have your credit card on file, such as Amazon's One-Click, PayPal, Apple's iTunes, or any other such site. Then change your passwords on social media sites, such as Facebook, Twitter, etc. You don't know if the thief got a copy of your stored passwords before you shut off your computer, so to be safe you should assume that he did.

3. Consider contacting your local police

You have been the victim of a crime. If your city is large enough, your police might be able to help you file an incident report or find assistance in dealing with this issue.

4. Decide if there is anything of value on your laptop computer that you need to save that is not backed up

The ideal case would be to not have to try to recover anything. But perhaps there are email documents, word documents, photos, personal spreadsheets of information, or other data of that nature that you need to save, and that you don't have backed up. If so, you definitely want to bring the computer to someone who understands how to safely backup any data on it that you consider valuable. This is not as easy as it sounds.

Regardless of whether or not you need to recover data, I would recommend you seek a professional's help here (any computer repair place will help you for a price.) But if you want to know what the next steps are, read on.

5. Re-install Windows from a disk.

This would be the disk that came with your machine, or came with your copy of Windows. The problem is many so-called "recovery disks" aren't very good at recovering in your situation. They may not clean up all the bad software. Whatever option you are presented with, be sure to make the selection of "Reformat and reinstall a fresh copy of Windows", "Restore my machine to factory state" or some such label. And if you are presented with a screen that says something like "Save my old data", or "Preserve my account", you need to say "no".

6. Run Windows Update

After you have installed Windows, but before you put any personal information on it, you need to connect it to a network and run Windows Update. This will download any patches that have made since your Windows disk was manufactured. This will likely take quite a while.

7. Restore your data from backups and reinstall your software

Yes, this is as ugly as it sounds. It's going to be just as much work as putting all your stuff on a fresh computer, because that's what it you need to do here to get running again.

8. Watch your bank statements

There is a chance that the attacker already has enough data to start stealing from you. Keep an eye on your bank balance and your credit card statements, and immediately report anything suspicious.

John Deters
  • 33,897
  • 3
  • 58
  • 112
0

Clean reinstall Windows.

Always helps to get rid of the bad boys in your PC. Well, unless they've managed to install something in your bios which I doubt..

Lighty
  • 2,378
  • 1
  • 23
  • 36