Step 1: get smarter wife
Step 2: format
Post #11...sigh...
Need pics of wife before we can determine appropriate response.
The cold call scammers operate from India. The caller *might* even believe he's working as a contractor for Microsoft and he's just following the instructions he was given. He might not have any clue that his instructions are bullshit and his employer is scamming the person he called.For the record, that's a perfectly legit site. I can't speak to Yahoo personally, but at my place we have a variety of sites we will use to connect to a system if they don't have any of our preferred tools installs. Typically that's either TeamViewer or LogMeIn.
That said, most companies also stop support once they've determined it's not their product at fault. I would probably look up Yahoo's Support number, give them a call, and see if you get to a point where they are trying to do that.
The technician having an Indian accent was probably a good sign you were in the right place. They're the ones providing the actual "support" not running the scams.
There's red flags to be sure here, but no smoking gun that I see that it was a scam.
You should never give a wife administrative privileges, even on her own computer. Gate it behind a password known only to you.
The cold call scammers operate from India. The caller probably even believes he's working for "Microsoft" and might not even know that his instructions are complete bullshit.
FWIW, even if all the PCs on OP's LAN were on, there's no reason to believe they were compromised. She only gave them access to one machine.
This sounds like a Tech Support scam I saw on 20/20 or a news report a few weeks ago.
Domain Name: PCTECHSUPPORT.CO
Domain ID: D26502012-CO
Sponsoring Registrar: PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Sponsoring Registrar IANA ID: 303
Registrar URL (registration services): www.PublicDomainRegistry.com
Domain Status: clientTransferProhibited
Registrant ID: DI_27693449
Registrant Name: VIVEK
Registrant Organization: S.M.O.K.E. TECHNOLOGIES
Registrant Address1: C-21, Basement, Indrapuri, Lal Kothi
Registrant City: Jaipur
Registrant State/Province: Rajasthan
Registrant Postal Code: 302015
Registrant Country: India
Registrant Country Code: IN
Registrant Phone Number: +001.6463678952
Registrant Email: ravic@pctechsupport.co
---
P.S. Yahoo is back, but missing 10 days worth of emails, from Dec. 1-10.
Too lazy to search, but wasn't there an idiot here who got one of these calls ("This is Microsoft! Your computer is infected! Let me take control!") and posted about following the callers directions a year or two ago?
well, we had this one: http://forums.anandtech.com/showthread.php?t=2348678
and also this one: http://forums.anandtech.com/showthread.php?t=2239129
Assuming your machines are fully patched up, there aren't any push-style remote code execution vulnerabilities in Windows or Mac OS X that I'm aware of (those being very rare). And even if they were they wouldn't be in the hands of low level scammers.I don't really care so much about her computer, as I could just wipe it, but what about the rest of my home network? That's what I'm really worried about.
Too lazy to search, but wasn't there an idiot here who got one of these calls ("This is Microsoft! Your computer is infected! Let me take control!") and posted about following the callers directions a year or two ago?
my ex called me yesterday asking about this scam, tho she didn't know it was a scam. she had gotten a call from "microsoft", the caller ID was unavailable. she was told that they had seen an issue with her computer and asked her to input something into the system.
She's a racist pig and especially dislikes anyone from india or has an Indian sounding accent so she was suspicious from the start. What is scary is that if he had spoken perfect english she probably would have fallen for it.
OK good to know.Assuming your machines are fully patched up, there aren't any push-style remote code execution vulnerabilities in Windows or Mac OS X that I'm aware of (those being very rare). And even if they were they wouldn't be in the hands of low level scammers.
Run a virus scan, but it's highly unlikely they even attempted to do anything to your other machines, let alone actually gaining access to them via a network connection.
I do feel sorry for those foreign call center workers. Even well-trained and knowledgeable representatives still have a language barrier making things more difficult -- and they're all underpaid. It's a sad life.
I try to be as cordial as possible...even when it's difficult to understand them and even when their guidelines force them to make some long sales pitch.
I told my wife I was going to change all her accounts on the various machines to non-admin accounts. She said she was fine with that, as she never installs anything anyway.
OK good to know.
It does seem all the guy was doing was loading up scare tactics, like pointing the browser to Wikipedia pages on various viruses etc. I saw that in the browser history. My virus scans were negative.
However, I may still wipe the machine, just because it's easy to do on a Mac, and it's just a kitchen machine. In fact, I have copies of 10.4 - 10.7 pre-installs on a backup drive for my Macs just in case, although the "just in case" in the past has always been for hard drive failures, not something like this. (It's an old Mac, so it doesn't accept anything beyond 10.7.)
I also did full scans on my main iMac and my main Windows PC, and both were fine too. I have Microsoft Security Essentials on the Windows PC and Sophos anti-virus on the iMac. I'll do a full scan on the guest Windows computer too.
A combo of avg and Malwarebytes will do great, it just isn't real time protection. Chrome is good at that. I've not gotten a virus since using these three in mid January and I do a fair bit of risky browsing. Torrent a bunch of stuff (all legal, no worries. ) and kids tend to click on everything, but it has been safe.
If I tried that Ms. ArizonaSteve would be downloading every piece of malware she could find.This is one of the reasons spankings are practiced in my household.