Scam victim: Wife gave away control of her laptop. Now they want money to clean it.

[gorcorps]

Step 1: get smarter wife
Step 2: format

 

[CPA]

Step 1: get smarter wife
Step 2: format

format the wife or the computer? I'm confused.

 

[HomerSapien]

If you google the phone number, it comes up with several different yahoo departments. Not sure if any are legit.


googling pctechsupport.co comes up with a lot of links warning of scams.

 

[Eug]

Domain Name: PCTECHSUPPORT.CO
Domain ID: D26502012-CO
Sponsoring Registrar: PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Sponsoring Registrar IANA ID: 303
Registrar URL (registration services): www.PublicDomainRegistry.com
Domain Status: clientTransferProhibited
Registrant ID: DI_27693449
Registrant Name: VIVEK
Registrant Organization: S.M.O.K.E. TECHNOLOGIES
Registrant Address1: C-21, Basement, Indrapuri, Lal Kothi
Registrant City: Jaipur
Registrant State/Province: Rajasthan
Registrant Postal Code: 302015
Registrant Country: India
Registrant Country Code: IN
Registrant Phone Number: +001.6463678952
Registrant Email: ravic@pctechsupport.co

---

P.S. Yahoo is back, but missing 10 days worth of emails, from Dec. 1-10.

 

[Captante]

Post #11...sigh...

Need pics of wife before we can determine appropriate response.

This place really is slipping!

 

[Ichinisan]

For the record, that's a perfectly legit site. I can't speak to Yahoo personally, but at my place we have a variety of sites we will use to connect to a system if they don't have any of our preferred tools installs. Typically that's either TeamViewer or LogMeIn.

That said, most companies also stop support once they've determined it's not their product at fault. I would probably look up Yahoo's Support number, give them a call, and see if you get to a point where they are trying to do that.

The technician having an Indian accent was probably a good sign you were in the right place. They're the ones providing the actual "support" not running the scams.

There's red flags to be sure here, but no smoking gun that I see that it was a scam.

The cold call scammers operate from India. The caller *might* even believe he's working as a contractor for Microsoft and he's just following the instructions he was given. He might not have any clue that his instructions are bullshit and his employer is scamming the person he called.

FWIW, even if all the PCs on OP's LAN were on, there's no reason to believe they were compromised. She only gave them access to one machine.

 

[IndyColtsFan]

You should never give a wife administrative privileges, even on her own computer. Gate it behind a password known only to you.

This is great advice, especially if you want to sleep on the couch!

Seriously though, if you can get away with it, it is a great plan. My wife is the only one of us to have virus and other issues and if it happens again, I will insist on it. I was looking into rearchitecting my entire network and do in-line virus/malware scanning on all traffic at the firewall but never got around to it. I need to look into this idea more.

A few weeks ago, a friend told me her mom called her and mentioned something similar to the OP, where her husband (friend's stepdad) did something and then was called and told he had to pay $300 for them to "fix" the computer. Unfortunately they didn't call my friend beforehand and paid the money. Stepdad, of course, thought he was being crafty and decided to run down to the local Walgreens and got a prepaid VISA card for the amount. So he thought that it sounded suspicious enough to warrant getting a disposable VISA, but not suspicious enough to tell the caller to fuck off. :biggrin:

 

[IndyColtsFan]

The cold call scammers operate from India. The caller probably even believes he's working for "Microsoft" and might not even know that his instructions are complete bullshit.

FWIW, even if all the PCs on OP's LAN were on, there's no reason to believe they were compromised. She only gave them access to one machine.

Too lazy to search, but wasn't there an idiot here who got one of these calls ("This is Microsoft! Your computer is infected! Let me take control!") and posted about following the callers directions a year or two ago?

 

[mikeymikec]

This sounds like a Tech Support scam I saw on 20/20 or a news report a few weeks ago.

I've encountered it a few times through my customers - they try to contact "BT Yahoo" (BT outsources its mail facility to Yahoo in the UK) by googling for a phone number, take it off any old site and think it's going to be legit. I think the scammer's approach is to post a number on a discussion site and so appearing to be some random "helpful" user. Perhaps they might even get away with it on BT's own discussion forums until a moderator sees it, because if it's on there then it looks even more legit?

Re: Marriage partner and admin privs - why not simply suggest it? Or is there some macho alpha male thing going on here that I've never felt the need to indulge in? By insisting on it, it becomes your problem if anything goes wrong with that idea (e.g. they need admin privs to install something and you're not around, or they manage to get the computer infected even though they don't have admin privs - there are enough forms of malware out there that don't need admin privs to wreak havoc). By suggesting it, they've amicably agreed to it and so they can't reasonably complain if it doesn't go 100% according to plan.

 

[rudeguy]

Domain Name: PCTECHSUPPORT.CO
Domain ID: D26502012-CO
Sponsoring Registrar: PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM
Sponsoring Registrar IANA ID: 303
Registrar URL (registration services): www.PublicDomainRegistry.com
Domain Status: clientTransferProhibited
Registrant ID: DI_27693449
Registrant Name: VIVEK
Registrant Organization: S.M.O.K.E. TECHNOLOGIES
Registrant Address1: C-21, Basement, Indrapuri, Lal Kothi
Registrant City: Jaipur
Registrant State/Province: Rajasthan
Registrant Postal Code: 302015
Registrant Country: India
Registrant Country Code: IN
Registrant Phone Number: +001.6463678952
Registrant Email: ravic@pctechsupport.co

---

P.S. Yahoo is back, but missing 10 days worth of emails, from Dec. 1-10.

You good now?

 

[ch33zw1z]

backup data, restore it with the restore dvd's/cd's/recovery partition.

 

[KidNiki1]

Too lazy to search, but wasn't there an idiot here who got one of these calls ("This is Microsoft! Your computer is infected! Let me take control!") and posted about following the callers directions a year or two ago?

well, we had this one: http://forums.anandtech.com/showthread.php?t=2348678

and also this one: http://forums.anandtech.com/showthread.php?t=2239129

 

[Ventanni]

So here's the scoop on these guys. They're Indian tech support centers that advertise like, "HP Tech Support" or "Yahoo Tech Support", but they're not from these companies at all. They're just Indian call centers who you can call support for if you have a problem with your PC. In order to force you to pay, they install these locking programs on your computer to prevent it from being usable until you do, and they often charge obnoxious prices for things like a Facebook password reset. Most appear to be 1-800's numbers that are routed over to India.

If it makes you feel any better, both Google and Bing are shutting them down from advertising due to their predatory nature. Their ad copy is often misleading (you can't write "HP Tech Support" unless you are HP Tech Support, and they're not). Both Google and Bing also feel that you shouldn't have to pay their outrageous prices for something that should otherwise be free, like a Yahoo email password reset.

They're getting what they deserve.

 

[IndyColtsFan]

well, we had this one: http://forums.anandtech.com/showthread.php?t=2348678

and also this one: http://forums.anandtech.com/showthread.php?t=2239129

Yeah, it was the second one. Thanks.

 

[ViRGE]

I don't really care so much about her computer, as I could just wipe it, but what about the rest of my home network? That's what I'm really worried about.

Assuming your machines are fully patched up, there aren't any push-style remote code execution vulnerabilities in Windows or Mac OS X that I'm aware of (those being very rare). And even if they were they wouldn't be in the hands of low level scammers.

Run a virus scan, but it's highly unlikely they even attempted to do anything to your other machines, let alone actually gaining access to them via a network connection.

 

[dawp]

my ex called me yesterday asking about this scam, tho she didn't know it was a scam. she had gotten a call from "microsoft", the caller ID was unavailable. she was told that they had seen an issue with her computer and asked her to input something into the system.

She's a racist pig and especially dislikes anyone from india or has an Indian sounding accent so she was suspicious from the start. What is scary is that if he had spoken perfect english she probably would have fallen for it.

 

[Scarpozzi]

This is one of the reasons spankings are practiced in my household.

You need to tell her what's up and teach her not to fall victim to these things. Just tell her that it hurts you as much as it's going to hurt her.

 

[Ichinisan]

Too lazy to search, but wasn't there an idiot here who got one of these calls ("This is Microsoft! Your computer is infected! Let me take control!") and posted about following the callers directions a year or two ago?

I remember reading that here.

Since I work in tech support, I've personally heard from other people that got these scam calls (and some that fell for it).

 

[Ichinisan]

my ex called me yesterday asking about this scam, tho she didn't know it was a scam. she had gotten a call from "microsoft", the caller ID was unavailable. she was told that they had seen an issue with her computer and asked her to input something into the system.

She's a racist pig and especially dislikes anyone from india or has an Indian sounding accent so she was suspicious from the start. What is scary is that if he had spoken perfect english she probably would have fallen for it.

I do feel sorry for those foreign call center workers. Even well-trained and knowledgeable representatives still have a language barrier making things more difficult -- and they're all underpaid. It's a sad life.

I try to be as cordial as possible...even when it's difficult to understand them and even when their guidelines force them to make some long sales pitch.

 

[Eug]

I told my wife I was going to change all her accounts on the various machines to non-admin accounts. She said she was fine with that, as she never installs anything anyway.

Assuming your machines are fully patched up, there aren't any push-style remote code execution vulnerabilities in Windows or Mac OS X that I'm aware of (those being very rare). And even if they were they wouldn't be in the hands of low level scammers.

Run a virus scan, but it's highly unlikely they even attempted to do anything to your other machines, let alone actually gaining access to them via a network connection.

OK good to know.

It does seem all the guy was doing was loading up scare tactics, like pointing the browser to Wikipedia pages on various viruses etc. I saw that in the browser history. My virus scans were negative.

However, I may still wipe the machine, just because it's easy to do on a Mac, and it's just a kitchen machine. In fact, I have copies of 10.4 - 10.7 pre-installs on a backup drive for my Macs just in case, although the "just in case" in the past has always been for hard drive failures, not something like this. (It's an old Mac, so it doesn't accept anything beyond 10.7.)

I also did full scans on my main iMac and my main Windows PC, and both were fine too. I have Microsoft Security Essentials on the Windows PC and Sophos anti-virus on the iMac. I'll do a full scan on the guest Windows computer too.

 

[Number1]

I do feel sorry for those foreign call center workers. Even well-trained and knowledgeable representatives still have a language barrier making things more difficult -- and they're all underpaid. It's a sad life.

I try to be as cordial as possible...even when it's difficult to understand them and even when their guidelines force them to make some long sales pitch.

I called microsoft support the other day to solve an issue and ended up talking to a very nice lady in India. Of course she was hard to understand and it took a while to resolve my issue but she worked hard at it. I put her on the speaker phone, my wife joined the conversation and we ended up talking about life in India, her commute to work, family etc.

 

[Number1]

I told my wife I was going to change all her accounts on the various machines to non-admin accounts. She said she was fine with that, as she never installs anything anyway.

OK good to know.

It does seem all the guy was doing was loading up scare tactics, like pointing the browser to Wikipedia pages on various viruses etc. I saw that in the browser history. My virus scans were negative.

However, I may still wipe the machine, just because it's easy to do on a Mac, and it's just a kitchen machine. In fact, I have copies of 10.4 - 10.7 pre-installs on a backup drive for my Macs just in case, although the "just in case" in the past has always been for hard drive failures, not something like this. (It's an old Mac, so it doesn't accept anything beyond 10.7.)

I also did full scans on my main iMac and my main Windows PC, and both were fine too. I have Microsoft Security Essentials on the Windows PC and Sophos anti-virus on the iMac. I'll do a full scan on the guest Windows computer too.

I would seriously consider buying a better internet security suite if I were you. The Best 2013 Security Suites

 

[Bubbleawsome]

A combo of avg and Malwarebytes will do great, it just isn't real time protection. Chrome is good at that. I've not gotten a virus since using these three in mid January and I do a fair bit of risky browsing. Torrent a bunch of stuff (all legal, no worries. ) and kids tend to click on everything, but it has been safe.

 

[AMDZen]

A combo of avg and Malwarebytes will do great, it just isn't real time protection. Chrome is good at that. I've not gotten a virus since using these three in mid January and I do a fair bit of risky browsing. Torrent a bunch of stuff (all legal, no worries. ) and kids tend to click on everything, but it has been safe.

Yea, my ass

 

[ArizonaSteve]

This is one of the reasons spankings are practiced in my household.

If I tried that Ms. ArizonaSteve would be downloading every piece of malware she could find.