homepage Welcome to WebmasterWorld Guest from 54.204.134.183
register, free tools, login, search, subscribe, help, library, announcements, recent posts, open posts,
Subscribe and Support WebmasterWorld
Home / Forums Index / WebmasterWorld / Professional Webmaster Business Issues
Forum Library, Charter, Moderators: LifeinAsia & httpwebwitch

Professional Webmaster Business Issues Forum

    
Emergency Support for the Gullible
What would you do?
aspdaddy




msg:4248970
 3:31 pm on Jan 4, 2011 (gmt 0)

One of my clients left a message an hour ago to call as someone had phoned him from “Microsoft” to say his computer was running slow as it has malicious software. Luckily they can solve it for a one-of fee of £79.99.

By the time I get back to him he’s clicked some links in an email, disclosed windows and paypal passwords and his credit card details for the 79.99.

Someone now has remote control and is running disk defrag. Hes also installed all sorts of stuff...

Its not the kind of work I do but hes a nice guy I want to help, How would you respond, what would you charge for this ?

 

httpwebwitch




msg:4248975
 3:45 pm on Jan 4, 2011 (gmt 0)

holy frijoles.

tell your friend to reach down to where the computer is plugged into the wall, and pull out the cord.

then get on the phone with the credit card companies and cancel all their cards

then go to a public library or friend's house, sign in to paypal, and change the password. If it's not too late & the attacker hasn't already changed it. I wouldn't expect to find any money left in the balance, but paypal can also throw charges into a linked bank account. that's something you may be able to do on their behalf from your non-infected computer.

act fast

httpwebwitch




msg:4248983
 4:03 pm on Jan 4, 2011 (gmt 0)

oh yeah - then call the police and get in touch with their fraud people. They do like to know about illegal things

LifeinAsia




msg:4248990
 4:33 pm on Jan 4, 2011 (gmt 0)

Besides unplugging from the Internet, also tell him to immediately shutdown the computer.

Tech support companies can charge anywhere from US$50-$200/hour and up. Factor in that to figure out what your time is worth, build in any discounts because he's a good client, etc., and then tell him the rate for you to get involved past this point.

Unless you have experience with this kind of stuff and have time to spend, I would suggest recommending your client a company that specializes in it.

httpwebwitch




msg:4249020
 6:22 pm on Jan 4, 2011 (gmt 0)

>> pull out the cord

yeah, I meant the power cord too. Shut it completely off. And don't turn it back on again until it's been thoroughly cleansed by a pro...

aspdaddy




msg:4249529
 8:59 pm on Jan 5, 2011 (gmt 0)

Thanks all.

Managed to cancel the card, unplug him, disable remote control, change paypal passwords and stop a bunch of services.

We Googled and found its known scam called the Microsoft technical support phone scam and the police in the UK are well aware of it.

Rebuilt XP using the system recovery option and installed AVG & Zone alarm - Interesting default XP buuild allow remote access!

Changed all passwords to strong ones and logged a complaint to Paypal as we have his paypal name and email for another transaction he did via paypal.

The XP rebuild option seems OK, first time I'v used it, all back in under 2hrs. I was thinking it may have to be a Format c:/, load DOS CD ROM Drivers and rebulild from actual disks...

maximillianos




msg:4250439
 7:54 pm on Jan 7, 2011 (gmt 0)

I would re-install Linux Ubuntu. Then he won't have this problem and no need for antivirus software. :-)

But if he must remain on XP try installing Defender. It is a free Microsoft security program.

topr8




msg:4250469
 9:07 pm on Jan 7, 2011 (gmt 0)

>>then call the police and get in touch with their fraud people. They do like to know about illegal things

actually no they don't, crimes they can't solve go to making their stats worse

aspdaddy




msg:4250501
 10:57 pm on Jan 7, 2011 (gmt 0)

You are no longer allowed to report credit card fraud to the police in the UK, it all has to be handled by the CC company who can report it to the police, but they never do.

Corey Bryant




msg:4250521
 12:18 am on Jan 8, 2011 (gmt 0)

You are no longer allowed to report credit card fraud to the police in the UK, it all has to be handled by the CC company who can report it to the police, but they never do.

This makes my glad I live in the United States. I had one credit card compromised - we think it happened during one of my hospital stays.

The issuing bank told me to file a police report and the officer atually came to my house to file the complaint.

I told him what I did and he ended up asking me questions about merchant accounts, etc, since there was a business in the county that was stealing people's money (by not sending out the products). By the time the provider found out, the merchant has closed the checking out, leaving the merchant provider out of a lot money.

aspdaddy




msg:4250912
 8:25 am on Jan 9, 2011 (gmt 0)

Its a very strange one, it was in the small print of the 2006 Fraud Act and sneaked in as law without proper consultation as usual. It came into effect April fools day 2007!

httpwebwitch




msg:4251051
 8:14 pm on Jan 9, 2011 (gmt 0)

Interesting. In Canada, the local police dept has an online crime division. They follow up on scams and have people specialized in childpron and such.

I'd call them and report it anyways. if they're not interested, I'm sure they'll tell you so.

If they're not stopped, they'll just keep hitting people with this one... what a dirty scam

HRoth




msg:4251835
 1:55 pm on Jan 11, 2011 (gmt 0)

"Interesting default XP buuild allow remote access!"

I had major problems on my last computer because of remote access (and file sharing) on by default with XP. Something got in and I was never able to fully remove it or even figure out exactly what it was, even though I tried several different antivirus programs to remove it and endless hours of research. Only using Opera stopped it. Periodically I would find that remote access had been enabled again. It might be worth checking it now and then to see if it is still not enabled.

Staffa




msg:4259383
 11:30 am on Jan 28, 2011 (gmt 0)

Thanks for the heads up aspdaddy.
This morning I had a similar call though the caller didn't claim to be from MS in fact he didn't even bother to introduce himself nor his "company".

Transcript :

He : Hello, my name, you are having problems with your computer, your computer is running slow
Me : Haaaa .... you are a scam artist, your company is a scam, we know all about you
He : you M**F**er
and he slammed the phone down

I had to laugh but it's unlikely that he did.

If I had not read your post the caller would have had some serious explaining to do about how he came by the findings he claimed and I still would not have taken the bait. I may have been born at night but not last night ;o)

aspdaddy




msg:4261753
 4:30 pm on Feb 2, 2011 (gmt 0)

This whole experience has made me very paranoid about all the cheap used PCs I see advertised- the ones where they leave XP & Office already installed for the home user who doesn’t understand you cant transfer licence rights....what else are leaving installed. I wonder how many come with free clicking agents and keyloggers too :)

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Professional Webmaster Business Issues
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About
© Webmaster World 1996-2014 all rights reserved