Welcome to WebmasterWorld Guest from 23.22.231.22

Forum Moderators: LifeinAsia & httpwebwitch

Message Too Old, No Replies

Emergency Support for the Gullible

What would you do?

     
3:31 pm on Jan 4, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 13, 2002
posts:2162
votes: 0


One of my clients left a message an hour ago to call as someone had phoned him from “Microsoft” to say his computer was running slow as it has malicious software. Luckily they can solve it for a one-of fee of £79.99.

By the time I get back to him he’s clicked some links in an email, disclosed windows and paypal passwords and his credit card details for the 79.99.

Someone now has remote control and is running disk defrag. Hes also installed all sorts of stuff...

Its not the kind of work I do but hes a nice guy I want to help, How would you respond, what would you charge for this ?
3:45 pm on Jan 4, 2011 (gmt 0)

Moderator This Forum from CA 

WebmasterWorld Administrator httpwebwitch is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 29, 2003
posts:4059
votes: 0


holy frijoles.

tell your friend to reach down to where the computer is plugged into the wall, and pull out the cord.

then get on the phone with the credit card companies and cancel all their cards

then go to a public library or friend's house, sign in to paypal, and change the password. If it's not too late & the attacker hasn't already changed it. I wouldn't expect to find any money left in the balance, but paypal can also throw charges into a linked bank account. that's something you may be able to do on their behalf from your non-infected computer.

act fast
4:03 pm on Jan 4, 2011 (gmt 0)

Moderator This Forum from CA 

WebmasterWorld Administrator httpwebwitch is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 29, 2003
posts:4059
votes: 0


oh yeah - then call the police and get in touch with their fraud people. They do like to know about illegal things
4:33 pm on Jan 4, 2011 (gmt 0)

Moderator This Forum from US 

WebmasterWorld Administrator lifeinasia is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Dec 10, 2005
posts:5550
votes: 24


Besides unplugging from the Internet, also tell him to immediately shutdown the computer.

Tech support companies can charge anywhere from US$50-$200/hour and up. Factor in that to figure out what your time is worth, build in any discounts because he's a good client, etc., and then tell him the rate for you to get involved past this point.

Unless you have experience with this kind of stuff and have time to spend, I would suggest recommending your client a company that specializes in it.
6:22 pm on Jan 4, 2011 (gmt 0)

Moderator This Forum from CA 

WebmasterWorld Administrator httpwebwitch is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 29, 2003
posts:4059
votes: 0


>> pull out the cord

yeah, I meant the power cord too. Shut it completely off. And don't turn it back on again until it's been thoroughly cleansed by a pro...
8:59 pm on Jan 5, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 13, 2002
posts:2162
votes: 0


Thanks all.

Managed to cancel the card, unplug him, disable remote control, change paypal passwords and stop a bunch of services.

We Googled and found its known scam called the Microsoft technical support phone scam and the police in the UK are well aware of it.

Rebuilt XP using the system recovery option and installed AVG & Zone alarm - Interesting default XP buuild allow remote access!

Changed all passwords to strong ones and logged a complaint to Paypal as we have his paypal name and email for another transaction he did via paypal.

The XP rebuild option seems OK, first time I'v used it, all back in under 2hrs. I was thinking it may have to be a Format c:/, load DOS CD ROM Drivers and rebulild from actual disks...
7:54 pm on Jan 7, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Dec 20, 2004
posts:2377
votes: 0


I would re-install Linux Ubuntu. Then he won't have this problem and no need for antivirus software. :-)

But if he must remain on XP try installing Defender. It is a free Microsoft security program.
9:07 pm on Jan 7, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member topr8 is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Apr 19, 2002
posts:3171
votes: 8


>>then call the police and get in touch with their fraud people. They do like to know about illegal things

actually no they don't, crimes they can't solve go to making their stats worse
10:57 pm on Jan 7, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 13, 2002
posts:2162
votes: 0


You are no longer allowed to report credit card fraud to the police in the UK, it all has to be handled by the CC company who can report it to the police, but they never do.
12:18 am on Jan 8, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 28, 2004
posts: 1786
votes: 0


You are no longer allowed to report credit card fraud to the police in the UK, it all has to be handled by the CC company who can report it to the police, but they never do.

This makes my glad I live in the United States. I had one credit card compromised - we think it happened during one of my hospital stays.

The issuing bank told me to file a police report and the officer atually came to my house to file the complaint.

I told him what I did and he ended up asking me questions about merchant accounts, etc, since there was a business in the county that was stealing people's money (by not sending out the products). By the time the provider found out, the merchant has closed the checking out, leaving the merchant provider out of a lot money.
8:25 am on Jan 9, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 13, 2002
posts:2162
votes: 0


Its a very strange one, it was in the small print of the 2006 Fraud Act and sneaked in as law without proper consultation as usual. It came into effect April fools day 2007!
8:14 pm on Jan 9, 2011 (gmt 0)

Moderator This Forum from CA 

WebmasterWorld Administrator httpwebwitch is a WebmasterWorld Top Contributor of All Time 10+ Year Member

joined:Aug 29, 2003
posts:4059
votes: 0


Interesting. In Canada, the local police dept has an online crime division. They follow up on scams and have people specialized in childpron and such.

I'd call them and report it anyways. if they're not interested, I'm sure they'll tell you so.

If they're not stopped, they'll just keep hitting people with this one... what a dirty scam
1:55 pm on Jan 11, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Feb 23, 2005
posts: 1076
votes: 0


"Interesting default XP buuild allow remote access!"

I had major problems on my last computer because of remote access (and file sharing) on by default with XP. Something got in and I was never able to fully remove it or even figure out exactly what it was, even though I tried several different antivirus programs to remove it and endless hours of research. Only using Opera stopped it. Periodically I would find that remote access had been enabled again. It might be worth checking it now and then to see if it is still not enabled.
11:30 am on Jan 28, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 24, 2002
posts:894
votes: 0


Thanks for the heads up aspdaddy.
This morning I had a similar call though the caller didn't claim to be from MS in fact he didn't even bother to introduce himself nor his "company".

Transcript :

He : Hello, my name, you are having problems with your computer, your computer is running slow
Me : Haaaa .... you are a scam artist, your company is a scam, we know all about you
He : you M**F**er
and he slammed the phone down

I had to laugh but it's unlikely that he did.

If I had not read your post the caller would have had some serious explaining to do about how he came by the findings he claimed and I still would not have taken the bait. I may have been born at night but not last night ;o)
4:30 pm on Feb 2, 2011 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 13, 2002
posts:2162
votes: 0


This whole experience has made me very paranoid about all the cheap used PCs I see advertised- the ones where they leave XP & Office already installed for the home user who doesn’t understand you cant transfer licence rights....what else are leaving installed. I wonder how many come with free clicking agents and keyloggers too :)