My father clicked on an email link and got "VIRUS" popups and warnings. The warning told him to call 855-881-4480, a number that claimed to be MS support, when I called it later. He talked to them for 1/2 hour (SMH) They had him hit Windows key+r and enter "www.microsoftconnect.com"( I noticed that all the links on that page, just go back to that page). From there they claimed to have scanned his computer and said his computer had been compromised and that all AVs had been turned off, he could take it to a MS store and they would fix it for $500, but they could do it for 1/2 that amount....
When he called me, I had him turn his computer off, and unplug it (unfortunately, he just unplugged the monitor...) When I showed up and booted it, everything seemed fine, I permanently deleted the email then did a quick (Avast) virus scan, and it found no virus, I started a boot scan, but it will take hours and is probably still running.
Is anyone familiar with "microsoftconnect.com" ? I think "connect.microsoft" is a legitamate site, they may be trying to copy it to look legit. He said he was able to see what the person on the phone was doing during the "scan" on his screen, a list of issues came up, he couldn't remember what. He said he could see their mouse pointer moving on his screen. It could have just been a video running that looked like it was "live". The phone number does not come up in Google, which seems weird for a MS support line.
Anyway, anyone familiar with this?
Edited by hamluis, 01 May 2016 - 08:39 AM.
Moved from AII to Gen Sec - Hamluis.