Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How can I tell if I am being scammed by impostor techs?


  • Please log in to reply
23 replies to this topic

#1 cooljay

cooljay

  • Members
  • 188 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:33 AM

Posted 27 September 2016 - 02:17 PM

I am writing this from my phone because right now I am having my computer remotely controlled by supposedly Microsoft trained tech person who is removing the Clampi virus.
It feels suspicious, on the other hand they showed me that there are infections. It also showed that the network servers aren't protected. I asked them how I can fix that and - you guessed it - only Microsoft can.
I feel so stupid right now, and totally violated.
Their sales pitch was, if I don't let them remove the virus my computer will be shut down and unusable.

I asked how their info popped up on my screen and they said the manufacturer puts tech contacts on there in case there is a problem.

I had to pay them to remove the virus and to fix the network servers. I now have a one year contract for service, and protection of my computer and two others in our network.

Does it sound like I was being played?

I have more info if you need it.

I am waiting to hear what caused all this, if they'll even know. I saw they used Hitman Pro, maybe some other things too. They are installing anti virus protection etc.

BC AdBot (Login to Remove)

 


#2 saw101

saw101

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Great Pacific Northwest
  • Local time:09:33 PM

Posted 27 September 2016 - 03:11 PM

I suggest you immediately hang up. Disconnect from the internet, contact your bank, explain what has happened, they are familiar with these type of Scams, & cancel any credit card transactions, request a new credit card. Post back for additional help.

Edited by saw101, 27 September 2016 - 03:13 PM.

Artificial intelligence is no match for natural stupidity.


#3 cooljay

cooljay
  • Topic Starter

  • Members
  • 188 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:33 AM

Posted 27 September 2016 - 03:52 PM

Hi. I just did what you said, cancelled the check.



#4 cooljay

cooljay
  • Topic Starter

  • Members
  • 188 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:33 AM

Posted 27 September 2016 - 04:05 PM

I am kind of shaken up and feeling very foolish. Very, VERY foolish.

 

At the end, it turns out they install AVG. I could have done that too. They didn't ask me if I wanted it. Truth is, I got rid of it a while back because I read it isn't doing its job.

 

I ended up in an argument with the guy, because aside from my laptop I was mainly concerned about the network. He had shown me a page in my computer that listed all the security, and everything was ON except the network protection was OFF. I now requested to see that page again, and the guy completely talked down to me like I am some little old lady who is upset she misplaced her knitting. He kept telling me I don't have to worry, everything is protected, etc. Then he brought up AVG, and it does show on there that everything IS connected, but that's not the page I saw before and I still want to see it. I asked him point blanc, so is this what you do? You are vendors for AVG? And he laughed drily and said, exactly, exactly.

 

Now he is unhappy, he left a voice mail to call him back. We never completed the transaction. I had given him my banking information, but at the end there was supposed to be a confirmation that I agreed to this withdrawal from my account tomorrow. I just hung up and didn't reply, but only after the tech box was finally out of my computer.

 

Now I just had a popup of stupid AVG to scan. I am going to get rid of the damn thing, but my worry is - what might they have installed?

 

Also, what if I really WAS infected and they really did help me? Could they have the ability to make it look like I have a virus? They went into the registry, and it was looking infected. There were also, in red, among the code, foreign IPs.

 

I honestly don't know what to think right now. If they helped me with a virus, I should pay them. But if they tried to scam me, obviously not. And what if they installed something? How would I know?

 

Sorry, I have a lot of questions, and I don't know who to ask. I want to do the right thing.

 

Oh, and I lost all of my book marks. Because they were infected. I am so upset about that.



#5 MoxieMomma

MoxieMomma

  • Members
  • 471 posts
  • OFFLINE
  •  
  • Local time:10:33 PM

Posted 27 September 2016 - 04:05 PM

Hi:

 

In addition to the advice already provided....

 

...it sounds as if you gave the scammers remote access to your computer.

 

As such, I suggest that you NOT engage in any sort of financial transaction from this computer until you receive guided, expert help checking the system for malware.

 

For starters, I suggest reading the pinned topics at the top of this forum:  http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/

Then, please post the requested diagnostic logs in a new, separate thread in that forum section.

Then, please wait for one of the trained malware experts to guide you through scanning, cleanup and repair.

Once you are given the all-clear from a malware standpoint, you'll want to have a look at some of the other resources available here in order to implement "best practices" for computing safety.

 

MM


Edited by MoxieMomma, 27 September 2016 - 04:06 PM.


#6 cooljay

cooljay
  • Topic Starter

  • Members
  • 188 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:33 AM

Posted 27 September 2016 - 04:15 PM

Ok, thank you, I'll do that, MoxieMomma. So you think I was definitely scammed? And not infected? Even though they showed me?



#7 MoxieMomma

MoxieMomma

  • Members
  • 471 posts
  • OFFLINE
  •  
  • Local time:10:33 PM

Posted 27 September 2016 - 04:22 PM

Yes, you were scammed.  The crooks are very good at this.

 

It's impossible to say if you really were "infected" before the scam.  But there's a good chance you may be now -- there is no way to know what they left behind or installed on the computer, without deeper investigation. 

 

The safest thing to do would be to contact your bank and credit card company by a means OTHER THAN the computer in question and to alert them to the fact that you were scammed.

You may need to cancel the credit card and put fraud alerts on your accounts.
Do NOT use the affected computer for this or for any other financial transaction, until it has been deeply checked by a legitimate, trustworthy malware expert here at this forum.

 

 

 

MM



#8 cooljay

cooljay
  • Topic Starter

  • Members
  • 188 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:33 AM

Posted 27 September 2016 - 04:22 PM

should I start by removing AVG?

 

 

Also, I went to the link provided by MM. It tells me to backup my computer first. I chose Corbian, but I am confused. If this is a local backup, what good is that? If a blue or black screen makes my computer nonfunctiong, how am I going to get the back up out?



#9 cooljay

cooljay
  • Topic Starter

  • Members
  • 188 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:33 AM

Posted 27 September 2016 - 04:30 PM

They installed their company name and phone number on the bottom of my screen, without asking me. I want to remove it.

 

They stole the folder on my desktop that contained every single password and username to anything and everything I am subscribed to, are a member of, etc.

 

I feel sick.


Edited by cooljay, 27 September 2016 - 05:09 PM.


#10 MoxieMomma

MoxieMomma

  • Members
  • 471 posts
  • OFFLINE
  •  
  • Local time:10:33 PM

Posted 27 September 2016 - 04:34 PM

Hi:

 

I suggest that you not try to self-medicate or to make any other changes to the system without expert guidance.

 

Ideally, we would suggest starting with the advice here first: http://www.bleepingcomputer.com/forums/t/34773/preparation-guide-for-use-before-using-malware-removal-tools-and-requesting-help/

 

But if you feel overwhelmed or rattled and need a bit more assistance with the entire process, then I suggest starting a new, separate post here, explaining the situation: http://www.bleepingcomputer.com/forums/f/22/virus-trojan-spyware-and-malware-removal-logs/

 

If you wish, please include in that new post a link to this thread, so that the malware helper can get up to speed quickly on the underlying situation:

http://www.bleepingcomputer.com/forums/t/627901/how-can-i-tell-if-i-am-being-scammed-by-impostor-techs/

The malware helper will guide you, one-on-one, step-by-step through the process.

 

Good luck,

MM



#11 saw101

saw101

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Great Pacific Northwest
  • Local time:09:33 PM

Posted 27 September 2016 - 05:58 PM

 

I feel sick.

Totally understandable. Sort of like coming home & finding it violated /burglarized.

 

 

I suggest that you not try to self-medicate

A stiff drink about now may not be such a bad idea!

 

I was truly hoping that my initial post to you would have reached you before any serious damage was done. Take some comfort in knowing that it could have been far more serious.

 

 

If a blue or black screen makes my computer nonfunctiong, how am I going to get the back up out?

Disconnect your computer from the internet & give it a boot. Post back with result.

 

As to backups....that would be mainly Files, Folders, Pictures, Music, Documents etc. All the stuff you wish not to possibly lose. Hopefully a clean wipe & re-install won't be needed. If it does come to that you will need to reinstall software programs as they can not be backed up.

 

 

 

 

Quick question....What is your primary browser?

 

 

I would also suggest posting to the Am I Infected? What Should I Do? here: http://www.bleepingcomputer.com/forums/f/103/am-i-infected-what-do-i-do/

Perhaps a moderator will move this for you.

 

In the meantime relax....You'll be in good hands with the Virus & Malware specialists here at Bleeping Computer.


Artificial intelligence is no match for natural stupidity.


#12 cooljay

cooljay
  • Topic Starter

  • Members
  • 188 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:33 AM

Posted 27 September 2016 - 08:11 PM

Thanks Saw. A stiff drink sounds great but alcohol doesn't agree with me these days. Only chocolate does.

 

By the way, there is no blue or black screen. I was referring to the Corbian backup that I read about. We are advised to backup before doing anything else, and Corbian is one way to do it with, except it seems - maybe I misunderstood? - that you save the backup on your hard drive in which case that too would be lost in the event of a BSoD, wouldn't it?

 

Anyway, I know this forum is super busy when it comes to removing malware and the wait will be long. So many damn hackers and scammers out there, it's crazy.

 

Do you think my other computers are also in danger if they are in the same network? I hate hammering away on my tablet (which isn't on the same network, at least) it's cumbersome.



#13 saw101

saw101

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Great Pacific Northwest
  • Local time:09:33 PM

Posted 27 September 2016 - 08:37 PM

I have not used the Corbian software, but looking over the instructions, the procedure to install & run appears pretty basic. Backups are usually saved to an external hard drive or a thumb drive with sufficient capacity. 

Again, I suggest posting to the Am I Infected forum. Don't take it upon yourself to Clean your computer of malware. The help you receive there will be top notch. They should be able to answer all your concerns. Be patient & allow some time for a reply.


Artificial intelligence is no match for natural stupidity.


#14 cooljay

cooljay
  • Topic Starter

  • Members
  • 188 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:12:33 AM

Posted 27 September 2016 - 09:13 PM

They say it takes 5 days to get to someone who needs help. I don't have that time.

 

What if I did a System Restore? Would it bring back my folder full of passwords and usernames?

 

And by the way, I already posted at the Am I Infected forum, with a link to here. Quite a few people have read my post, but no one replied. That's how it goes. It's not urgent to anybody but yourself when it happens to you. Shrug.


Edited by cooljay, 27 September 2016 - 09:15 PM.


#15 saw101

saw101

  • Members
  • 464 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Great Pacific Northwest
  • Local time:09:33 PM

Posted 27 September 2016 - 10:29 PM

You could certainly attempt to restore to an earlier point. If you gave the scammer full control & it sounds like you did, hope that he did not turn off/disable your System Restore.


 

 

And by the way, I already posted at the Am I Infected forum, with a link to here.

Even with a successful restore, I'd still follow through with the malware support..... Be patient.....Often support comes considerably quicker than 5 days.

 

Good luck Cooljay!


Artificial intelligence is no match for natural stupidity.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users