My iMac was hijacked yesterday when I went to Canon tech support for help with a software problem. I thought I was chatting with a legit tech support person. I let them remotely control my computer for an hour and charge my credit card for the help. I contacted Canon by phone after to confirm that I was hijacked. Now I know that my computer has been compromised, but I do not know what they've done to it.
My iMac is running OS X El Capitan Version 10.11.6
I am a photographer and have 7 external hard drives connected to the system. (This is pretty usual).
I am backed up by Backblaze.com and use Dropbox regularly.
My business website is generated by Smugmug and houses photo and video backup as well.
I have 4 Apple computers, 3 iphones, an iPad and a PC computer connected to my network most of the time.
I've changed my passwords on all 4 Mac computers on my ip address. I've turned on the File Vault app on my iMac computer (the affected system) and run the encryptions (but after the compromise happened). I've turned internet/wifi off on the iMac that was affected. I am running a new scan on Sophos, but it takes a long time because of the number of hard drives connected to my system, so it isn't complete since this happened. I ran malwarebytes Anti-Malware and it shows that there are no threats.
I expect that this hijacker has done some damage to the depths of my hard drive but it is too soon to tell what may have been done.
Please help me know what steps I should take to protect my computer, curtail any problems that may happen and resolve any problems that I can't yet see. I hope I've provided the pertinent information needed to get the help I need.
I appreciate any help you can give me. Thank you so much!