Last Updated on August 25, 2020 by Christopher G Mendla

A client I hadn’t heard from in a while called. He had been web browsing and got a persistent window stating that his machine needed attention. SCAM SCAM SCAM.

When he called the number, he got an offshore call center. They convinced him to allow them to remote into his machine. The remote software was a fairly well known service (not Teamviewer)  The next step was to try to convince him that he needed upwards of $500 worth of service. Fortunately he realized it was a scam and gave me a call.

When I looked at his machine, they still had a connection via the remote software. I immediately killed that. The next step was to check for files that had been written to the machine that day. I found a couple of files including the remote software which I removed. I also ran an antivirus scan.

The scary part about this is that they had access to his machine for some period of time. It would have been relatively easy to plant malware or download sensitive information.

•  Warn your friends and family about these scams.
• NEVER allow someone you don’t know to remote into your computer.
• If you did allow them to remote in:
  • Run full virus scans
  • Consider changing all of your passwords
  • Keep an eye on your credit status via an identity protection service or a credit reporting service.
• Understand that once someone has accessed your machine, you can never be totally sure it is clean.

He was lucky that it was a maintenance scam and not ransomware.

Properly executed cloud backups will help protect you in the event of a ransomware attack. (Carbonite, One Drive etc.)

Reporting to the FTC

If you were the victim of a computer maintenance scam, you can file a report with the FTC

Credit card refund

You can contact your bank to see if they can stop the charges. You might need a new credit or debit card as the scammers have your card information.