Microsoft Phone Phishing Scam - Canadian TV, Computing and Home Theatre Forums

Rideauman · 2012-07-17, 09:16 AM

A friend of mine fell for the Microsoft phone phishing scam and I am trying to help clean the computer up. After accepting the offer to allow remote assistance (due to the suggestion that virus' were being sent from my friend's IP address

), the computer was under control of an unknown person for about 5 minutes. Except for finding the methodology for connecting the computer remotely, I am having trouble trying to find anything wrong with the computer.

I strongly suggested a re-install of everything, which does not seem to be an option at this time. I'm aware that settings have probably been changed that leave the computer open and vulnerable.

I did malware, adware, and virus checks - nothing huge on the radar.

I've changed the DNS settings on my friends router to OpenDNS. At least he can monitor traffic from his network to see if anything is not as it should be.

Any other thoughts as to what I should be looking for?

Jake · 2012-07-17, 09:31 AM

Was anything secure stored on the PC that could facilitate identity theft? All passwords should be reset too. Personally I would reformat and re-install since they could have installed any numbers of monitoring apps or services that a virus scanner would not pick up on.

billpaidJr · 2012-07-17, 09:34 AM

I would be more worried if he gave them a credit card number also. Keyloggers probably will not show up on virus scanners.

Rideauman · 2012-07-17, 09:41 AM

No credit card information provided, although they did ask for it. The operating agenda was to sell a virus monitoring service.

Had not thought of keylogging - that's a good point. I will push for him to re-format and re-install the o/s.

2012-07-17, 09:16 AM	#1
Rideauman Join Date: Feb 2007 Location: Toronto Posts: 266	Microsoft Phone Phishing Scam A friend of mine fell for the Microsoft phone phishing scam and I am trying to help clean the computer up. After accepting the offer to allow remote assistance (due to the suggestion that virus' were being sent from my friend's IP address ), the computer was under control of an unknown person for about 5 minutes. Except for finding the methodology for connecting the computer remotely, I am having trouble trying to find anything wrong with the computer. I strongly suggested a re-install of everything, which does not seem to be an option at this time. I'm aware that settings have probably been changed that leave the computer open and vulnerable. I did malware, adware, and virus checks - nothing huge on the radar. I've changed the DNS settings on my friends router to OpenDNS. At least he can monitor traffic from his network to see if anything is not as it should be. Any other thoughts as to what I should be looking for?

2012-07-17, 09:31 AM	#2
Jake Moderator Join Date: Apr 2003 Location: Gatineau and Ottawa Posts: 10,171	Was anything secure stored on the PC that could facilitate identity theft? All passwords should be reset too. Personally I would reformat and re-install since they could have installed any numbers of monitoring apps or services that a virus scanner would not pick up on. __________________ Tip: See an offending post? Don't reply, report it by clicking on the 'Report Post' icon.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

2012-07-17, 09:34 AM	#3
billpaidJr Join Date: Mar 2011 Posts: 299	I would be more worried if he gave them a credit card number also. Keyloggers probably will not show up on virus scanners.

2012-07-17, 09:41 AM	#4
Rideauman Join Date: Feb 2007 Location: Toronto Posts: 266	No credit card information provided, although they did ask for it. The operating agenda was to sell a virus monitoring service. Had not thought of keylogging - that's a good point. I will push for him to re-format and re-install the o/s.