microsoft phone scam help :-/

Associate
Joined
11 Jan 2008
Posts
964
Location
Swindon
I came home to find my step mum on the phone to "microsoft". I realised almost instantly it was the scam as soon as i saw the command promp window running so i killed it and disconnected the router.

I took the phone and wound them up until my mum said they wrote what was on the screen :-/ so im wondering what steps to take as i dont want to reconnect the router until i know the pc is secure.

Cheers.
 
Can she remember what she did?

Malwarebytes + AV scan would be a good start. Reinstall if you can be bothered, if not you'll need to analyse running processes and look for rootkits etc.
 
They usually try to get you to install teamviewer or VNC... (or they might use windows remote assistance but its less common).

If they didn't get her to install a dynamic DNS service to keep track of the IP or didn't have time to install one themselves then if you don't have a static IP they probably won't be able to reconnect again once the IP changes, so have a look for things like noip and dynaDNS.

Problem is theres no way of knowing how far they got and what they installed, might have already got a rootkit onto the PC so they can keep getting back in, or if the router itself supports a dynamic DNS client then they might have configured it there - or even opened remote admin on the router to themselves.
 
Last edited:
Well from what i can gather she opened command prompt, typed a command (as something something i think) then they told her to read the numbers at the bottom, ip address im guessing?? Thats when they connected and typed on the screen. I killed it about 5 mins after
 
this really ***** me off, how they can get away with stuff like this and easy it is for people to fall for it
 
Do not reconnect, if you do, make sure your computer is 100% clean, if it were me, I would do a format and rebuild. You never know mate. Have you got a static IP? Or is it dynamic?

ags
 
Probably got her to go to a site like www.whatismyip.com - I'm not aware of a standard way to get the external IP from DOS as unless your using a modem directly instead of a NAT'd router it will just show router IP and local network IP which they can't connect to.

AFAIK usually they use DOS/command prompt to "show" you some random error to prove your PC "has" a problem.
 
this really ***** me off, how they can get away with stuff like this and easy it is for people to fall for it

indeed.
you'd be hoping out foreign secretary would just be saying right then India no more 800million pound aid packets until you crack down on this illegal crap.
 
Honestly, people must be stupid to fall for this, no matter how computer-dumb you are you should still know its dodgy.
 
Well they directed her through to event viewer and used the standard warning symbols as a way of fear saying they were infections. They rang back 3 times cos i was trolling them lol. They knew her name when they rang and it sounded busy in the background so i cant imagine how many people are getting owned right now :-/ how can i find out if my ip is static or dynamic?
 
Honestly, people must be stupid to fall for this, no matter how computer-dumb you are you should still know its dodgy.

Not stupid, just innocent. To the older person (and some younger people) computers and the internet is unfathomable. I could see some of my younger relatives falling for a scam like this.
 
You'd have to ask the ISP if its static or not, if you don't know its probably dynamic - with most ISPs you have to specifically ask for a static one... however its probably beside the point unless you know for definite they haven't installed some software that keeps sending them the latest IP address every time you connect.

I'd take Burnsy2023's advice and run malwarebytes, etc. first off but without knowing for definite if they've installed a rootkit or similiar it would be safer to reinstall windows and have a quick look in the router control panel to make sure they haven't enabled a dynamic DNS service or configured remote access on it.
 
Tell your Parents they can't be trusted on the Interwebs & deny access forthwith.
 
Back
Top Bottom