75 Yr old father possibly scammed, help please!

Scania

Scania

Scania

Caporegime
Joined
25 Nov 2004
Posts
25,934
Location
On the road....
As the title, my 75 year old father has informed me in passing that he's recently been contacted by a guy from www.livefixpc.com claiming the usual, problems with his machine etc etc

I'm yet to get over to him to find out exactly what's gone on or what's been installed on the PC, from what he tells me, it sounds , at best, like he's been coerced into signing up for some PC maintenance contract, at worse, I fear they've had some remote session open with him and now most likely have access to his passwords, banking etc.

A quick google search of the url doesn't seem to have brought up too much in the way of warnings of wrong doing, but I'm still concerned.

I've told him to change his passwords etc as a matter of urgency but doubt he'll do so, I'll be doing that tomorrow regardless for him!

I'm also thinking of a complete re-install of his Windows 8.1 and yet another talking to him about speaking to me prior to acting on anything a cold caller tells him is supposedly wrong with his PC!

Anything else I should consider? Or, is this website / caller actually to be trusted albeit unscrupulous (which I highly doubt!)

Any pointers appreciated, thanks.
 
My Mum had the Microsoft scam call her up a couple of weeks ago. Luckily she remembered that I'd warned her about it before christmas, and told them to do one. If my old man had answered the phone it would have been a different story!

I'd get through some anti-malware and anti-virus scans as a minimum, and backup any important data. If you're still not 100% sure the system is secure, then do a re-install.
 
Also website looks bogus to me. Did they take any money? I'd speak with the bank too as they probably have some form of fraud protection/compensation thing going on, most of the major banks do on current accounts.
 
Totally bogus website , looks seriosuly amature , not to mention the ton of spellings and grammar mistakes , as well as spelling there own company name wrong in the careers section ... Any site that has testimonials say it all .
 
I would even double check adsl / cable modem settings too just to be safe. May not be that deeply affected but I like to check all points.
 
I've done some digging on Google and tbh very little came back with regard to this particular URL bar one comment from somebody stating that it is indeed a scam (as per my fear) and that they use payment details to access accounts, my father assures me he's given no payment details (card numbers etc) yet thinks he's now in a contract - which I assume has been paid for by some means, it's certainly looking iffy,I'll know more later.

His bank were pretty crap tbh, they basically turned the onus back on him saying if he started fraud investigations, he could end up being sued!

Understandably from his point of view, he's concerned now that he's slandering a legit organisation!
My view is we're this the case, a bonafide organisation would be understanding (never mind not having cold called him in the first place!) and they would have no issue.

I'll be over there tomorrow and will first disconnect its LAN cable (it's not wireless connected) and will search around to see if anything obvious is now installed, I'm thinking more along the lines of a reinstall and force him to change everything and promise not to entertain any further contact from either these guys or anybody in a similar vein.

Can anybody give me some pointers to likely processes / applications that I could expect to find?
I've previously disabled windows remote on his PC but he did say they had "done something remotely to his PC from their end" which worrys me greatly!

I'm hoping, given he's already contacted his bank, albeit with their useless response,any subsequent fraudulent activity should tally with this event and they will be helpful or understanding of his predicament....

I'll update further later today.
Thanks again.
 
Last edited:
Scania said:
Can anybody give me some pointers to likely processes / applications that I could expect to find?
I've previously disabled windows remote on his PC but he did say they had "done something remotely to his PC from their end" which worrys me greatly!
.
Click to expand...

Nuke it. I think the trick they do is they install a cryptovirus/ransomeware type thingy once they have remote access. Probably some form of trojan or keylogger too. I'd expect the Pc to be locked in a day or two, with a "pay to unlock" type message.
 
implosiveturnip said:
Nuke it. I think the trick they do is they install a cryptovirus/ransomeware type thingy once they have remote access. Probably some form of trojan or keylogger too. I'd expect the Pc to be locked in a day or two, with a "pay to unlock" type message.
Click to expand...

As above , just nuke it . You'll end up spending as much time hunting for the hidden processes or files your likely never to get it all if there's anything there . Quite a lot of the newer nasties like the fake steam miner like to move around and rename and duplicate etc.


Better then smashing yea head against desk incase you miss anything ;)
 
I would look at turning off uPnP on his router as this may make it more difficult for them to remotely connect to his PC should it happen again in future. If uPnP is on, and it probably is by default, then everything inside the network is considered trusted and can request that ports are forwarded and opened.
 
andshrew said:
I would look at turning off uPnP on his router as this may make it more difficult for them to remotely connect to his PC should it happen again in future. If uPnP is on, and it probably is by default, then everything inside the network is considered trusted and can request that ports are forwarded and opened.
Click to expand...

Cheers, anything that'll make it harder for them is worth a try, I'm heading over to him shortly and should have a better idea as to what's gone on fully.

Thanks again all.
 
Update, turns out that he's paid for a "service contract" from these jokers,approx £140 but in Swiss currency (franks?), I've instructed him to contact his bank as its been obtained under duress (he was bombarded with calls until he succumbed) and suspected to be fraudulent, which he's done, the bank are going to cancel the credit card that he used and hopefully refund the money.
He has no PayPal account thankfully....
His PC is now reformatted and Win 8 reinstalled, passwords all changed and hopefully he won't fall victim again, apparently he's already had another similar call from a company with a slightly different name claiming the same PC issues!

Hopefully , caught in time, his bank see no issue with his card or accounts but are now monitoring his account for any subsequent issues.
Fingers crossed!!
 
Last edited:
as he fell for it the first time he will be at more chance to get these calls again so tell him to ignore them or just play stupid and string them along for fun this is what i would do lol.

glad its all sorted and hopefully everything gets returned.
 
Last edited:
You must log in or register to reply here.
Back
Top Bottom