I had an absolute cracker this week. I received a call from a new home client regarding their old XP system. Someone called David rang from Windows saying they had a virus on their system and that it was sending error reports to Windows. He was tasked by Windows to “sort out their issues”.
He convinced my client to download a piece of remote desktop software (they didn’t specify which) which then allowed him complete access to their system. David then downloaded an “antivirus product” which then set about scanning the system. After 10 minutes or so David explained that the screen would then lock so the antivirus could finish its job. David gave his telephone number so my client could ring back if they had anymore issues!! My client never got back into the system.
They did ring David the following day to say that they couldn’t access their system to which he replied by giving them a password. What he forgot to mention was that the password would allow them in just once and upon reboot they would be locked out again.
My client had a call the same day from Mastercard who said that someone had tried to spend £3500 on their card and to this end the card was getting cancelled and replaced. Their bank also rang the same day to say that someone had tried to take out large amounts of money from their current account which the bank had stopped.
It seams that David had installed some form of keylogger which was sending all their data across the internet to his systems which he (and his company) could then sift through to find what they were looking for. In this case credit card and bank details.
One wipe and reinstall from yours truly and the system is as good as new. Scary stuff hey!!
If anyone from Windows comes ringing just tell them to **** off unless your company has signed a support contract with them!!
About the Author
Hi I’m Chris Wakefield the owner of ComTech IT Support. I provide Windows and Linux based IT Support, laptop repairs and computer repairs to both business and personal clients in Stirling, Falkirk and Clackmannanshire.
Follow @Comtech247 on Twitter