Page 1 of 4 123 ... LastLast
Results 1 to 15 of 53
  1. #1
    WS Lounge VIP Coochin's Avatar
    Join Date
    Jun 2014
    Location
    Queensland, Australia
    Posts
    2,154
    Thanks
    31
    Thanked 307 Times in 267 Posts

    Scammers taking advantage of GWX?

    Earlier this week I attended a customer (elderly man) who said he had received a phone call from "Micro$oft Support" urging him to "fix infections" on his Win7 SP1 computer.

    I quizzed the customer about the call, and what eventuated from it, but the answers I received from the customer were not very helpful. That is not unusual, since the scammers depend largely on ordinary users' ignorance about the technical details of Windows. But it did seem the scammers were trying to get the customer's credit card or PayPal details. The customer mentioned sums demanded >$900 but was adamant he did not agree to supply such details or to pay.

    Nevertheless, it was apparent that the customer had allowed the scammers remote access to his computer (further explanation of this below).

    Desktop PC, booted normally through POST to the Win10 startup logo then the Win10 login screen. Two user accounts listed in the lower-left of the login screen, but any attempt to login to either account with any password the customer could suggest failed w/ "incorrect password" error (cust. did not have a password set in the single admin-level account in Win7).

    Tried the Shift-Restart/Troubleshoot options but choosing any option (Reset, Refresh, Command Prompt, etc.) simply resulted in the login screen demanding a password. Also tried booting from a Windows Repair CD with same result (password demanded to access any advanced repair options).

    Back in May 2015 I had worked on the same customer's PC to remove malware and had created a system image of his C:\ drive ( http://www.terabyteunlimited.com/bootit-bare-metal.htm ) so was able to connect his PC to my workbench, image his Win10 partition, and then restore the previous Win7 partition.

    After that, when I accessed the Win10 image (tbiMount, included w/ BootItBM) it was clear that the customer had downloaded "TeamViewer" at the time the scammers accessed his system.
    I also extracted his up-to-date user files incl. email then restored the Win7 partition and the up-to-date user files.

    Fixed any remaining problems w/ the restored Win7, and the WLM email database, and the customer is now good-to-go.

    After all above ran "GWX Control Panel" from: http://ultimateoutsider.com/downloads/ to disable the auto-upgrade to Win10. More info at: http://blog.ultimateoutsider.com/
    Last edited by Coochin; 2015-10-07 at 07:02.
    Computer Consultant/Technician since 1998 (first PC was Atari 1040STE in 1988).
    Most common computing error is EBKAC: Error Between Keyboard And Chairback
    AMD FX8120 (8-core @ 3.1GHz) CPU, Gigabyte GA-990FXA-D3 motherboard, 8GB (2x4GB) DDR3 1866MHz RAM, ATI-AMD Radeon HD6770 PCI-E VGA, 480GB Kingston SSD, 2TB Seagate SATA3.0 HDD, ASUS DVD/RW.

  2. The Following User Says Thank You to Coochin For This Useful Post:

    brino (2015-10-15)

  3. #2
    WS Lounge VIP
    Join Date
    Dec 2009
    Location
    Earth
    Posts
    8,191
    Thanks
    48
    Thanked 985 Times in 915 Posts
    Why do people do anything a person who rang up out of the blue asks them to do?

    cheers, Paul

  4. #3
    WS Lounge VIP Coochin's Avatar
    Join Date
    Jun 2014
    Location
    Queensland, Australia
    Posts
    2,154
    Thanks
    31
    Thanked 307 Times in 267 Posts
    @ PaulT

    Exactly what I pointed out to the customer, yet I have encountered many other cases wherein customers have been scammed because they did not stop and question the integrity of the caller.

    Case-in-point: yesterday I received an email w/ subject "Design" but no body text yet a PDF file attachment. I might have assumed from the nature of the sender's email address (looked like an advertising agency) that the email was valid and it would be safe to open the attached PDF.

    But if they don't bother to tell me what their attachment is about then I would have to be a bit of a mug to open it blindly, wouldn't I? (deleted w/o opening of course).
    Computer Consultant/Technician since 1998 (first PC was Atari 1040STE in 1988).
    Most common computing error is EBKAC: Error Between Keyboard And Chairback
    AMD FX8120 (8-core @ 3.1GHz) CPU, Gigabyte GA-990FXA-D3 motherboard, 8GB (2x4GB) DDR3 1866MHz RAM, ATI-AMD Radeon HD6770 PCI-E VGA, 480GB Kingston SSD, 2TB Seagate SATA3.0 HDD, ASUS DVD/RW.

  5. #4
    5 Star Lounger
    Join Date
    Dec 2009
    Location
    Delaware, US
    Posts
    1,169
    Thanks
    19
    Thanked 99 Times in 88 Posts
    Quote Originally Posted by Paul T View Post
    Why do people do anything a person who rang up out of the blue asks them to do?
    A computer is (literally) a black box to people and people are terribly gullible.

    I have spoken with people who have paid a caller to "clean up" their computer and are quite happy with the results because it runs faster. They have no idea that anything may be amiss or that their computer probably now has a keylogger or what a keylogger is or even that such a thing is possible.
    Graham Smith
    DataSmith, Delaware
    "For every expert there is an equal and opposite expert.", Arthur C. Clarke (1917 - 2008)

  6. #5
    WS Lounge VIP Coochin's Avatar
    Join Date
    Jun 2014
    Location
    Queensland, Australia
    Posts
    2,154
    Thanks
    31
    Thanked 307 Times in 267 Posts
    It seems I didn't make my main point clear enough in my #1 post. The scammers apparently caused the customer's PC to be upgraded from Win7 to Win10 and set passwords on the user accounts but did not tell the customer the passwords, hence I suspect the scammers' demands for payment were for those passwords.

    Fairly tricky, and I can understand how an ordinary PC user can be "sucked in" by such means.
    Computer Consultant/Technician since 1998 (first PC was Atari 1040STE in 1988).
    Most common computing error is EBKAC: Error Between Keyboard And Chairback
    AMD FX8120 (8-core @ 3.1GHz) CPU, Gigabyte GA-990FXA-D3 motherboard, 8GB (2x4GB) DDR3 1866MHz RAM, ATI-AMD Radeon HD6770 PCI-E VGA, 480GB Kingston SSD, 2TB Seagate SATA3.0 HDD, ASUS DVD/RW.

  7. #6
    Super Moderator
    Join Date
    Aug 2012
    Location
    Durham UK
    Posts
    6,625
    Thanks
    147
    Thanked 879 Times in 841 Posts
    I'd recently been helping someone on another forum who had fallen for the pop up on the screen pertaining to be from MS and they had hooked up to her machine to "tune it".

    She posted their final report which said they'd added some security items so I had her run ESET Free Online Scanner to include the PuPs and it found over 50 files to remove.

    I didn't get to finish things as she didn't feel confident in following a tutorial because of health problems and got a knowledgeable neighbour to have a look at it, which ended up not being able to boot so she had to take it into a repair shop.

  8. #7
    WS Lounge VIP mrjimphelps's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    3,405
    Thanks
    447
    Thanked 404 Times in 376 Posts
    Quote Originally Posted by Paul T View Post
    Why do people do anything a person who rang up out of the blue asks them to do?

    cheers, Paul
    I had an elderly customer who called me weekly to fix something on his computer. He was fooled by a similar scammer. I asked him why he didn't simply hang up and then call me when they told him he had computer issues, and he wasn't sure.

    It really puzzled me as to why he didn't call me, because trust me, this guy called me literally all the time and wanted me to come check this or that with his computer.

    When you have your own personal geek, why in the world would you trust a total stranger for computer help?

  9. #8
    Silver Lounger wavy's Avatar
    Join Date
    Dec 2009
    Location
    ny
    Posts
    2,377
    Thanks
    235
    Thanked 147 Times in 136 Posts
    Quote Originally Posted by Paul T View Post
    Why do people do anything a person who rang up out of the blue asks them to do?

    cheers, Paul
    But it is Job Security for some
    There will always be some that fix thing and some that break them!

    David

    Just because you don't know where you are going doesn't mean any road will get you there.

  10. #9
    5 Star Lounger
    Join Date
    Jul 2012
    Posts
    966
    Thanks
    661
    Thanked 58 Times in 57 Posts
    One thing that happens is that the customer (should I say victim) in some cases is shown a screen with items with red entries and are led to believe those are underlying problems in the computer. That happened to one of my friends once and she was willing to pay $215 but didn't have the money.

    I'm sure all of us have our stories and it's too bad it's the way it is. But thanks to this post I'm going to implement a warning in our senior center where I volunteer to avoid such calls: naturally with some explanation.

  11. #10
    New Lounger
    Join Date
    Dec 2009
    Location
    Fort Myers, FL
    Posts
    22
    Thanks
    0
    Thanked 4 Times in 3 Posts
    For those of you who routinely help older family members, friends, or others with computer problems:

    I, too, help a number of older people, primarily through our church, with their computers. The problem I see with many is that they use them primarily as communication devices, using mainly e-mail, Skype, Facebook, etc. Their other main use is searching for information, or entertainment- primarily "filling time" things, searching subjects and following links. However, they have little to no knowledge of how computers work, or have any real knowledge about how scammers operate. So when they get a scam e-mail, or hit an unsafe website or pop-up, they frequently fall for it. A significant subset have no patience. When something goes wrong- even a program that malfunctions WITHOUT any malware involved- and they can't reach me, or I can't fix it over the phone and I can't go to them immediately- they try to fix it themselves, or enlist the aid of a "helpful" neighbor- and thereby only make things worse.

    My solution involves several things. First, I have all on automatic update for Windows Update. Second, I visit them monthly, do virus & malware scans, defrag their drives, (none have SSD's,) and run a full system image. Second, I have their User files on daily incremental backup, running in the wee hours of the night. Third, I tell them to call me if they have ANY questions about updates from other programs that are offered, pop-ups, etc. Some of the latter I can handle over the phone, but I tell them to ignore others until I can come over and check them out. Fourth, I tell them that if they let ANYONE else "help" them with their problems, because they don't want to wait until I can help them, that I will no longer be responsible for helping them with their computer.

    Fifth, and the biggest timesaver, whenever they have a problem with a program, I tell them to reboot their computer and then see if their program will work, and I tell them that this is the thing to do whenever they have ANY problem! This alone probably reduces the need for calls and/or visits by at least 80%!

    With my people thus properly "trained" I almost never have to resort to a system image restore. When a program (usually the e-mail client) changes its interface, I can usually fix it quickly so that the person can access it through a desktop shortcut, as they used to, or I can teach them how to do the (usually) one thing different so that it'll work for them.

    I hope this helps those of you who assist others less technically clued-in than you are with their computers.

  12. The Following 2 Users Say Thank You to Comedian For This Useful Post:

    Backspacer (2015-10-15),brino (2015-10-15)

  13. #11
    Star Lounger
    Join Date
    Dec 2009
    Location
    South Jersey
    Posts
    69
    Thanks
    9
    Thanked 13 Times in 11 Posts
    "When you have your own personal geek, why in the world would you trust a total stranger for computer help?"

    It may be the "Experts from Afar" syndrome. The further away an expert comes from the more capable he/she is assumed to be.

    Being a local geek, you were just too close to be good at what you do, regardless of past wins.

    Take your money and have a private laugh. If you work for free, stop it. That's only for family or those who can offer favors in return. (or this forum, of course)

  14. #12
    Star Lounger beachboybogart's Avatar
    Join Date
    Jul 2015
    Location
    Mexico for the time being...
    Posts
    86
    Thanks
    5
    Thanked 1 Time in 1 Post
    As a longtime PC repair person, dealing almost exclusively with retirees, I am disappointed with some of Comedian's response. I appreciate his empathy for those who really must rely on other's expertise. But I cannot abide some of his regular maintenance.

    First, and let's be clear about this: Windows Update should never be turned on for any operating system since XP... except for W10 (and only because it still has so far to go before it is an acceptable OS). There is nothing, absolutely nothing, on offer that is worth having, and yes: I include the security updates in that statement. I have seen hundreds of PCs crippled and/or destroyed with Updates.

    Second, defragging anything since XP is somewhat of a joke: the operating system takes care of itself. Defragging is now an old-wive's tale. The only reason people use it is because they've heard it should, and the only technicians that use it are "handymen" who do not keep up on the ways of the OS. You can easily damage a PC by using it. The 1% or 2% speed "improvement" that may result is not worth the potential calamity. (By the same token, never use a program like CCleaner. I built a new PC, never connected to the Internet, Windows 7 Ultimate. CCleaner found 325 "serious errors". BS.)

    So visiting a user every month to defrag is a good way to make money, and that's it.

    Backing up daily is brilliant, and everyone should do it.

    But telling people to never have anyone help seems to me to be a bit of a pressure tactic.

    Sorry, nothing personal meant by this, even though I am sure it will be taken that way (I would!). But I deal with the fallout of second-rate repair guys in my area all the time, and while I should be writing each of them personal thank you notes for the business they generate for me, they continue to tick me off.
    Telling a user to reboot is a very smart and generous move anytime.

  15. #13
    Star Lounger
    Join Date
    Dec 2009
    Location
    South Jersey
    Posts
    69
    Thanks
    9
    Thanked 13 Times in 11 Posts
    "I tell them that if they let ANYONE else "help" them with their problems, because they don't want to wait until I can help them, that I will no longer be responsible for helping them with their computer."

    I love that one. I would just eliminate the "because they don't want to wait" part.

    When more than one person "fixes" a computer, you just never know what you will find. At the least, it injects factors you weren't aware of, and will almost always cost you time and aggravation.

    The kicker is, you will often wind up aggravating your customer because he/she feels you are accusing them of doing "something bad" (which they did) even though you tried to be tactful.

  16. #14
    Star Lounger
    Join Date
    Dec 2009
    Location
    South Jersey
    Posts
    69
    Thanks
    9
    Thanked 13 Times in 11 Posts
    "First, and let's be clear about this: Windows Update should never be turned on for any operating system since XP....There is nothing, absolutely nothing, on offer that is worth having, and yes: I include the security updates in that statement."

    AMEN AND AMEN MY BROTHER!

  17. The Following User Says Thank You to UncleStu For This Useful Post:

    beachboybogart (2015-10-15)

  18. #15
    2 Star Lounger
    Join Date
    Jul 2011
    Posts
    132
    Thanks
    31
    Thanked 4 Times in 3 Posts
    Can I inject a thought? I'm as old as the hills and I can safely assume the writers are probably nowhere near my age. Some of the seniors are no longer as mentally alert as they once were. They did not grow up with computers and don't understand that they should not follow any instructions, either by phone or appearing on the desktop. That fact must be drilled into them and maybe even a reminder printed out and placed close to the PC.
    Frankly, some of the explanations given to me are over my technological head but basic instructions I can understand.

  19. The Following 2 Users Say Thank You to PCLearner For This Useful Post:

    mlg63 (2015-10-15),oldpaul100 (2015-10-20)

Page 1 of 4 123 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •