Remote Access ScammerDon’t grant strangers access to your PC/Laptop. Should I say it again? Don’t grant strangers access to your computer. A trend of the past years has been for scammers to contact computer owners directly via phone in an effort to convince them that there is a problem with their PC and they’ll need to pay to have it fixed.  In general, these people cannot fix anything, and instead they merely charge exorbitant fees for absolutely nothing. In other words, they scam you.

No reputable company would ever call you out of the blue and demand access to your computer. They just don’t work that way. Never take phone calls like that.

popup_scam

Before further explanation about this particular type of scam let me tell you something. Sometimes while navigating in the internet, you might get a popup that says “Computer Security Warning” or “System at Risk” that explains all sort of problems your computer supposedly has (see folllowing image). This is the same type of scam with the variation that the scammers convince you to call them instead of them calling you. That way the scammers don’t have to find out your phone number, you just make it easier for them!

The call generally goes something like this:

  1. A foreigner with a thick Indian accent identifies himself as a member of Microsoft Support or similar.
  2. He informs you that you have a number of critical problems with your PC and that you will need to have it fixed.
    • In this case, it’s mere guesswork, and it’s not even correct most of the time.
  3. To convince you, he offers to connect remotely and pulls up your computer’s Event Log.  He then filters for Warnings, Errors, and Critical events and uses that as evidence that your PC will soon fail to work correctly if you do not pay him to correct it.

The scammer will try to convince you to install a remote control software made by legitimate companies like: TeamViewer, VNC, LogMeIn, Join.Me.teamviewer_logo   vnc_logo   join.me_logo   logmein_logo

Scammer callingIf you do make the mistake of letting them connect, but then you happen to get cold feet and refuse to pay the $180+ they request via credit card, the next thing that happens isn’t pretty. This scammer proceeds to actually follow through on his promise of the PC “not working” if you don’t agree to have him fix it, and so in a few quick steps, behind the user’s back, he enacts what is known as “SysKey encryption”. This is basically a startup password that will prevent you access to your computer unless you type the correct password (see screen below).

syskey_password

A legit technical support person might be able to recover your computer. I said, might be able, since you don’t know the password so, in order to disable this SysKey encryption, a backup of some of your computer files previous to the time of the scam must be found and restored.

Sadly, this is not the worst case scenario. More advanced scammers are targeting businesses and installing what now is called “ransomware”, where they encrypt all your computer files with a password and there is no way, I repeat, there is no way to recover your files unless you pay (thousands!) to get the password.

scammer_calling Fresno State issues ‘ransomware’ email warning citing Hollywood hospital who reportely paid $17,000 in bitcoin to hackers small_cyber A Ransomware Conversation with a Cybersecurity Expert

The important thing to remember is to never trust someone who calls you about a problem with your PC, and never, EVER let them connect remotely to your PC.

I recently was able to recover a computer where the owner was deceived by “Mark”, supposedly a Microsoft technician calling from (703) 483-3905. Mark was trying to steal $299 for a “3 years support plan”, $399 for a “5 years support plan”, or a lifetime plan for only $499.

Don’t fall into the trap! If you or your business want to establish prevention measures to avoid such disaster, I am here to help you. Don’t wait until is too late!