General Question

metadog's avatar

Grandpa scammed into giving computer access, how to lock him down again?

Asked by metadog (325 points ) September 25th, 2012

Hi! My father-in-law (78 years old) got a phone call last night from some “company” claiming that they detected an issue with the hard drive on his computer and they wanted to help him fix it. He bought that line completely and followed instructions to give the scammer remote access. His son came in the room and noticed the cursor moving on it’s own and someone was accessing the command prompt. He promptly unplugged and turned off the laptop. But, we don’t know what damage was done. In that house, there is a modem, wireless router, a desktop PC (the son’s) and the old man’s laptop. What should be done to lock this down? Virus an malware scans on the old man’s laptop, at a minimum. But what else? To target him like that tends to point to identity theft on some level. They knew his name and home phone number.

Observing members: 0 Composing members: 0

15 Answers

_Whitetigress's avatar

I always give the hackers the benefit of the doubt and trust they know what they need to put into your computer to get stuff out. With that being said if it were me, I wouldn’t be satisfied by running some malware/trojan/virus protector. I’d honestly have to say I would go buy a new computer. Of course this is just my radical opinion. I’m sure there are more conservative and rational ones that will take into account what exact information was taken so the troubleshooting can then begin.

ragingloli's avatar

Call the cops, backup all data, and wipe the machine empty before a reinstall.
Then set up a user account with limited rights for the old man so he can’t change system settings without administrator privileges.

tedd's avatar

Well assuming you’ve disconnected it’s internet access, you can turn it back on and examine for damage. My guess is the person was looking for personal info or banking info. The guys that hijack systems to use your proxy and whatnot probably wouldn’t go through the trouble of physically calling you, that can be traced.

I’ll leave it to someone more knowledgeable on computers to give you advice for fixing the problem, but I would definitely keep a serious eye on any finances that may have had info on that computer.

LuckyGuy's avatar

Do not allow the computer to connect tot the internet. Turn off wifi or disconnect the LAN cable. Now look in the lower right hand corner of the screen Look for a file sharing program. Logmein, or some other program. Google has one too. Right click it and turn it off.. How long did the slime hacker have? They could have put something on the PC or grabbed the stored password file. Change passwords now. Call the police.

gambitking's avatar

1) Boot up while offline (network cable unplugged for sure)
2) Backup anything that’s precious to you on the PC
3) Rip and reinstall that bad boy (format the drive and put a fresh copy of the OS on there)
4) Get back online and download Malwarebytes and set it up just in case.
5) Configure your security and remote access settings to prevent any outside threats
6) Educate your grandpa (and any other users who share the PC) about this kind of scam

Don’t take any chances with this stuff, rip and reinstall is the only way to be sure. You don’t want that computer becoming part of a malicious botnet.

wundayatta's avatar

I would go into programs and uninstall anything that had been installed that day. I’d also search for any files that were new that day, and delete them if I didn’t know what they were.

As to educating Grandpa, I’m afraid that may not be possible. Consumer Reports has an issue about scams this month, and one of the common scams is this one. It works especially on credible elderly people, including those who have any amount of dementia at all. Some of them are told about the scam and yet the people call back and the elderly person does it again.

Be prepared for that. Grandpa may well do the same thing again, especially if he has any diagnosed or undiagnosed mental issues. You may want to identify the phone number the perp was calling from and block that number. You also may want to make it so grandpa can’t answer the phone.

phaedryx's avatar

Does he do regular backups? Sometimes it’s easiest to restore from a safe backup (before the incident). It is difficult to know what is currently installed on the computer.

metadog's avatar

Would you believe this company called back twice! These guys have verve!

No, @phaedryx, he doesn’t have any backups. Though, I don’t believe there is much of archival importance on his machine. Though, he certainly banks online, makes purchases and accesses his accounts via this machine.

Is the other PC on this network at risk as well?

wundayatta's avatar

Yes, I believe it. It’s a common scam. You need to take it seriously. They won’t be stopping. They have a target they know they can be successful with, and your grandfather will keep on giving them information. It’s a cognitive thing. His brain is weak in certain ways. He lacks judgment about who to trust. This is common with the elderly, and you need to be very careful about it.

metadog's avatar

Yeah, we are trying to figure out how to manage this. The man was literally a genius when he was young (masters, doctorates, etc.). He has slipped quite a long way, but is not able to recognize what age has done to him. He still thinks he is smarter than everyone… Yes, ego is intact, age did not diminish that!

gambitking's avatar

FYI, it’s not a legitimate company, they are scam artists with a malicious agenda, they will continue to call and harass. Once they’ve got a tug on that line, they’ll keep casting it out in that same spot.

_Whitetigress's avatar

@ragingloli You recommend “back (ing) up all data”

Who’s to say they haven’t installed a trojan or any sort of command for access when they reinstall? (I’m obviously not an expert please me in)

PhiNotPi's avatar

^^ What you are referring to is called a “backdoor” and he should be wary of one. Once hackers break into a system the “hard way”, they might (and smart ones would) attempt to install an easier way to gain access to the computer.

CWOTUS's avatar

@ragingloli did have good advice.

Backing up data is usually not too difficult, since “data” tends to collect (on Windows machines) in My Documents and sub-folders off that directory. The Local Settings files can be rebuilt as the executables are re-installed and run at a later date. So backing up My Documents (or other file collections that the user creates that serve the same purpose) will generally take care of the user’s data.

Then, after the reformat and re-install of the OS from manufacturer’s disks (followed by installation of Service Pack and updates, which pretty much has to be done online), creating the user account for “Grandpa” with non-Administrator access won’t allow others to use his login information to install malware.

Running Malwarebytes on the backed-up files after the Windows re-install will ensure that there’s no nasty executable hidden there.

The only other thing to add is to make the Administrator access a complicated password that won’t be easily guessed or hacked – and don’t give it to Grandpa.

AshlynM's avatar

I think the other computer at that house is safe. The caller has to gain access to your computer by asking you to go to a certain website and download a program from there. This will give the caller remote access to steal any personal info, gain access to bank accounts, and possibly install keyloggers, viruses and trojans.

The FTC is cracking down on these types of scams. They just recently shut down a big group of these guys.

Unless you yourself initiated contact with tech support, don’t trust anyone.

The best thing to do would be to reinstall the operating system. Also, you may want to check your Grandpa’s bank account to be sure nothing was taken out. These thieves are ruthless and will stop at nothing. Their employer must be paying them good money for them to stoop this low.

Try not to answer any calls from strange numbers, especially odd looking area codes. If it’s important enough, they can leave you a message.

Answer this question

Login

or

Join

to answer.

This question is in the General Section. Responses must be helpful and on-topic.

Your answer will be saved while you login or join.

Have a question? Ask Fluther!

What do you know more about?
or
Knowledge Networking @ Fluther