What should I do after falling for a fake IT support scam?

Withheld April 2, 2013
Ads by Google

Oh, man, I probably made a huge mistake last week. We were at the end of a long, tired day and ready to go out when this Indian guy calls and fast talks me into checking my computer for viruses etc. To make a long story short, I got suckered into letting him do a random access search on my computer. He had me go into “event.ventvwr” and showed me all the problems I had – and my computer WAS being very slow.

I was charged $199.99 for a year to keep my computer “working without any problems” and went out the door to dinner. I ended up with second thoughts on such a high price, so I asked to be downgraded to the three month trial of $69.99. Yesterday, I tried to update Flash Player and couldn’t exit out of the command so I went panic mode and figured I’d probably been duped.

I have requested all my money back, did a search finding others (not recently) who did the same thing with the same feelings. I changed my bank account password, found I had a “first user” on Google Chrome which I hadn’t added, changed my administrator password, and probably royally messed up my computer beyond what this guy probably did. Help! I’m worried sick. I have two computer savvy sons and I’m embarrassed to call them!

  1. Oron Joffe
    April 8, 2013 at 8:13 pm

    Dear Withheld, to answer your question in your reply to my reply... no, restoring to an earlier system restore point will make no difference.
    Restore points contain copies of critical files (esp. system files) so that if a file is deleted or becomes corrupt then you can restore the system to an earlier stage. Restoring will not REMOVE anything from your system except for system updates. I would not recommend you take that route.
    I can well understand your reluctance to rebuild your PC - it's a hell of a job, and there's a gamble here either way (see Rob Hindle's excellent response).
    One thing you should face up to is the potential harm that can be caused to you. It is a lot more than merely the contents of a single bank account. A good few years ago where an elderly British gentleman was arrested and detained by the South African authorities at the request of the CIA. Several months later, it turned out his identity was stolen and used maliciously without his (and obviously, the CIA's) knowledge...
    To steal someone's identity, you need to have some personal details about them (name, address, date of birth etc), and usually some other identifying details, such as details about their family, perhaps access to a bank account. All this is probably on your computer, so at the very least, change all your passwords. Good luck!

  2. EL
    April 3, 2013 at 4:42 am

    You should probably wipe your system. First, copy all files to an external hard drive, make a list of installed programs (you can export one from CCLeaner), and make sure you have the license codes for any programs you paid for.

  3. Rob Hindle0
    April 2, 2013 at 4:58 pm

    Other answers cover "what to do" so I'll just highlight what's at risk - you need to take all possible actions to counteract all these risks. Don't be "shy" of admitting you've been conned, instead take the opportunity to tell as many people as you can, if you save just one more from the same you've done them a great service. As you are finding out, the cost of your time spend cancelling your cards, changing your passwords, cleaning your PC will be far more than the $199 they charged in the first place.

    Once a third party has access to your PC they can:
    Install a trojan (so they can get remote access to use your PC for their own purposes whenever they want)
    Install a keylogger to capture your logins and passwords
    Capture email addresses of all the contacts in your email program
    Read your personal documents
    Use the information they gather to impersonate you (identy theft)
    Having given your credit card details to a third party (who obtained it under false pretences so you know they are dishonest), there is a real possibility of them using it elsewhere or selling the details to other crooks.

  4. justinpot
    April 2, 2013 at 2:35 pm

    One piece of advice: call your credit card company and cancel the payment. I'm sure this won't be the first time they've heard this story, and you can probably get your money back. Don't let those jerks keep any of it. :)

  5. justinpot
    April 2, 2013 at 2:35 pm

    One piece of advice: call your credit card company and cancel the payment. I'm sure this won't be the first time they've heard this story, and you can probably get your money back. Don't let those jerks keep any of it. :)

  6. justinpot
    April 2, 2013 at 2:35 pm

    One piece of advice: call your credit card company and cancel the payment. I'm sure this won't be the first time they've heard this story, and you can probably get your money back. Don't let those jerks keep any of it. :)

  7. ha14
    April 2, 2013 at 8:37 am

    i think flash player will not update if you do not close all applications that are running in the background using flash.

    concerning that tech guy you can ask the help of town hall to get some more info on them.

    in addition to your antimalware seurity tool you can use AntiLogger as another layer of security like Zemana AntiLogger

  8. Oron Joffe
    April 2, 2013 at 7:50 am

    The answers I've seen above are all good, but to summarise, rebuilding the PC (i.e. wiping the drive and reinstalling everything would be the best. However, it may not be practical, in which case, change all your important passwords (including your primary email), remove any remote-control programs you find, and run both your anti-virus and additional anti-malware software (Malwarebytes Free, is good).
    If it makes you feel better, several of my clients have fallen for this scam (I've received calls myself, but not fallen for them...) and when I subsequently checked their PCs, I never found anything malicious. It seems the scammers are mostly after the money, and don't bother with installing malware on the clients' PCs. Of course, there's always the first time...

    • Withheld
      April 8, 2013 at 7:08 pm

      I've been monitoring my computer ever since it dawned on me I'd been scammed. I'm running anti-virus/malware software almost every day and so far haven't found a thing. I've put monitoring on my bank account so that's protected, too - not much in there anyway and I only use one debit card for paying anywhere. Wiping my computer is a big process I would have to relegate to a professional. Considering I'm only using it for personal home stuff (saving pictures, games, genealogy, etc.), there isn't much worth anything to anyone except my email contacts. I tried to do a backup and don't have enough space to do it even though I'm already using an external drive. If i do a restore to a point before this happened, would that take care of the problem?

  9. Alan Wade
    April 2, 2013 at 4:52 am

    To have 100% peace of mind I would, if you create image backups regulary, revert back to an image before the scam call. If not then backup everything and anything that is important and then format and re-install.
    This action may be a little drastic to some people but its what I would do.
    If you decide to re-install everything, use a complete new set of passwords.

  10. Rajaa Chowdhury
    April 2, 2013 at 2:41 am


    I am from Kolkata, India. Recently, my neighbor person, a retired HR guy, approached a new venture for a job and was appointed. As, I do have some IT and BPO background, he was discussing this company with me, where he said it is a US outbound process they have. Next day he came in and said that, Raja, already operations has started, and I heard the agents calling USA and saying we are calling from Microsoft and their is problems that has been found by Microsoft and we are here to support you. I immediately advised my neighbor to dis-associate from this new venture, which he did so promptly and narrated him the unscrupulous things these companies do and the illegality of it.

    My heart reaches out for you, but I assure you most Indians are honest people. Most of the outsourcing are legitimate processes and we do a pretty decent job. However, bad apple are found everywhere, and these scumbags earns a bad name for all of us. I am pretty sure that you would not again be able to believe another Indian going forward.

    Now, just a word of advice. The first correct step taken is changing of the passwords. Also, earnestly requesting to put aside your ego and please do call one of your sons, to take a data backup and re-format and re-install everything afresh. Also if you have a static IP from your ISP, kindly request a change of the same from them and do the necessary changes in your computer. Last, mistakes is a part of human life, but we learn from it, so going forward never entertain such calls and simply say that you take support only but calling the official helpline as you already have a support contract in place.

    Believe me, we Indians are mostly simple hard working people but, as in all parts of the world, we also have our share of rotten people, who is earning bad name for us. :(

    • justinpot
      April 2, 2013 at 2:34 pm

      Fascinating story – I love seeing the other side of things like this. Thanks for sharing that.

    • Rob Hindle0
      April 2, 2013 at 4:41 pm

      "...we also have our share of rotten people, who is earning bad name for us."

      You bet. If I answer the phone and hear an Indian accent I just put the phone straight down. That's because my previous experience was that those calls were 99% "sales" or scams. Some legitimate UK organisations have outsourced call centres to India so I have probably put the phone down on calls from my Bank, travel agent etc. too. Doesn't matter. If they have anything really important to say they'll send a letter.

      Until your government finds a way to work with the global community and to find and prosecute the "rotten people" your country and people will continue to have their reputation trashed.

    • Rajaa Chowdhury
      April 3, 2013 at 3:07 am

      @ Rob Hindle0 : Let's not get into mud slinging game. A wrong has been done, and I as a fellow countrymen have apologized for it and also agreed on the loophole. Let's keep politics and government terminologies out of it as worldwide governments are just a bunch or people whom we call morons. They are the most ineffective entity in the whole world and 'cause of most of the world problems, lest it can be any country government including yours and mine. :) Also I really hate the western perspective of global community and isolation or reputation. Whenever, your vested interests get hurt, western viewpoints cry foul, or otherwise remains silent and goes on exploiting. Everyone is to his own and everyone looks into their own interests, or otherwise you should not have again been talking of going your own way with your economy and currency when the EU and Euro took a beating for the Greeks, isn't it? :) Peace!!! I am not here to fight, just wanted to highlight, by nature humans are selfish, so let's all quit playing the Samaritan, which seems a fad in the western world. :)

    • Withheld
      April 8, 2013 at 6:39 pm

      Thank you, Rajaa. My daughter-in-law is Indian and her father is a doctor in Calcutta. I don't think less of the whole group because of the bad guy who scammed me. I'm more angry with myself for letting it happen. I consider myself to be pretty smart about this sort of thing, but now i know how easily it can happen. I keep telling my elderly mother to be careful of scams and now I find myself caught. Grrr. Anyway, I've gone through my computer and in scanning only found three mid level threats, no programs that look suspicious, but my remote access needed to be unchecked. I'm too chicken to do more than run the scans from my own antivirus software, Malbytes, and will download Avast when this scan is done. Fortunately, I don't own a credit card. My concern now is having passed something on to one of my email contacts. After I've scanned the computer multiple times, I plan to let them all know to beware of this same issue.

  11. khendar
    April 2, 2013 at 1:10 am

    I think you should start with a full scan of your system to see if anything malicious was installed. Personally I use Malware Bytes and Avast on my systems. Avast also has shields which can protect you from people trying to access your system. These programs should be able to detect and remove any programs that the scammers installed.

    You did the right thing by changing your banking password. I'd go further and suggest change your passwords for your email and any other forums or sites you use. Especially if you have used the same or similar password for multiple sites. If somebody has access to your email account then they potentially have the ability to get control of your other accounts too.

    Keep a close eye on your bank and credit card statements for the next few months. Question any unusual payments immediately.

    Don't be afraid to ask your sons for help. Everybody gets duped at least once on the internet, whether its clicking on a dodgy ad or accidentally downloading a virus. Your sons should be able to guide you in running the necessary scans.

    Finally it's important to see this as a learning experience. At no time will Microsoft (or any other company) ever contact you legitimately to offer computer support. It is always a scam of some kind.


  12. Bruce Epper
    April 2, 2013 at 12:40 am

    For the most effective results, save all of your data files to an external drive, compile a list of all installed programs, then run DBAN on your local hard drive, reinstall your OS and fully patch it, reload all of your software from scratch (use latest versions for any freeware or freely updated ones) and reload your data on the freshly baked machine. You may want to get one of your computer savvy sons to do if for your if you are uncomfortable with the job because it it tedious. This process normally takes about 18 hours on my primary Windows system. It can be shortened if you have a system image that was captured prior to the recent insult to ths system.

    Short of that drastic measure, you could disable Remote Desktop on your computer (if it was previously enabled) by going to Computer - Properties - Advanced system settings, selecting the Remote tab and in the bottom portion selecting 'Don't allow connections to this computer'. Next, check for any other remote control software that may be active, such as GoToMyPC and TeamViewer. Disable any of those that you find. Open your antivirus software and run a full scan on the system. Quarantine any suspicious items it finds and keep re-running the scan until it comes up clean. Install Malwarebyes (download it from the links on malwarebytes.org), update it when it asks if it should and run a full scan with this removing any suspicious items it finds. Keep running this scan until it comes up clean. Download and run CCleaner (from piriform.com) to remove any remaining unecessary crap from your hard drive; DO NOT use the registry cleaner portion unless you know what you are doing as it can cause more problems than it fixes at the moment. Reboot the computer and see if it still exhibits abnormal behavior.

Ads by Google