If you suspect a problem with your computer, go to Best Buy (for Windows) and Genius Bar (for MacOS), or hire a reputable IT pro to take a look.
As I learned from “Greg,” some of the callers know where you live, which increases the chances of your getting doxxed or targeted in another attack in retaliation. The scammer can set a password on the computer or change the existing password, to lock you out of the computer the next time you start it up. If they know where you live, they can hit you in the real world.
Once you realize it’s a scam, hang up. There is no benefit in stringing them along, and these callers get very angry. I usually was shaking after each of these encounters and frequently had to go outside for a walk to calm down.
One of the many calls from “Jake” ended with him screaming, “You think this is a scam? I will show you! I will show you hackers have control, because I am going to be the one taking over in 48 hours. Watch out!” I was rattled enough to keep all computers (even the Linux and Mac systems) in the house off for three days after, just in case.
“Nancy” threatened legal action. “Listen, I am telling you one last time, whatever information you have in your computer save it, because in the next 24 hours, we are going to cancel the license of your computer. And we will send you a legalized document, all right? At your doorstep. At that time, you can have a talk with the lawyers.”
It’s been a few weeks. No lawyers yet, whew.
What if you fell for the scam?
If you installed software, uninstall the software and run a security scan to remove it. If you gave remote access, reboot the computer to force-end the session. Uninstall the software. If the scammer got a chance to look through your files, as part of the remote access session or through the downloaded software, then assume they have copied your files and may have access to your passwords. Change your passwords after running the security scan and verifying no keylogger was left behind.
At this point, it may be better to disconnect your computer from the Internet, back up the specific files you need (if they already weren’t backed up over fears of ransomware), and wipe the machine to start over. There is no point in risking that the malware has enough hooks into the system that the security software is unable to eradicate it completely.
If you paid the scammer, call the credit card company right away to report the incident and cancel the transaction. Cancel the card, too. If the attacker has the information, they can use it again later or sell the number to someone else.
Sign up for CIO Asia eNewsletters.