Some not-so-friendly Tech Support

A friend sent me a text recently to let me know that some of my Answer Guy advice over the years had just helped them out. They had a virus appear on their computer and after working through it with technical support all was fine thanks to them having a solid backup of all their important files. My first thought was “Marvellous!” My second was, “How did you know you had a virus?” That’s when things took a turn.

Virtually every PC comes with virus protection these days. Windows Defender is built in. While not a perfect antivirus (there is no perfect antivirus) it’s pretty solid. Installed and running by default in Windows 10, left to its own devices it scans regularly. Part of the reason that it’s rarely necessary to use more than Defender is that the kinds of attacks on people’s computers have changed a lot from the days when you’d boot up and see a message saying “Your PC is now stoned.”

Now the thing about antivirus programs is they’re pretty much hands-off. They update themselves, scan on a schedule, quarantine or delete files automatically, and don’t bug you. What they don’t do is pop up a message telling you to call Tech Support. They. NEVER. Do. That. If you take away nothing else from this article let it be that you should never, ever call a phone number that pops up on your computer telling you to call someone for technical help. That just doesn’t happen – except with scammers.

My friend was scammed. The person on the phone was courteous and professional. Got remote access to the computer. Installed some software. “Fixed” the problem. And then charged their credit card. All done right? Nope.

The point of the exercise was the credit card and personal details. This could be a prelude to identity theft.

A phone call and the offending computer was sitting on my dining room table. A quick check and sure enough some remote access software had been installed. This software would let the fake Tech Support person login to the computer and download data or make changes at any time. Not good.

This is not to say that there are not legitimate times for remote access software, there are, but professional organizations use software that requires you to be present and approve the connection each time.

I told my friend to call their credit card company and cancel their card, set a meeting with their bank the next day to inform them of what happened, and I went to work on their computer.

One of the bad parts about a scam hack like this is once the scammer has access to your computer they can install backdoors into your computer that are essentially impossible to detect without very sophisticated tools and time. If you don’t have a good backup and must save your files you can try buying an antivirus program and see if it can remove any remaining viruses and backdoors. If you go this root, I’m partial to Kaspersky Anti-Virus and Bitdefender, but there are other good ones. The caveat here is that some anti-virus programs are as difficult to get rid of as the viruses they’re designed to get rid of. And there will always be that nagging feeling of “What if there’s something still on there?”

So, almost always the best recourse is a reset to factory. You accomplish this under Windows 10 by Selecting Settings from the Start menu. Then select Update & Security. Then select Recovery. Then Reset this PC. You will be given an option to Keep your files or Remove everything. Hopefully, you have a good backup and you can Remove everything. When asked if you want to Clean the drives, you can say no and select Just remove my files, unless it is your intention to sell your computer.

These steps will bring your Windows 10 back to factory. You can now be very confident, if not 100%, that your computer is virus free and safe to use again. Now restore your backup and carry on.

Some things to know:

You are not smarter than the scammers. They make a living convincing skeptical people that they are legitimate and here to help. You can’t tell by their voice, accent, etc. They are confidence men/women. They do this all day every day.

You must immediately call your financial institutions to make them aware. And if you are very concerned about the information you’ve given the scammers, you may want to file a police report. Insurance companies may want to see that you’ve done this. Your bank can usually advise you in this respect because sadly they see this all the time.

Have a backup.

Happy – and safe – computing.