|
re: scareware/browser hijackers: I actually worked in public security for an ISP, and a significant portion of the calls were people who had gotten hit by these. The most common victims were older people who were more likely to panic, either not think about something like "restart your computer" or assume it was a virus that wouldn't go away, and called the number wanting their computer back. A depressingly large portion figured something was up but simply didn't know enough about computers to get rid of the thing on their own and called the number simply because they thought they had no other alternative. Once you call, their next step is to get remote access. Typically they're going to give step-by-step instructions that involve pure keyboard inputs - remember, primary targets are the computer illiterate. Typically this involves pressing the windows key and R at the same time - which opens the run prompt - and then entering in a command that opens up a new web browser session (which will appear over top of the popup) at a website for remote access, typically a semi-public one like logmein or something like that. Once they're in, they get rid of the popup, and then will usually do something like open up event viewer which is full of a bunch of minor error messages about windows background processes - typically stuff that has no effect on day-to-day use and which you'll never notice - point to the number of errors (which is usually alarmingly high - but, again, these are all irrelevant/benign things that don't really effect you), tell them "look! your computer is full of viruses!", and ask for several hundred dollars. Many also run a bogus antivirus scan (which may or may not be a virus itself), and I've seen some that will run hilarious scripts that open the command prompt and generate (fake) progress bars and then display some ridiculously high number of viruses and that the system is critical. At this point, most people would either pay up in desparation (or because they were sold by whatever props they pulled up on the system to frighten them) and then call us because a frequent line was "look at this IP address, it's a russian hacker in your system  " and they wanted us to secure their network, or disconnect the call and call us because they figured something was up and didn't know who else to call.Cleaning up after was usually easy. As was stated by someone else, these are usually drive-by incidents that aren't targeted - the most they'll do is install a program or a script file and maybe put a word document on the desktop holding payment information. All that really needs to be done is restart the computer and maybe run antivirus. But when you're 70, living alone, uncomfortable with computers, and easily panicked/stressed out, that's quite a challenge. That last point especially was really depressing - a lot of the people who had panicked were already in a bad place (poor health, death of a family member, etc) and that affecting their judgement was part of why they fell for the scam. Really, before I was at that position, if I got one of those microsoft scammer calls I'd just hang up on them, but since taking that job I'll curse them out. They're scum making the elderly miserable for profit, they can die in a fire. President Ark fucked around with this message at 20:27 on Aug 2, 2016 |
#
¿
Aug 2, 2016 20:22
|
|
|
|
| # ¿ Mar 17, 2025 16:39 |
|