So, my friend got his computer “locked” and there was a number to call a Microsoft support agent. He called it and talked to him for awhile, and he got talked into letting the scammer remotely access his computer and took him to the registry where it shows all the area and started trying to sell him an anti-virus. Once he started being marketed to, he hung up and turned the wi-fi and his laptop off. He has tax documents on his computer with private information, so just to be safe I had him file a fraud alert with TransUnion.
I was wondering, if he watched the guy remotely access his computer the whole time and the scammer never tried opening up any documents or anything, how likely is it that any files or personal information were taken? I told him to also keep an eye on bank statements and credit card statements to be extra safe. His passwords aren’t saved on his browser or anything, but I read somewhere they could have stolen his cookies and use those to log into some accounts? I don’t know, I’m just worried but I think I’ve had him take all the necessary precautions for now. Are there any other steps I should have him take?
I appreciate the concern from the other comments but to give an alternative view having seen and dealt with these tactics for years… do nothing. These scams are simply after money. They try to convince the user their computer has an issue and then they ask for payment (typically in the form of gift cards) to “fix it”.
Unless your friend is a very very important person, like a politician or a celebrity, they cannot make money from stealing the notepad files from their desktop. They just want money.
This is TERRIBLE advice.
In a matter of seconds the person who compromised the system could have installed any type of software without giving any indication whatsoever to the OP.
Every one of their passwords is now compromised. The system may have a key logger or other malware installed. This will allow the hacker to gain full knowledge and access to everything on the system now and in the future.
That of course includes all the tax paperwork, identifiable information, Bank records, bank accounts, retirement account, crypto accounts, Google accounts, Facebook accounts, and Roblox accounts.
A person’s entire life is on their computer, and you don’t have to be rich, famous, or important to have your identity stolen, your bank accounts wiped out, and your financial life ruined.
I don’t know about you, but if every dime I have and every dime I will earn is now in danger, I’m going to do something.
To the OP, your friend definitely needs to clean their computer and (only after cleaning) change all their passwords.
If you change the passwords on the same PC before cleaning, you just gave the hacker all the new passwords.
So there is no chance they have installed keyloggers, or copied out saved passwords?
There is every chance.