So, my friend got his computer “locked” and there was a number to call a Microsoft support agent. He called it and talked to him for awhile, and he got talked into letting the scammer remotely access his computer and took him to the registry where it shows all the area and started trying to sell him an anti-virus. Once he started being marketed to, he hung up and turned the wi-fi and his laptop off. He has tax documents on his computer with private information, so just to be safe I had him file a fraud alert with TransUnion.
I was wondering, if he watched the guy remotely access his computer the whole time and the scammer never tried opening up any documents or anything, how likely is it that any files or personal information were taken? I told him to also keep an eye on bank statements and credit card statements to be extra safe. His passwords aren’t saved on his browser or anything, but I read somewhere they could have stolen his cookies and use those to log into some accounts? I don’t know, I’m just worried but I think I’ve had him take all the necessary precautions for now. Are there any other steps I should have him take?
Tons. My mom also fell for that sh*t. She ought know better but … well, … sh*t happens.
Or that some type of persistent back-door was installed, etc.
I might suggest, if you want to figure out (gu)estimated probabilities, if you / your friend has information on these particular scammers - do some research, see what they typically do. They’re all scum, but the danger level varies. E.g. many mostly just go in, show on screen stuff user doesn’t understand, and convince 'em they need to spend more money on their services - and get card (or account) data and charge for that … and might not be much worse, 'cause they want the repeat business of hitting the same “customers” with same/similar scams repeatedly. Others are much nastier, e.g. grabbing sensitive documents, maybe keytroke loggers, etc., might install a backdoor or quite stealth backdoor. And also, depending what remote access software was used, your friend may or may not have seen all that they were doing.