Friend temporarily fell for a tech support scam, had someone remotely access his laptop. How much damage could be done?
Open ended, but I guess the limitation is digital-realm. So for example, your friend can’t be physically infected with a disease or have a broken bone as a result of this, but otherwise there aren’t really any specific limits. Anything that your friend could have conceivably done with his computer could have been done.
if he watched the guy remotely access his computer the whole time and the scammer never tried opening up any documents or anything, how likely is it that any files or personal information were taken?
Computers can run applications that don’t have visual interfaces. Anything could have been done. All files could have been remotely copied, and worse. The attacker who convinced your friend to run some random remote access application doesn’t have to design the application in such a way as to show the victim how they’re being victimized. That expectation is an absurdity.
read somewhere they could have stolen his cookies and use those to log into some accounts?
Sure, possibly.
I think I’ve had him take all the necessary precautions for now. Are there any other steps I should have him take?
The minimum reasonable action here is a full reformat and clean operating system install, in my humble opinion. Even that might be insufficient depending on paranoia level, as UEFI malware that can survive OS reinstall absolutely exists both as a concept and as a field tested reality in the wild.
Open ended, but I guess the limitation is digital-realm. So for example, your friend can’t be physically infected with a disease or have a broken bone as a result of this, but otherwise there aren’t really any specific limits. Anything that your friend could have conceivably done with his computer could have been done.
Computers can run applications that don’t have visual interfaces. Anything could have been done. All files could have been remotely copied, and worse. The attacker who convinced your friend to run some random remote access application doesn’t have to design the application in such a way as to show the victim how they’re being victimized. That expectation is an absurdity.
Sure, possibly.
The minimum reasonable action here is a full reformat and clean operating system install, in my humble opinion. Even that might be insufficient depending on paranoia level, as UEFI malware that can survive OS reinstall absolutely exists both as a concept and as a field tested reality in the wild.