Tech Support Forum banner
1 - 3 of 3 Posts

·
Registered
Joined
·
1 Posts
Discussion Starter · #1 · (Edited)
A family member just came within a hair's breadth of falling for a phishing scam, and I'm trying to do some damage control. From what I understand...

1. They received an email purporting to be from their antivirus provider, requiring them to call a phone number
2. Over the phone, they were given a code and a web page to enter it at
3. Upon entering the code, they were provided with an .exe download
4. The .exe was run, and they were in some sort of application with the scammer on the phone
5. A bank name (but thankfully no account info) and phone number were given away, before another family member intervened and ended the conversation

As of right now, I'm trying to find out exactly what this .exe file installed, so I can try and block/remove it (my biggest concern here is that these scammer still have access to the computer/network).

From what I've been told, it was apparently some sort of application/client that was giving the scammer remote access to the PC while they spoke on the phone, but I can't find any new applications that would've been installed today. A MalwareBytes scan returned clean, but I'm not convinced.

Any ideas how I can proceed? I would be happy to provide any more information (if I'm incoherent, it's because very flustered right now, as this happened in the middle of an incredibly busy work day, so I've got to multitask).

Thank you.
 

·
Global Moderator
Using Google to solve problems
Joined
·
43,850 Posts
This .exe file will probably not show up in a Malware scan, but worth a shot.
To be totally safe, I would copy the users files to another drive and do a Clean Install of Windows 10 to rid of any malicious software.
 
1 - 3 of 3 Posts
Top