UKSaabs

THE site for UK Saab people!
It is currently Thu Sep 20, 2018 9:07 pm

All times are UTC





Post new topic Reply to topic  [ 22 posts ]  Go to page 1, 2  Next
Author Message
PostPosted: Tue Mar 13, 2018 7:34 pm 
Offline
UKS Addict

Joined: Wed Apr 11, 2012 11:33 am
Posts: 3576
Location: Colerne North Wiltshire
Car Model: GSXR1000 K2 Aero vert gone
I am not good with computers. This afternoon while browsing the internet a large red sign accompanied by a loud insistent voice urging me not to shut down my computer appeared. It said I had been hacked and if I shut down my computer everything would be lost. It gave what purported to be a Microsoft phone number 0800-046-5257 which I should ring within 5 minutes and a system error code ox44578. I then spent many minutes on the phone entering different things on my computer at the behest of the "helpful" operator at the other end of the phone who was able to move the curser on my computer and manipulate it. I only smelt a rat when they asked me for money to restore the security of my computer, I immediately put the phone down. I know enough not to give out any bank details on the phone. I had a follow up call which I immediately cut off. My computer still seems to work fine. This has never happened before in 12 years of internet use.

Being worried that the hackers now had access to my computer records I immediately cancelled my bank and credit cards ( I do not do internet banking) When next week I get new cards would it be unsafe to use them on my computer (eg buy stuff on Amazon?). Should I get a new computer, or change my internet name? Would changing my password help. Any suggestions please.

_________________
Four wheels good two wheels better


Top
 Profile  
 
PostPosted: Tue Mar 13, 2018 7:44 pm 
Offline
Talking Turkey
User avatar

Joined: Mon Apr 02, 2007 11:52 am
Posts: 23184
Location: not in a SAAB.
Car Model: One of the first RHD 9-5s
Change any passwords for any accounts you use online (including UKS). Unlikely that you needed to cancel your cards unless you have accounts with payment details stored (paypal, amazon, etc). Even then, they can only spend money on that account and not steal the details to use them elsewhere.

Run some up to date antivirus and antimalware software on the PC as these scams often install keyloggers on the PC to record your usernames and passwords as well as installing a backdoor so somebody can have a good look around your PC and find any useful information at their leisure later on.

I always have my browsers set to forget everything as soon as they are closed and never keep logged in on any site. Its a pain to go through multiple logins when I get on the PC but its safer than not doing it.

_________________
52 9-5 2.0LPT Vector Sport B235R/GT17562
05 9-5 Aero with all the options.


Top
 Profile  
 
PostPosted: Tue Mar 13, 2018 8:07 pm 
Offline
UKS Encyclopædia G-M
User avatar

Joined: Sun Aug 15, 2004 9:39 am
Posts: 39494
Location: SW Herts
Car Model: 9-5 Aero est. 9-3 Carlsson
If they asked you for card details and you didn't give them, they won't have your card details.

_________________
.
.
.
.
Everything will be OK in the end. If it's not OK, it's not the end...


Top
 Profile  
 
PostPosted: Tue Mar 13, 2018 8:19 pm 
Offline
Talking Turkey
User avatar

Joined: Mon Apr 02, 2007 11:52 am
Posts: 23184
Location: not in a SAAB.
Car Model: One of the first RHD 9-5s
sgould wrote:
If they asked you for card details and you didn't give them, they won't have your card details.


Unless they are stored in a plain text file on the desktop and they have copied it while they had remote access. Its not exactly unknown, ive seen it plenty of times when working on other peoples machines.

_________________
52 9-5 2.0LPT Vector Sport B235R/GT17562
05 9-5 Aero with all the options.


Top
 Profile  
 
PostPosted: Tue Mar 13, 2018 9:25 pm 
Offline
UKS Addict
User avatar

Joined: Wed Jul 08, 2015 6:45 pm
Posts: 4071
Car Model: 9³ Aero 250bhp Maptun, Eibach
So do you need that access code to gain remote access?
Can anyone get remote access on your computer?
If so how.
I understand that you are worried Cabbie.

_________________
Trivago Girl is hot.


Top
 Profile  
 
PostPosted: Tue Mar 13, 2018 9:46 pm 
Offline
UKS Addict

Joined: Sun Jan 26, 2014 9:41 am
Posts: 2549
Location: Royal Tunbridge Wells
Car Model: '03 9-5 2.3 Vector Auto Estate
Its quite common. I just shut down the programme and then restart it, sometime have to shut down the computer to get rid of it. I occasionally run Malwarebytes, its free and pretty good and got me out of trouble when I did get a bug long ago (nothing to do with this scam). I have Kaspersky loaded as anti virus etc so little gets through and it does not pick up this thing so it is really just a scam to get the unsuspecting worried and calling in to pay and let them have access. That is probably when the problems start...

_________________
Alan

'03 Saab 9-5 Vector 2.3t Auto Noob Stg 1
'01 Saab 9-3 2.0t SE Convertible
'81 Triumph TR7 DHC


Top
 Profile  
 
PostPosted: Tue Mar 13, 2018 10:42 pm 
Offline
Saab Nut

Joined: Fri Jun 10, 2005 5:53 pm
Posts: 1978
Location: N W London
Car Model: 9 3 Aero Combi 2.0T 2009
Ah, Kapersky, the tool of choice of the FSB and various Russian hackers!

_________________
Nearly there


Top
 Profile  
 
PostPosted: Wed Mar 14, 2018 6:22 am 
Offline
UKS Addict
User avatar

Joined: Wed Apr 16, 2014 12:26 pm
Posts: 3408
Location: South Oxfordshire
Car Model: 9-3ss Aero 2.0T; OG9-3 vert
I have been using Bullguard antivirus for a little while. I had stuck with free products like avg but this has been good.

You need to ensure the integrity of the system. Run a good, paid for probably, antivirus program. Then run something like Malwarebytes and ensure that the antivirus software and firewall are then reinstalled and running all the time.

That should be fine. If you are in any doubt there is always the drastic step of backing up your files and reinstalling windows as a clean install. Then install the antivirus and then when you copy back your files they will be checked. That is probably a step too far but it would make really sure!

They gained access by getting you to install some remote desktop software and then getting you to input a code to it that granted access. While that program is still on the machine it is compromised, without even considering the key loggers etc that they may then have installed.

For the future, Microsoft don't ever call you or ask you to call them with on screen messages. They simply don't care enough about you to do that! If anything comes via email or on screen that looks like a company but is unusual; the best thing to do (if you really feel the need to check it with them) is to access their website from another device and call them or email them full details. The answer will be forthcoming and normally will tell you it is a scam.

_________________
9-3ss SOC Registrar @BHOSaab

2003(53) 9-3 Aero 2.0T
2002(51) 9-3 Vert auto 2.3 Stg5
2013(63) VW T5


Top
 Profile  
 
PostPosted: Wed Mar 14, 2018 7:23 am 
Offline
UKS Addict
User avatar

Joined: Wed Jan 14, 2009 5:19 pm
Posts: 3450
Location: Three leagues from Stonehenge
Car Model: E2 & The Old Tart
The most obvious sign of the scam is finding someone at Microsoft being helpful.

_________________
The Only Way is Erik's.


Top
 Profile  
 
PostPosted: Wed Mar 14, 2018 10:29 am 
Offline
UKS Addict

Joined: Wed Apr 11, 2012 11:33 am
Posts: 3576
Location: Colerne North Wiltshire
Car Model: GSXR1000 K2 Aero vert gone
Thank you all for your responses. Thanks especially to 9000Parts and TwyRob for their helpful advice. I am incapable of the things they have suggested. Unfortunately my son in law who I usually turn to in these matters is away at the moment working and busy. Hopefully I can contact a friend who may be able to help otherwise I shall have to take it to a computer shop. Thanks again.

_________________
Four wheels good two wheels better


Top
 Profile  
 
PostPosted: Wed Mar 14, 2018 11:03 am 
Offline
UKS Addict
User avatar

Joined: Wed Jan 18, 2012 5:24 pm
Posts: 6355
Location: Wigan, Lancashire
Car Model: 9000 Anni, 9-5s by the score
old cabbie 1945 wrote:
Thank you all for your responses. Thanks especially to 9000tarts and TwyRob for their helpful advice. I am incapable of the things they have suggested. Unfortunately my son in law who I usually turn to in these matters is away at the moment working and busy. Hopefully I can contact a friend who may be able to help otherwise I shall have to take it to a computer shop. Thanks again.

If you can hold out on browsing and email till the son-in-law appears then you don't need to connect to the internet. It's being connected where the risk is. This could save you spending time and money down the computer shop.

I wouldn't worry about falling for this. I have had phone calls out of the blue that have started to tell me how vulnerable I am. I've let them go on and maybe fibbed a little as my machines at the time weren't Microsoft. Ask them where "Control Panel" is and tell them that you have Ubuntu Linux doesn't half upset them.

_________________
Underskatt aldrig en gammal man med en gammal SAAB


Top
 Profile  
 
PostPosted: Wed Mar 14, 2018 11:18 am 
Offline
UKS Addict

Joined: Fri Jun 03, 2005 10:48 am
Posts: 5213
Car Model: 95 Aero Turbo4
I usually get alerts on my phone from Google telling me my LG G4 is infected and telling me not to shut down the phone etc etc.

When the Google font is the old font then you smell a rat. Phone gets restarted, AVG is installed and run and all is declared clean...


Top
 Profile  
 
PostPosted: Wed Mar 14, 2018 12:24 pm 
Offline
Active user

Joined: Sat Apr 08, 2006 12:41 pm
Posts: 194
Location: Frome, Somerset
Car Model: '91 T16S 'vert & 9-5 Aero
The advice I always give my elderly relations (virtually all of whom have been targetted by similar scams) is NOT to approach it with the view that they aren't good with computers (that's what the scammers are hoping for). Instead, think about how would they react if the same thing happened regarding something they WERE good at.

"I am not good with cars. This afternoon while driving along the road a man with a large red sign stepped off the kerb and flagged me down. He told me in a loud insistent voice not to turn off my car. He said I had been tricked by a previous garage and if I turned off my car it would probably explode. He gave what purported to be a Saab phone number 0800-046-5257 which I should ring within 5 minutes and a system error code ox44578. I then spent many minutes on the phone poking different things on my car at the behest of the "helpful" operator at the other end of the phone."

See what I mean? I suspect that 99% of the users of this forum would give responses to the above ranging from a few choice words, to driving over the man's foot (or possible driving at him with WOT :) ) I don't imagine that many of us would ring the 'Saab' phone number or start randomly poking at things under the bonnet.


Top
 Profile  
 
PostPosted: Wed Mar 14, 2018 12:47 pm 
Offline
UKS Addict
User avatar

Joined: Wed Jan 18, 2012 5:24 pm
Posts: 6355
Location: Wigan, Lancashire
Car Model: 9000 Anni, 9-5s by the score
beinghuman wrote:
The advice I always give my elderly relations (virtually all of whom have been targetted by similar scams) is NOT to approach it with the view that they aren't good with computers (that's what the scammers are hoping for). Instead, think about how would they react if the same thing happened regarding something they WERE good at.

"I am not good with cars. This afternoon while driving along the road a man with a large red sign stepped off the kerb and flagged me down. He told me in a loud insistent voice not to turn off my car. He said I had been tricked by a previous garage and if I turned off my car it would probably explode. He gave what purported to be a Saab phone number 0800-046-5257 which I should ring within 5 minutes and a system error code ox44578. I then spent many minutes on the phone poking different things on my car at the behest of the "helpful" operator at the other end of the phone."

See what I mean? I suspect that 99% of the users of this forum would give responses to the above ranging from a few choice words, to driving over the man's foot (or possible driving at him with WOT :) ) I don't imagine that many of us would ring the 'Saab' phone number or start randomly poking at things under the bonnet.

That's actually quite a good analogy to use when explaining this. I will use it.

_________________
Underskatt aldrig en gammal man med en gammal SAAB


Top
 Profile  
 
PostPosted: Wed Mar 14, 2018 1:00 pm 
Offline
Light Pressure Turbo
User avatar

Joined: Mon Feb 27, 2012 7:28 am
Posts: 474
Location: Kenilworth, Warks.
Car Model: 2009 9-5 1.9TiD TE Auto Est.
Probably lucky it was a 0800 number. Some of these call back scams use very high call rates & make their money that way.

_________________
2009 9-5 1.9TiD Turbo Edition (+ Teapot remap)
1962 Ashley 750
2010 Suzuki Swift


Top
 Profile  
 
PostPosted: Wed Mar 14, 2018 1:03 pm 
Offline
UKS Addict
User avatar

Joined: Wed Jan 14, 2009 5:19 pm
Posts: 3450
Location: Three leagues from Stonehenge
Car Model: E2 & The Old Tart
A quick search provides this info...

https://www.2-spyware.com/remove-chrome ... -scam.html

There's that phone number...

_________________
The Only Way is Erik's.


Top
 Profile  
 
PostPosted: Thu Mar 15, 2018 10:05 am 
Online
UKS Veteran
User avatar

Joined: Wed Sep 13, 2006 12:44 pm
Posts: 12326
Location: Bristol
Car Model: '99 9-3 ex-LPT '55 Diesel SW
I hope your thread title is playfully self effacing, and not a true reflection of how you feel about the incident.

This sort of thing can happen to anyone, and whilst I would understand a victim of this crime feeling culpable, I would also remind them that they are a victim of an attempted crime (one that in the end, and with the correct action moving forward, they successfully protected themselves from). So, a small spot of self congratulation and a resolve to learn further from it, is the more appropriate response in my view.

I disagree with the car analogy given above, because the knowledge of the subject matter is key, and lack of it is a valid element of the process. To dismiss awkwardness, inexperience, and uneasiness as factors, is to sell the person feeling those, short.

More similar, would be the stereotypical young lady who goes in for a tyre, and comes out with 4 tyres and an "essential" full brake overhaul (but then when taking the car to the mechanic 6 months later for an MOT finds out that the brakes haven't been touched in years). How are you supposed to be aware and defend yourself, when you are unfamiliar with the mechanics of what you are dealing with?

That said, computers are no more a mysterious entity than a vehicle. If you can learn how to change a wheel you can learn how to install Malwarebytes. If you know how to lock your car when you get out of it instead of leaving the door open, you can learn how to run a virus scan. In fact if you are going to use a computer, you have just as much a responsibility to yourself to learn how to do those things, as you do to learn how to change a tyre as a car driver.

The key point to recognise, is that, as in reality, not everyone is who they purport to be. You need to train yourself to recognise the proverbial man down the pub trying to sell you a 10 yr old knock off ling-long for three times market value, vs. Blackcircles selling you a brand new Michelin.

Experience, research, and a healthy dose of cycncism is all that is required.

Have you followed Cittone's link and found the link to malwarebyte's software, and run it? If not, you should not be connecting that PC to the internet.

_________________
UKSaabs Fantasy Formula 1 Freak
Federation of Master Bodgers Accredited
T5 Tuner


Top
 Profile  
 
PostPosted: Thu Mar 15, 2018 10:17 am 
Online
UKS Veteran
User avatar

Joined: Wed Sep 13, 2006 12:44 pm
Posts: 12326
Location: Bristol
Car Model: '99 9-3 ex-LPT '55 Diesel SW
old cabbie 1945 wrote:
I am incapable of the things they have suggested.


No you are not. You may not feel comfortable doing them, you may not have the instructions to hand that you could follow but those are different matters. You are not incapable.

First of all click this link

https://www.malwarebytes.com/

Then click "free download"

Follow the instructions to install it, and tell it to scan your computer.

Once that is done you will be a lot safer than you were.

What antivirus software are you using?

_________________
UKSaabs Fantasy Formula 1 Freak
Federation of Master Bodgers Accredited
T5 Tuner


Top
 Profile  
 
PostPosted: Thu Mar 15, 2018 1:12 pm 
Offline
UKS Addict
User avatar

Joined: Wed Jan 14, 2009 5:19 pm
Posts: 3450
Location: Three leagues from Stonehenge
Car Model: E2 & The Old Tart
+1 on Malwarebytes.

Always worth running it if you have the slightest suspicion that you have clicked on something dubious!

_________________
The Only Way is Erik's.


Top
 Profile  
 
PostPosted: Thu Mar 15, 2018 1:22 pm 
Offline
Active user
User avatar

Joined: Mon May 30, 2011 3:08 pm
Posts: 193
Location: Leicester
Car Model: 9-3 1.8T Bio Anniv Convert 07
+1 on Malware bytes.

My advice shadows that of others here. Disconnect yours from the internet (Unplug the ethernet cable, turn off the wireless or just unplug the broadband router from the wall). When you are ready, download the Malwarebytes software and run it on your machine. Even better, download it using a different machine and then load the Malwarebytes on to your machine and let it do it's thing.

Change passwords to all accounts using a different machine.

Best of luck.

_________________
I should have thought harder about my screen name


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 22 posts ]  Go to page 1, 2  Next

All times are UTC


Who is online

Users browsing this forum: Hooli, Jules_ht, Paul Taylor, peva, ptanser, Stig, wrighar and 11 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group

follow UKSaabs on Twitter



UKSaabs silhouette logo images by Mark Green www.greenphotos.com
"subsilver2" slightly bodged by UKSaabs for our own use.

:: Disclaimer ::
Comments posted here are the views of their individual authors and are not necessarily shared by the owners of this Web site.
Authors assume all responsibility for comments posted here.

UKSaabs The biggest and best privately owned UK based independent Saab forum for all SAAB enthusiasts.
Whilst we encourage our users to support our advertisers the site wishes to remain independent and therefore does not endorse any particular advertiser(s)
UKSaabs is not affiliated with Saab Cars UK or Saab Automobile AB