My mom called and gave them a code

[steventhehro]

Hey guys..so my mom just informed me that she got one of those spyware popups that tell you to call this number...and of course....she called. They asked for a code that was on the screen, it was a 5 digit code and she gave it to them.

She said at one point the lady on the phone wanted to remote into the computer but my mom said she just closed the window after that and the lady on the phone was like "oh..is it there when you reopen it?" and when it wasn't, she just gave up.

Anybody know what this means? Did she give them access to something or did my mom avoid the rest of the scam?

 

[Rogue Leader]

Hey guys..so my mom just informed me that she got one of those spyware popups that tell you to call this number...and of course....she called. They asked for a code that was on the screen, it was a 5 digit code and she gave it to them.

Anybody know what this means? Did she give them access to something?

Yes! Unfortunately that code allows them to authenticate remote access to her PC. Unplug it from the network right now. Then you will need to do some cleaning, hopefully you don't need to reinstall windows, but that may be your best bet.

 

[steventhehro]

Hey guys..so my mom just informed me that she got one of those spyware popups that tell you to call this number...and of course....she called. They asked for a code that was on the screen, it was a 5 digit code and she gave it to them.

Anybody know what this means? Did she give them access to something?

Yes! Unfortunately that code allows them to authenticate remote access to her PC. Unplug it from the network right now. Then you will need to do some cleaning, hopefully you don't need to reinstall windows, but that may be your best bet.

just added more details I got from her:

She said at one point the lady on the phone wanted to remote into the computer but my mom said she just closed the window after that and the lady on the phone was like "oh..is it there when you reopen it?" and when it wasn't, she just gave up.

 

[Rogue Leader]

I would still isolate the system and run through every cleaner you can. Malwarebytes antimalware, ADWcleaner, etc.

 

[USAFRet]

a 5 digit code and she gave it to them.

Unplug it from the internet. NOW.
After that, we can triage.

(personally,a full wipe and reinstall is what I would do)

 

[mdd1963]

Quite possibly the only 'code' she gave was the fake error code on the fake blue screen that advertised their bogus scam number to begin with.

As long as she did not give actually download Teamviewr, Ammyy, etc., and grant them actual remote access, she is fine....

(Most such cold-call scams wish to 'fix' issues they 'find' for $395, not to get at your info..)

 

[USAFRet]

Quite possibly the only 'code' she gave was the fake error code on the fake blue screen that advertised their bogus scam number to begin with.

As long as she did not give actually download Teamviewr, Ammyy, etc., and grant them actual remote access, she is fine....

(Most such cold-call scams wish to 'fix' issues they 'find' for $395, not to get at your info..)

They wish to do both.
Steal your info, and get you to pay for the service.

I wouldn't bet my personal info on "quite possibly".

 

[mdd1963]

Have you actually seen any of the fake blue screen /'call our MS certified MS Help Techs" immediately scams on Youtube? They all have an 'error code' of some type on them, and part of the scammer's script is to pretend to give two buckets of urine over 'what were you doing at the time', 'read the error code to me', etc...

If you think there's a single 5 digit number from their own fake popup webpage that might be dangerous, all of course are free to recommend a nuke and pave every time it occurs. (Some folks out of embarrassment will deny giving remote access, when they actually did; a friend of my mother was Syskey'd a few weeks back, and gave her version of the story of getting a phone call, and, during the call, the man 'somehow got into my computer!' Riiiiiight...)

*Edit: not to imply either scenario applies here, of course..)