Need suggestion after friend being hacked

umich78

Prominent
Sep 5, 2017
2
0
510
So, my friend fell for the scheme of calling the toll free number and giving them access to her laptop. They only had access for maybe 3 minutes before I was able to tell her to turn her computer off. She has canceled her credit card stuff so she's safe there. She said they did have access to her laptop and were controlling it for again, for around 3 minutes.. The question I need now is should I be safe and reformat her laptop completely or would doing a windows recovery be easier?
 

captaincharisma

Distinguished


format the drive to eliminate any chances they still have a backdoor into it

 

mdd1963

Distinguished
If she was watching what they were doing while they were remoted in, they typically want to root around in the EventViewer to convince the user of the many critical errors, then the tree command, etc., to convince someone of myriad of issues to convince them a $300+ 'cleansing' is required on their secure server. These are not professional Ukrainian hackers installing backdoors. The Indian tech scammers want your card number entered on their website to charge you for useless maintenance.

I'm not sure I'd always resort to nuke and pave given the typical stupid Indian scammer reading from a script and being quickly disconnected mid-script during an EventViewer speech, but, if you are comfortable with quick format/full reinstall, have fun.

The hard part is believing people actually *call* these numbers, and actually voluntarily give the people access to their computers....even after all the youtube videos, etc...
 

HamBown81

Prominent
Aug 3, 2017
30
0
610

They will often install a backdoor or a keylogger or something too. Not worth the risk IMO.

Back-up whatever data you need to and clean the drive.
 

USAFRet

Illustrious
Moderator


Full wipe and reinstall.
"access for maybe 3 minutes" = You have no idea of what keylogger they dropped in there.

Some would say that they were only trying to get her to pay for some bogus repair.
Me? I would not take the chance.

Nuke it.
If a family member came to me with that tale...instant nuke.

And from a whole different system, change ALL passwords.
 

umich78

Prominent
Sep 5, 2017
2
0
510
I didn't believe it when she called me either, but it happened none the less. I figured I'd need to nuke to it, thanks for the info.
 

JoshRoss

Estimable
Jul 11, 2017
228
0
5,260
Will confirm, anything you do is going to be questionable at best and nuking will assure that there are no issues left. If they didn't install or launch anything, you are good then.