Hi everyone,
My parents succumbed to some form of scareware on their machine yesterday and called a phone number, gave out their password, and installed some software the man on the other end of the phone required. They did not give out any credit card or social security information, although their personal info is on their computer in various documents that could easily be snatched.
Fortunately, I have a record of all their accounts and changed all their passwords about 1-2 hours after this happened. I also had them unplug the computer. I'll know more when I travel to their house and run the NBRT. The next morning, they told their bank and cancelled (i.e., changed) their account and debit card. I am hoping only a keylogger was installed, but why not install everything one can at that point, right? We shall see.
The guilty phone number is 1-888-887-0546, and there's a few pages about this online. I am guessing the toll-free prefix must have sealed the deal with my parents. But why they would give out a password, I'll never know.
Is there a good resource for my parents on who and what to trust in regard to these types of attacks? I'm certain they likely need some form of identity theft protection next (manual or otherwise). And, do I have the name of this type of attack correct?
Thanks in advance!