Thursday, March 16, 2017

I Was Cyber Attacked and Lived to Tell About It

I hesitated to tell this story because I still feel incredibly stupid that I allowed it to happen. I know, I know … but still. I thought I was smarter than that. It was a few weeks ago. I finally decided to share because maybe somebody will read this and avoid the mistakes I made.

It all started as I took a few minutes away from writing and scrolled quickly through my Facebook News Feed, pausing at what looked like an interesting link. MISTAKE #1: I didn’t check to see if a friend had “liked” the page. It was three images of three fingers on a hand. There was a diagonal line across the fingers in each image, each lined up somewhat differently, and there was a comment something like “Learning this saved my life!”

Clicking on it resulted in very nasty stuff happening. First a siren blasting through my speakers, then dire warnings flashing on my monitor advising me to call “Microsoft Support” IMMEDIATELY with a phone number. I called. That was MISTAKE #2.

Male voice with heavy accent telling me I probably had a Trojan or some other equally horrible infection and my computer was on the verge of disappearing before my very eyes. Mind you, I’m still buying that this is Microsoft Support I’m talking with. Eventually … MISTAKE #3 … I gave this clown permission to operate my computer remotely. NEVER EVER DO THAT.

He showed me all kinds of stuff about all the errors in my computer that the infection had been causing for MONTHS on end and offered to set me up with a sure-fire fool-proof one hundred percent guaranteed super-duper anti-virus/malware/spyware/kitchenware program that would mean I would never ever have to worry about my computer being infected again.

Then the money pitch came, and the guy on the other end of the phone admitted well, no, I wasn’t talking to Microsoft Support anymore, but some other outfit and for a measly $199 for a year they would take my computer and put a fortress around it. Or, if I’d pay $499, they would do it for five years.

The alarm bells finally started going off and I FINALLY started asking the right questions and eventually just pulled the plug. Literally. Had I ever been had. So I took a deep breath, rebooted the computer, immediately went into all my banking websites and changed all passwords, changed passwords on my email and anything else I thought might be sensitive, ran scans with everything I have installed on my PC (including Malwarebytes, which is running constantly). I also found the software he’d used to access control of my computer and uninstalled it.

Then I contacted my “computer guy” Bob. “You’ve probably have had calls like this before.”

“Every day,” he said cheerfully. “They just want money. You did all the right things. Just keep an eye out for anything weird, and if something shows up bring the computer down and I’ll take a few more steps to wipe it clean. Oh, and if somebody calls you and wants to do a remote fix, because now they have your phone number, just tell them you took your computer to your computer guy.”

Well, I was lucky. For about two weeks I was hit with a barrage of emails attempting to lure me into clicking again onto a link which might have caused a repeat of the experience I had, or maybe worse, but eventually those stopped because I kept throwing them into junk mail and requesting the sender be blocked.

Lesson learned. These days the first thing I do when I boot the computer is run a scan of Advanced System Care and then Windows Defender. So far, my computer is doing great. And I hear all you Mac users snickering out there. That’s okay. I LIKE my HP PC. 

And I have a great computer guy. If you need one, PM me and I’ll give you his contact information.