koobface scam

  • 16 September 2015
  • 9 replies
  • 119 views

Userlevel 1
My wife came across a scam that said her computer was infected with the koobface virus. They called themselves Toler Tech LLC and said they were affilliated with Microsoft. They offerd to fix it for her and took over her computer. They were in the middle of doing their thing when I disconnected the modem to stop it. My first question is should I be worried that my computer and personal information is not safe after this? My second question is will Webroot detect koobface or any threats of hacking due to this breach?

9 replies

Userlevel 7
Hello CarrieBell!  Welcome to the Webroot Community!
 
THIS IS A SCAM!!  Neither Microsoft nor any other company sends emails, pop ups, or phone calls of any kind advising that you may have a problem.
 
If you clicked anything links, allowed them to remote into your computer, or went to any web sites please submit a Trouble Ticket ASAP.  (Now would be a good idea....)
 
If you would like more information, read on (After submitting that Trouble Ticket.....)
 
NEWS ARTICLE: Tech Support Scams are on the rise.
 
 
Microsoft never issues this type of warning or email or anything of a sort!  Please see the following link for Microsofts official word on this:
http://www.microsoft.com/security/online-privacy/avoid-phone-scams.aspx
 
"Neither Microsoft nor our partners make unsolicited phone calls (also known as cold calls) to charge you for computer security or software fixes.
 
Cybercriminals often use publicly available phone directories so they might know your name and other personal information when they call you. They might even guess what operating system you're using.
 
Once they've gained your trust, they might ask for your user name and password or ask you to go to a website to install software that will let them access your computer to fix it. Once you do this, your computer and your personal information is vulnerable."
 
Also see Avoid scams that use the Microsoft name fraudulently
http://www.microsoft.com/security/online-privacy/msname.aspx 
 
 
For more information here iwhat the United States Federal Trade Commission has to say on the subject::
http://www.consumer.ftc.gov/articles/0346-tech-support-scams
 
"In a recent twist, scam artists are using the phone to try to break into your computer. They call, claiming to be computer techs associated with well-known companies like Microsoft. They say that they’ve detected viruses or other malware on your computer to trick you into giving them remote access or paying for software you don’t need.
 
These scammers take advantage of your reasonable concerns about viruses and other threats. They know that computer users have heard time and again that it’s important to install security software. But the purpose behind their elaborate scheme isn’t to protect your computer; it’s to make money."
 
This scam is common and has been around for quite a while.  Here is a good Webroot Blog article from April 2013 by Threat Researcher Roy Tobin.
http://www.webroot.com/blog/2013/04/30/fake-microsoft-security-scam/
 
Also add a good free Ad Blocker like the ones suggested below:
 
For Internet Explorer Ad Block Plus: https://adblockplus.org/
 
For Firefox uBlock: https://addons.mozilla.org/en-US/firefox/addon/ublock-origin/?src=ss or Privacy Badger:https://addons.mozilla.org/en-us/firefox/addon/privacy-badger-firefox/

 
Google Chrome uBlock: https://chrome.google.com/webstore/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en or Privacy Badger: https://chrome.google.com/webstore/detail/privacy-badger/pkehgijcmpdhfbdbbnkijodmdjhbjlgp
 
Thanks,
Userlevel 7
Badge +3
Thought the name rang a bell. Another reference: https://community.webroot.com/t5/Webroot-SecureAnywhere-Antivirus/I-have-been-told-I-have-a-FOUR-Trojen-horses-on-my-computer-by/td-p/149761
Userlevel 7
? Yes, we have seen this type before.  I used to see it a lot when I was working for Geek Squad in the AV Subscriptions escalations area.  They need use Support to make sure that anything and everything that "Microsoft Support" person did is repaired and removed.
Userlevel 1
Thank you all. I submitted a ticket. They did have brief control of the computer so I am concerned. I hope I caught it in time.
Userlevel 7
If you didn't catch it in time, Support should be able to get rid of anything that was put on it.  Please be patient with Support, response times vary depending on how busy they are.  
 
Do NOT add to the ticket or make another one.  The Ticket System will think that you have a new issue and end up putting your ticket back to the end of the line.
Userlevel 1
Thats good to hear. Thank you for your help.
Userlevel 7
Badge +35
@ wrote:
My wife came across a scam that said her computer was infected with the koobface virus. They called themselves Toler Tech LLC and said they were affilliated with Microsoft. They offerd to fix it for her and took over her computer. They were in the middle of doing their thing when I disconnected the modem to stop it. My first question is should I be worried that my computer and personal information is not safe after this? My second question is will Webroot detect koobface or any threats of hacking due to this breach?
With third-party tech support scams like this they are usually just out to get you to pay for their overpriced services, and will not steal your personal information or install any malware on your computer. 
 
It is interesting that they're claiming people are infected with koobface as part of their scan since koobface is rather old. You would think they would use something current. 
 
-Dan
I called Amazon because my wife could not download a book.  I was transferred to Kindle who then connected me to a "tech support" guy who took over my machine and told me I had the koobface worm and it had infected my whole computer a pc using Windows 10.  I almost fell for it until he said he could not even fix my problem but would connect me with a company who would fix it for $250 to $300.  When I told him I wanted to call him back he got pissed off.  I called Amazon who said someone would email me, no one has and Amazon did not seem to care that they had two scammers working for them.  Don't think just because a big name like Amazon or Microsolft is involved that it can't be a scam.  I called Kindle back again and some girl fixed my issue in litterally one minute.  I felt really stupid letting this a=hole take over my computer.  Never again.
Userlevel 7
Badge +62
Hello rickhertzon,
 
Welcome to the Webroot Community,
 
Thankyo u for your story as this will help others as well. This sort of scam and many others get past the best of us. So at least you were aware of this scam.
 
 
Thanks again ?!
 
 
 

Reply