Scammed, Can my database be stolen?

[kit39]

Hello all,
Am new here, so thank you in advance for any help you might have.

Called a company called Live-Technician (scam) to try and fix a hacked email account. They directed me to a fake website that gave them a good rating with zero complaints.

Said my computer had spyware, and to fix it I needed to download so they could 'see' my computer. I thought they were legit, but feel incredible stupid now.

After a few minutes, I could a bad feeling and when he said he'd transfer me to a technician, I said I had to leave for an appointment.

So didn't pay them anything, but am now wondering if they could have copied my database.

Am using a MacBook Pro 10.6.8

I have an appointment at the Mac gen. bar tomorrow evening. Spoke to Apple support and that was her suggestion.

Is there anyway I can tell if they've installed malware or copied my files?

Thank you to anyone who can help me!

Kit

[louishen]

Did they get you to install anything in order for them to do their "technical support"

This is a well known scam, often done from call centres in India

Did you also give them your credit card details?

[kit39]

Did they get you to install anything in order for them to do their "technical support"

This is a well known scam, often done from call centres in India

Did you also give them your credit card details?

Yes, they had me go to a website and do an install. That's was open for two to three minutes. That's when he could 'see my screen'.

No, I didn't give them any credit card details.

Was wondering if there would be a way to 'find' anything in applications or elsewhere that would let me know if they copied anything.

The 'guy' from India called me back a few minutes ago, and I told him my husband told me to take it to the Apple repair store. He argued that they couldn't fix the problem, I 'thanked him' ...Made me sick to do it, but I don't know what he's done, and didn't want to make him angry. Sickening.

They WANT the credit card info, but I'm still worried about the time they were on my computer.

[CPulsar]

If they did hack you the good news is they don't have your CC info because they asked you for it. If I were you though, I would format my hard drive (or have it done) and reinstall. Just in case they installed some kind of program that gathers information.

[XJ-linux]

Were it me, I'd do a fresh install of your operating system. I wouldn't feel right, even if I "fixed" it with someone's helpful online advice. If you have 10.6.8, then you most likely have a DVD with the operating system. I would use that to do a fresh install, and then install your applications, etc...

An alternative would be to run a virus check program like ClamXav. I still don't know if I would bet my finances on it detecting some one-off spyware variant. Your mileage may vary.

Best of luck!

[kit39]

Thank you for your ideas. Am going to let the Apple store do what they suggest tomorrow. If my 15 minutes at the Genius Bar isn't enough, I'll pay...Gladly.

Was wondering this. I went to Applications and am looking at 'today' where everything is timestamped, and
'Database' is on there next to Mailing Lists and Summary.plist

Is that relevant? I really don't look at this kind of info ever, so am wondering if that's significant?

Could they have copied that data, or is that possible? Read somewhere about this kind of thing and said they have to be on the same server to do so. Could they have accessed that?

Have also read it's the credit card data they really want. If you Google Live-Techician there's plenty out there, but mostly they charge a ton of money and in some cases draft the credit card for more money.

Just wondering about those items that are timestamped today. Any thoughts?

Thank you for your help.

The woman I spoke to on the Apple phone helpline said the Mac security is difficult to hack...Maybe she was just trying to be nice.

[chscag]

The woman I spoke to on the Apple phone helpline said the Mac security is difficult to hack...Maybe she was just trying to be nice.

She was right. Programs will not normally install on your Mac without you giving your admin password. Do you remember if you entered your admin password anytime you were on line with the scammers?

Also, the advice to use your Snow Leopard disk to do a fresh install is good advice. Make sure though that you backup your documents, data, and other things like music, photos, etc. before doing so.

[kit39]

She was right. Programs will not normally install on your Mac without you giving your admin password. Do you remember if you entered your admin password anytime you were on line with the scammers?

Also, the advice to use your Snow Leopard disk to do a fresh install is good advice. Make sure though that you backup your documents, data, and other things like music, photos, etc. before doing so.

No, I didn't give them any passwords.

Is a PC any less secure than a Mac? At one point he said, 'you're on a Mac?'

Am writing down the suggestions here and will take them to the Genius Bar.

Read one article about this, and a magazine purposely used this site for research. They went out of there way to be crazy rude, and the company installed malware.

That's the only instance I've read of where they install malware, (that's why I tried to be nice to the guy when he called back).

Am thinking they want the credit card info. Tried to say before but I didn't phrase it right, but people have been charged huge amount on their CC and then later charged again.

I've been busy changing passwords, and called my bank and froze the online option.

Am really sick over this, and can't believe I did something so stupid. The fake website that they send you to that says they're reputable threw me off balance.

But I'm still concerned over the timestamped data I'm seeing on 'today' . Why would 'database' show up?

Thank you for the thoughts.

[chscag]

There's no doubt they were after your bank and credit card info. You keep mentioning database, what database are you referring to? Are you running a database program on your Mac?

Is a PC any less secure than a Mac? At one point he said, 'you're on a Mac?'

Yes, a PC running Windows is generally much less secure although they have gotten better recently.

[TattooedMac]

Sorry to hear this, but if you can if you have the Mac on DONT go online just to be safe until you take it to the Genius Bar.

I laugh at these blokes and play along, because this scam can only happen on a PC, and they always presume your running Windows. I have written down a fake CC number expiry date, Social Security Number (Tax file # here in Aust), and Medicare card our national Health card as well as a drivers license and i take them through the whole kit and kaboodle and at the end where they say "I cant see your Screen, lets run through it again" i call them out and they hang up real quick. I tell them im a security expert, and i have tracked your Phone # and the call ends lol
Makes my day it does

[CPulsar]

Sorry to hear this, but if you can if you have the Mac on DONT go online just to be safe until you take it to the Genius Bar.

I laugh at these blokes and play along, because this scam can only happen on a PC, and they always presume your running Windows. I have written down a fake CC number expiry date, Social Security Number (Tax file # here in Aust), and Medicare card our national Health card as well as a drivers license and i take them through the whole kit and kaboodle and at the end where they say "I cant see your Screen, lets run through it again" i call them out and they hang up real quick. I tell them im a security expert, and i have tracked your Phone # and the call ends lol
Makes my day it does

I like your style.

[kit39]

There's no doubt they were after your bank and credit card info. You keep mentioning database, what database are you referring to? Are you running a database program on your Mac?



Yes, a PC running Windows is generally much less secure although they have gotten better recently.

Here's a screen shot of what I meant about database showing up under 'today'

[chscag]

Your database image never uploaded to the forum. Click on the bottom red button that says "Manage Attachments" to upload an image.

[kit39]

[/IMG]

[chscag]

Nope, still no image. But that's alright because I don't think they were able to actually do anything to harm your machine. However, play it safe and reinstall Snow Leopard. But before you do, backup your data as I suggested above in another reply.