You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

Teamviewer scam

Today my Dad and I fell for the infamous "Teamviewer scam." We were trying to fix our NETGEAR wireless extender, and instead of mywifiext.net, Dad tripped across mywifiextnet.com. Both of us let our computers get accessed for probably a half hour or so (his is a Windows, and mine is a Mac running Mavericks), and I just want to make sure I'm taking all steps necessary to get rid of anything that might have put on my computer.


I changed all financial-related passwords (Paypal, bank account, Amazon account, iTunes, etc.) and decided to just go whole-hog and do a 7-pass Erase on my whole system (I will also be calling my bank in the morning for a new debit card and to set up fraud alert, since my info has been accessed before, and I'll probably call to have a new credit card issued as well). I backed up a few personal files to Google Drive, but I was wondering if there was any way those files might be compromised or corrupted? I don't want to download them and have them put something into my computer.


Since my laptop is currently undergoing the Erase process, I can't check, but he ran something in Terminal. Has anyone else had this happen before? I'm not sure what he brought up, but he tried selling me on the "people are accessing your network through you clicking ads while online shopping" or something (which was about when the warning bells finally started going off; unfortunately, Dad wasn't quite so receptive to the idea of it being a scam, so we downloaded Teamviewer onto his computer as well). I'm assuming if some sort of a program was run on my laptop, the 7-pass Erase will eliminate it?


Basically, I've never run headfirst into a scam like this before, and I'm absolutely terrified. My Dad insisted he didn't give the guy any credit card information, and I think he was on the phone with the same person the entire time, but I'm worried they may have downloaded files off of my computer. Is there anything more I can do?


Also, is there anything I can tell my Dad to convince him to take some of the same steps? I don't know what he uses his laptop for, but he thinks he'll be fine just running anti-virus/anti-malware software, and I know some of those can go undetected by programs. Please help if you can!

Posted on Jul 12, 2014 11:35 PM

Reply
Question marked as Top-ranking reply

Posted on Jul 13, 2014 4:27 AM

This definitely sounds like a scam to me. These kinds of scams are a dime a dozen. Often, the scammers are just interested in getting you to pay them for services that they have scared you into paying for. Typically, they'll tell you that you have malware or are being hacked, and they can "fix" it if you pay for a service plan.


There's no way of knowing, of course, whether the remote access you gave them might have been abused to install malware. It's a possibility, and the chances of that happening are hard to guess. So you've taken the right steps by erasing the hard drive, though note that the 7-pass erase is completely unnecessary. A simple erase would have done just as well.


More important is how you get back up and running. You cannot simply restore everything from your backups, as that may restore any hacks or malicious software as well. You should reinstall all apps from scratch, and should restore only documents (no settings files, system files, apps, etc) from your backups.


Let your dad know that there is no anti-virus software on the planet that can protect him against malicious software installed by someone with remote (or physical) access to his computer. If malicious software was installed, it may not actually be malware - it could be legit software being used for malicious purposes, or could even be changes made to the system's configuration to open a backdoor. These things cannot be detected by anti-virus software. It may very well not be necessary, but to be safe, he should do the same - erase his hard drive and reinstall everything from scratch.

31 replies

Teamviewer scam

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.