Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: HeatingNAir one!
HeatingNAir one! Author
User level: Level 1
0 points

Buddy inc. Remotely entered iMac.

This is a sore subject! Buddy inc. had prompted my wife to let them service our iMac (running OS X, 10.10.1) remotely for Apple. Than asked for a credit card to pay for the services because our Mac was out of warranty. They told her that the card was declined and asked for a nether one, than she called me to ask how to pay for it. I could not believe what she was asking, so I told her I would look into this when I got home. We shut off the wifi and could not find anything, but don't know what to all look for. Where do we start and what do we look for?

Thank you for any help!

iMac, OS X Yosemite (10.10.1)

Posted on Mar 29, 2015 12:05 PM

Reply
10 replies
User profile for user: ChitlinsCC
ChitlinsCC
User level: Level 7
20,924 points

Mar 29, 2015 12:27 PM in response to HeatingNAir one!

I think our great friend Kappy is likely right - this type of scam is not about planting malware on your computer, but just old fashioned fraud - get you to pay them a fee fror nothing and possibly ruin you by running up other charges on your credit card or selling your valid CC# on the BlackWeb.


A good place to educate yourself on the subject of Mac Safety is ... wait for it... http://TheSafeMac.com !!! Our friend thomas_r has a lot of advice and tools.


ÇÇÇ

Reply
User profile for user: thomas_r.
thomas_r.
User level: Level 7
31,989 points

Mar 29, 2015 2:38 PM in response to HeatingNAir one!

HeatingNAir one! wrote:


Just to be clear, they did access the computer and were in moving things around.


What I'm unclear on is this: did she initiate the call, and if so, was she intending to call this "Buddy, Inc" company? Or did they cold-call her with some scary story about a virus or some other nonsense, or did she call a number that she thought was for Apple's own tech support?


If the former, this may not be a problem. It's unlikely that a legit business that was called to help with a problem would do anything malicious. Possible, certainly... but unlikely. If word got out of such behavior, their business would be ruined.


On the other hand, in the latter case, she was scammed. In this case, the remote access means that the computer should be considered compromised. It is no longer safe to use, and any data on it may have been accessed. You'll need to erase the hard drive and reinstall everything from scratch, and after you've got a clean system, change any passwords for any online accounts accessed from that computer.


For more info on how to do a "clean reinstall," see:


How to reinstall Mac OS X from scratch


(Fair disclosure: I may receive compensation from links to my sites, TheSafeMac.com and AdwareMedic.com.)

Reply

Buddy inc. Remotely entered iMac.

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up