Anybody hear of Geek Technical Support? They seemed to know what they're doing, but I have to question their business practices.
iMac (27-inch, Late 2012), OS X Mavericks (10.9.5)
Why do you ask? Did you get hit by the tech support scam? If you question someone's business practices, then don't do business with them.
If this is regarding a tech support scam, please describe everything that happened. You may need to start changing passwords, calling your bank, and calling the police.
Why do you ask? Did you get hit by the tech support scam? If you question someone's business practices, then don't do business with them.
If this is regarding a tech support scam, please describe everything that happened. You may need to start changing passwords, calling your bank, and calling the police.
I googled for help with my iCloud dialogue box. It had been popping up for the past few weeks asking me for my PW, but it wouldn't accept it. Then for the past 2 days, I had a frozen beach ball cursor. I finally called for Tech Support and called a number that said Apple Tech Support.
When I got on the phone with them, they had me log into LogMeInRescue--very familiar to me because we use it at work. They had me go to the Apple Home page and had me click on a blinking blue and white button that was labeled: Connect to Mac Support. So they seemed completely legitimate.
And there WAS something wrong with my computer.
They said I had a virus; showed me all the error messages that my computer had sent to Apple.
On the window, the bottom panel listed 4000 hacking attempts with 339 successes. The numbers were there, but they explained what the numbers meant. And they discovered that my Firewall had been turned off.
All of this seemed real; they said there is a virus that prevents users from accessing their iCloud accounts. And they spent about 45 minutes cleaning up my computer. It really does run better and the problem is gone.
However, they made it sound like they would not fix my problem unless I paid for either a 3-year plan for $299, or a 5-year plan for $599.00. I'm embarrassed to say that I paid the $599. But I was getting quesy.
Now I'm really worried.
You have been scammed, and now that you have allowed the criminals access to your Mac you must consider it compromised, and all personal info (bank accounts, other online accounts etc) similarly compromised.
Contact your credit card companies (especially the one you used to pay them with) and stop them all, file a dispute in order to recover your money) Change all passwords that could have been accessed by the criminals and watch your financial accounts very carefully
Then erase your Mac and reinstall from scratch everything except data files.
What do I do?
Exactly what I just posted (the post you replied to) start with the financial items, that is where the most risk is. Turn the Mac off and leave it that way, you do not know whether 'Geeks' are still inside it
MaryCarolG wrote:
What do I do?
Definitely follow Csound1's suggestions. You should be able to get your money back.
Erasing your Mac and reinstalling is a good idea, but not everyone can do that at the drop of a hat. I suggest you contact the real Apple support at http://www.apple.com/support/ (1-800-275-2273), tell them what happened, and schedule a Genius Bar appointment to have them check your Mac. If you don't already have a backup, you will probably have to purchase a backup drive. At least it will cost much less than $600 and is something you need anyway. If you are too far from an Apple Store, you could go to any Authorized Apple Service centre, like Best Buy, for example. Apple would be best, of course, but sometimes you have to take what you can get. And when in doubt, you can always ask us. Just tell us which "big box" computer stores are nearby and we can tell you the best one to go to.
Thanks to everyone! I was able to cancel the charge immediately. And my husband instantly turned off the wi-fi access. Then I called my other creditors and put warnings on the accounts. I closed two accounts and called my bank. All was in advance of any damage.
Then my husband contacted the real Apple Support who walked us through the real fix that I needed and removed the "Adgard" shield "favicon" that they had placed in the Safari browser bar.
It was a tense few hours, but we made it through. The next couple of days we'll continue to watch our accounts.So far, so good.
Thank you all for your quick replies. All were helpful and very much appreciated. 😊😁
The standard recommendation is to erase your hard drive and reinstall the operating system directly from Apple. Then restore only your user files. Technically, that is the correct approach, but it can be intense if you aren't comfortable with that sort of thing.
If you don't want to do that, the next best option is to have someone look at the machine in person to verify there is nothing out of place. In particular, they should check System Preferences > Sharing and make sure everything is turned off.
If you can't do that either, there is still one more step that would make me feel a little better. I wrote a little diagnostic program to help show what programs are running hidden in the background. Download EtreCheck from http://www.etresoft.com/etrecheck, run it, and paste the results here. EtreCheck is perfectly safe to run, does not ask for your password to install, and is signed with my Apple Developer ID.
Running EtreCheck is not going to guarantee a 100% clean machine. It is not as good as erasing your hard drive and reinstalling. it is not as good as having a competent technician look at your machine in person. But if there is some obvious back door still installed, it might show it.
Disclaimer: Although EtreCheck is free, there are other links on my site that could give me some form of compensation, financial or otherwise.
I fully agree with the advice you've already received. You need to erase your hard drive to ensure that these scammers don't still have some kind of remote access, or haven't installed some kind of keylogger or other spyware. Anti-virus software will not help, as a savvy scammer can do such things using tools and techniques designed to avoid detection by anti-virus software.
For detailed instructions on how to do this, see:
How to reinstall Mac OS X from scratch
As to the things they told you... tech support scammers are able to trick people by having them run "tests" whose results are completely normal, but which the scammers can point to and say, "Look, here's evidence of a hack." In reality, there never was any hack or virus, until you gave access to your computer to these scammers.
In the future, if you are looking for help with your Apple devices, go straight to Apple's Support page:
Do not use Google to search for Apple Support... you'll get a bunch of scam ads that Google doesn't do a good job of screening.
Thank you. My husband says he will run your program as soon as he finishes the taxes. Thanks for your help.
We are also willing to take my computer to the Apple store at the Woodfield Mall, near us. The Apple Support technician on the phone, Will (?), checked our computer and felt very confident that the machine was clean--and he cleaned out several applications (MacKeeper and others). He ran Adware Medic and reset Safari, threw away all our downloads and emptied the trash. He helped us reset our Apple ID. He said that he had worked with 9 other people yesterday who had run into the same scam, and the Apple assessment of this particular group--at this point--is that they are looking for money, not implanting viruses.
However, we will take your advice and bring the computer to the Apple store to have them check it.😀
🙂
I wouldn't be so sure that all the scammers wanted was money. You should read the following article on the topic, posted yesterday, especially the reports of how some scammers respond when they don't get what they want:
http://www.welivesecurity.com/2015/04/14/tech-support-scammers-teeth/
It's likely that there's nothing wrong and your machine is clean, but not even the Apple tech's confidence in that is a guarantee. Only a true security expert could give you such a guarantee, and only after a lot of work. I wouldn't even attempt it, as there's always room for error, and it's much less effort to just erase everything.
Of course, it is your choice, and you must do what you're comfortable with. If you are comfortable taking a small risk that something malicious may have been done in order to avoid the hassle of reinstalling everything, then you can leave the system as it is. If even a small risk of that makes you uncomfortable, though, you should erase the hard drive for peace of mind.
Thanks, Thomas.
I took a peek at the article, but don't have time to read it now. But Craig and I will definitely read it. And we definitely plan to get into the Apple Store to have them check the computer.
My husband has very little tolerance for risk😉, so he's definitely taking my computer in.
Question from Craig: We have a Time Machine. If we wipe the computer, can we reinstall from the Time Machine? (Although, during the last couple of weeks we were getting messages saying that it couldn't access the Cloud.)
MaryCarolG wrote:
We have a Time Machine. If we wipe the computer, can we reinstall from the Time Machine?
Yes, absolutely. Erase the hard drive and restore to a point in time before the scammer had access. That will be the most painless way to deal with that.
However, for safety's sake, it would be best to have another secondary backup before erasing your hard drive. I've heard too many sad stories of people who thought they were backed up, erased the hard drive, and then found that their Time Machine backup drive had failed without them realizing it. Having two separate backups protects you against that.
What exactly constitutes a secondary backup? (A second time machine?)
Can they do all this at the Apple Store?
Anybody hear of Geek Technical Support? They seemed to know what they were doing, but their business practices were suspicious.
