This has been a horribly rough week for me, but I’m hoping that I can help someone else avoid the nightmare from hell that I went through this week in telling my cautionary tale. It has to do with internet security.
I have to admit that I’m embarassed by the whole situation, because you would think that someone like me who has at least some sense of computer/internet savvy would not fall victim to this, but I did. It could’ve been worse in some ways, but I still fell for it, so I share my tale.
It started a few days ago, as you may have read from my last post. My laptop, which I cherish almost as much as if it were my child, had gone down for the count. It wasn’t a mere system crash, like a corrupted hard disk drive or something like that. That would have been devastating as well, but I know these things happen. Instead, it was that I was scammed.
First, I have to set the scenario for you. I’ve been experiencing some slow down on my computer recently. I understand that happens now and then because of various programs and files we add. The more we add to our hard drives, the more time it takes for the system to find and execute the files–I understand that. But there would be some sort of strange hesitation as I would try to get things done. I saw that I had some viruses that my anti-virus software was catching, and I know even my husband has said that our internet connectivity from our provider has been spotty now and then, so I didn’t think much of it. Additionally, I have started working for a training consulting company part-time at night, and I had to install their client’s conferencing software on my system. Now, just to clarify– I know the culprit wasn’t the client software, because it comes from one of the biggest OS providers in the world, so I know that it would not be infected. (I’m not allowed to disclose the client, but let’s just say that EVERYONE has heard of them–and it’s not Adobe or Apple.) Some other instructors seem to be having issues using the product, even though I didn’t seem to have problems, but I know connectivity was an issue.
So, one day when I was trying to figure out what could be causing that slowdown, I got a phone call on my home phone (I am not working full-time in the daytime again, so I was home.) The guy on the other side had a strong foreign accent and claimed to be calling from Microsoft. He claimed that my system had sent a message to Microsoft that there was a truly evasive virus that was striking my computer and not allowing updates to happen, or something to that effect. I questioned how they got my number, and he claimed that it was included when I registered my OS with them. In retrospect, I should’ve remembered that I didn’t do that, as my OS came with my machine. I questioned him again, because I didn’t contact them first…that should have been my tip-off right there. He stressed again that when I share information on the system about Microsoft, that’s how they know. Since I actually was having some minor issues with my machine and the teaching consultancy knew about it, I didn’t know if perhaps they had called Microsoft, and asked them to contact me, and this chap was just following through. This is where the caller got lucky.
He proceeded to have me go to my laptop, and have me type a few things there, and open up some files to “prove” his point. Like most who aren’t tech support people, what he showed seemed legit, and then he asked me to download some software from a website. I looked at the website before downloading, and just at a quick glance, it was shareware that allowed a remote person to share the computer. I’ve talked with tech support people in the past, and that’s not an uncommon thing to do, and stupidly I downloaded it, and shared my computer. This was the second stupid mistake I made.
As I was distracted by the fellow opening up Notepad and telling me about what they could do, in the background, unbeknownst to me, he was removing files and planting a vicious malware virus. As he got to the point in the conversation that he said, “And this can all be fixed for a fee of US $177.50…” I stopped him right there. I said if Microsoft is truly trying to provide me with excellent customer service and calling ME, then THEY should be doing it for free, not charging me an arm and a leg for it. I started to argue with the guy that I was not going to pay this fee, and hung up. By then, the damage was done. I noticed that the number of shortcuts on my desktop seems smaller, and the wallpaper in the background was gone. “DAMN,” I thought (although I think I used a different word of profanity, for sure), “He’s still in there!”
I quickly turned off my machine, the fastest way I could think of to disconnect this guy from it. Of course, I started to panic. I just fell for a scammer, and I had the warning signs right in front of me, and didn’t heed my own instincts. How stupid I was! At least I hadn’t let him have my credit card information at payment time, so that was safe. I rebooted my machine, and saw the same problem– my wallpaper was gone, and so were the shortcuts. I proceeded to look at what other damage was going on. In the meantime, my anti-virus programs were going crazy picking up the viruses from before as well as some additional ones. I was able to check my bank accounts, which were still safe, but I quickly changed the passwords as a precaution. I also checked to see if the software that I had used to let this guy in was still present, and it was not. I must have just run it from a temp file, and I could clean those out, so I was good. But as time went on, I could not do much. All the executable files would not work. I tried a system restore from an earlier time of the day before the attack, but that didn’t do much. In addition, this scum took some files that were important to me. Some were expendable, but they included more than a decade’s worth of photos of my son. Since the digital age kicked in, this child hasn’t had a film photo taken of him since he was about a year old, so the record of my son’s whole childhood was lost. I was the most distraught I think I’ve ever been in my life.
I mean, in the end, my logical head knows it’s just a computer, and no lives were hurt, no one died, and all was generally safe, but I had truly felt violated, almost as if I had been raped, but knowing that I had not. I had been emotionally and mentally compromised, and I was upset at myself for falling for it, my husband was upset that I had falled for it, and I felt helpless and stupid. I really should’ve known better. I just never thought it would’ve happened to me.
So, it’s now 5 days later after the attack, and we are still working on recovery. By a miracle, I had done a partial backup of files the day before the attack, so we were able to restore my son’s photos and other files. Sweet relief! The malware the scum released into my system was a particularly nasty one–it took about 2-3 days for my husband to figure it out and finally get it out of the system successfully, as it would attack all the executables so that you couldn’t open anything–not a browser to get the special tool kit needed to eliminate it, not the anti-virus programs to get the rest of the scourge out, or even anything to help one repair the whole system. But LMSGeekDad did it, and he did a great job.
So naturally, my next move, now that my system became operational again, has been to work on getting a better backup system in place. I have an external hard drive, but it was cluttered, and I had to truly go through to free up some space so that my system could do a proper backup. I moved those precious photos to a cloud depository so I knew they’d be safe, and moved several other files to the Cloud as well. While my iPad and iPhone were working during this time, and I could have done some of my work from there, I was too distraught and distracted to really participate in anything online like I usually do. The other issue was that I had to teach my first class online, and I had to make sure, even if my own laptop was still out of commission, that I had a means of teaching the class. So I was installing software on my son’s computer as a “Plan B” if my laptop could not be restored in time. I was on the phone with one of the client offices in Korea at 1:00 AM my time to make sure that the conferencing software worked (it did), so at least I had that in place. Nevermind that I was incredibly nervous and anxious about teaching this class as it was, but the residual emotions of the attack were still fresh, as we were still in the process of restoring my machine, and that didn’t help.
Fortunately, LMSGeekDad had my laptop running again just a couple hours before I had the class, and since I had saved the presentation for the class on the Cloud, I could go back and finish customizing it as planned, and I was able to reinstall the conferencing software and make the connection to Korea successfully again. I was able to complete the course, and start to catch up with things, but still not enough. After the class night, I’ve been working to try to clean out my system some more, and figure out the best way to back up my files. Two days after that, we are still working on getting a good backup of the system onto my external hard drive, as we are running into problems. We’re figuring it out bit by bit, but my machine is functioning enough again that I can try to get back on track. While I am writing this on my iPad (I started it on the laptop) right now, we are trying to figure out backup issues with my machine still. It’ll get done, and then all will be right in the world again, but for now, the worst of the crisis is over.
What is the lesson of this tale? Well, there are several.
First, make sure you do your backups regularly and make sure that you run your anti-virus software regularly as well.
Second, use the cloud whenever possible! There are a lot of great resources. I have iCloud for my iDevices, but there’s also Dropbox, Google Apps and SkyDrive among others.
Third, and most importantly, if someone contacts you and claims that they are calling from Microsoft, Apple, or anyone else, and YOU didn’t contact them first about a problem, HANG UP. It’s a scam.
Please learn from my mistakes!
In keeping up with this theme of using mobile and cloud computing when possible, and understanding personal computer security, I’m actually going to have a guest blogger shortly to provide some great information for my readers. He’s actually the person who encouraged me to write this blog in the first place, and greatly supported me through this crisis with some great advice and guidance. He has some fantastic tips that I’m going to have him share with you, and hopefully you’ll benefit from his experience as well.
Happy and safe computing!