virus, trojan or pfishing attack embedded in Microsoft Office installer

  • Thread starter Thread starter MarkWeitkamp
  • Start date Start date
M

MarkWeitkamp

I just brought home a brand new computer with Windows 10 pre-installed. I also bought the Microsoft Office Home & Student 2016 card with the scratch-off section on the back with the product code. The very first thing I did when I turned on the computer was connect to my internet WIFI connection, start up the browser and went to "www.office.com/setup" and entered the 25-character Product Key as instructed on the card. It brought up a screen that said they need more information to process my Office setup, and instructed me to call 1-888-390-4345. The number was answered by a man with a very thick Indian or Pakistani accent, and he did a very credible impersonation of a real Microsoft employee. It was late at night, so I could easily believe my call had been routed to a call center in India. In the beginning I had no doubt he was legit. He established a remote connection to my computer through a website called "logmein123" and gave me a case number, 24417. He asked for the last 5 digits of my product key and put me on hold for a few minutes while he claimed to be "verifying" my product key. He said my product key was good, and gave me some kind of a connection code to put into the logmein123 screen, which brought up a "Download" button he told me to click to download the Office software. It came back with the same message and the same phone number. He said I have a virus or a Trojan infecting my network and he said my network is putting it on all of my devices. And then He started up my task manager and showed me a bunch of processes which were described as "stopped", which he said should be running. Then he started up my browser and did a search for the "Zeus Trojan", or "Zbot"; he said it was well known that this Zeus Trojan would stop those processes and prevent Microsoft Office from installing properly. Then he started up Notepad and filled up the screen with a bunch of step-by-step instructions that ended up with prices for three different price levels of something he wanted me to charge on a credit card. At that point I knew he was a scam artist and I tried to save the notepad screen, but he cleared it and closed it before I could save it. Has anybody else had a problem like this? Any way to know if any permanent damage was done? Any way to get the real office software I paid for? Thanks for any help anybody can provide.

Continue reading...
 
You must log in or register to reply here.
Back
Top