Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 2 replies
  • Subscribers 21 subscribers
  • Views 4711 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Was I scammed?

bnlgrabo

I just phoned what I thought was a Sophos Support Line.  After chat and several transfers, I spoke with a representative who requested remote access to my computer.  I granted it.  

My initial question was about how to get rid of an adware – Bundlore – that Sophos detected and quarantined - yesterday as a result of my attempting to upgrade my Adobe Flash Player. The Sophos message said it would have to be manually cleaned up….I understand this is because I have just Home protection. 

In any event, after a long telephone conversation with this representative – and my granting his remote access to my computer, he made a convincing argument that I need to get SSL Security – network protection.  At some point I became uncomfortable and finally told him that I needed to talk it over with someone before I made that decision.  I got his telephone number (866-461-0166 ext. 8023 – name:  Mack) and told him I would phone back next Monday. 

Does this sound like a legitimate Sophos Customer Service transaction, or was I diverted to a ‘shady’ situation?  Should I worry? I am currently running another complete scan - should I be doing anything else?

Sorry this is long - I’m feeling very alone right now – my husband passed away recently, and I’m on a steep learning curve with issues like this.  I’ll get there, but for now…… 

Thank you.



Updated number
[edited by: FloSupport at 5:43 PM (GMT -7) on 27 Jul 2023]
  • +1

    Hello ,

    it would have to be manually cleaned up….I understand this is because I have just Home protection
    first of all about manual cleanup: The behavior is the same regardless of the specific product line or license. Whether you have a free or paid product this particular detection requires manual cleanup (usually it's just a delete of the offending file). In other words, it's not because you have just Home - a paid version would also not offer other remediation options.

    888-767-4679 is AFAIK the correct number, the initial contact might transfer you but if you mention Home and don't have a Home Premium license they'd refer you to this Community and definitely not request remote access or tell you that you need some other product. Can't say if the second number is genuine ...

    Christian

  • 0 in reply to QC

    Thank you, Christian.

    I finally figured out that my Adobe Flash Player was installed as a separate volume, and once I disabled it, the adware Bundler disappeared from the Sophos quarantine list, so that takes care of the manual cleanup requirement that triggered the initial question.

    I learned that 888-767-4679 is the correct Sophos number; and that the other number definitely is not.

    Since I did not download anything, the general feeling is (Sophos Support and also Apple Support) that I am probably okay, though I did change sensitive passwords anyway. I do use a password manager.

    The great unknown is what damage might have been done during the time I'd granted remote access to my computer (via LMI Rescue), which lasted for more than 20 minutes.  I do not know how to determine if they were able to pull information from my contacts, mail, history, etc., etc, but will take my computer to a specialist for evaluation. 

    An expensive lesson for something I should have known better.

    Again, thank you.

Unfiltered HTML