Phoned by someone purporting to be from Virgin Media and was discussing issues with my broadband. Has none of my details to verify that I am speaking to Virgin Media but wants me to go on my computer and takes me through various steps to do with cmd.exe and event viewer. Gives me a long hexadecimal number which does appear on my screen in order to prove his identity.
Arrive at a screen for Center for Internet Security where I am asked to click on Server 4 at which point I stopped the call to say that I wanted to check with Virgin Media. Can’t get through to talk to a human...
Thats ok, a thing scammers do is make you use an application that provides remote access, so they gain control of your PC and if they aren't getting their way they can add what is called a syskey (system key) which requires you to type in a password to use your PC each reboot.
But yeah I guess they hit you with the yellow triangle signs on event viewer as problems with your broadband or viruses?
Best thing to do with them is either string them along, tell them since they are hindus they will go to hell for scamming, that makes some of them cry, others get mouthy. Or if you are not in the mood, just say "not interested in scammers today thank you" and then hang up.
Sorry to hear that someone claiming to be from Virgin Media has contacted you and asked you to go through some actions on a computer with regards to your broadband.
As others have said, I can confirm that no one from Virgin Media will contact you to carry out such actions out of the blue. Unless you have contacted us and are waiting for a callback, we still have certain procedures that we must follow and we will always ask you security questions.
Looking at the site's index page, which funnily enough had BT Openreach information text in it, so looks to been originally a template, server 4 just lets you download teamviewer, remotePC or imPCremote. Both Windows and Mac versions.
So that was going to be the next step, nothing in the html shows any type of backdoor stuff etc. So the customer is fine.
Host is enom, and abuse email is email@example.com - obviously I couldn't really find customer information on the url they use.