My sister texted me this afternoon to say that someone claiming to be from Comcast called her and told her that her email has been reported as sending spam and pornography from Nigeria, Mexico and New Jersey. The caller had her run a command prompt (as Administrator, no less) and run the netstat command. Here is some sample output from that command:
Anyone who has used netstat knows that the output has a column heading called "Foreign Address." Based on my sister's story, it is clear that scammers are using that information to mislead unsuspecting computer users into thinking their computer is communicating with "foreign" computers. Hogwash.
My sister, who is not a "tekkie," was alert enough to put a halt to things right there, asking the guy to provide proof he is a Comcast employee. Wisely, she asked him to tell her what her account number is. He could not do that and hung up.
This is a very common "setup" that is staged to convince you something is wrong with your computer that you need to fix right away. From here, the hacker normally talks you into remotely accessing your computer, whereby he plants malware, such as a remote access Trojan, a keystroke logger, or ransomware on your computer. Or he gets a credit card number from you to charge you for fixing your problem.
I told my sister she did the right thing but that she needs to stay on her toes going forward because these guys will try again. She said she plans on changing all her passwords immediately, just to be safe. It's a good idea to change your passwords occasionally, so I couldn't agree with her more.
Remember, anyone who phones you to say your computer is infected with a virus or is showing up on their monitors as routing data to foreign countries, or anything similar to that, is a scammer. Hang up!
User: 1 - Hacker: 0.
I love a happy ending.