Scam/Security

[leclod]

Lately I received messages on Whatsapp proposing a job.

So I smelled scam but wen't along for a ride.

Long story short, they had me register on a company website and enter a referal code. I did that on my desktop.

Then I confirmed the register via Whatsapp, she asked me for a screenshot, which seemed weird.

Then she asked me the code generated from the website, which I refused to give via Whatsapp.

End of story. Two days ago.

 

Today I got a message from Facebook "Somebody might have had access..."

I don't know if those 2 events are related.

I followed the Facebook recommandations and nothing suspicious came up.

 

What do you think ?

If my desktop is compromised what can I do ?

Thanks,

 

Edit: I did a quick search on internet : It seems that scam was to make me send money rather than to "misuse" my system

Edited October 21, 2023 by leclod

[Eigenvektor]

55 minutes ago, leclod said:

So I smelled scam but wen't along for a ride.

Why? You have nothing to win in such a situation. If something seems suspicious, just don't engage at all.

 

52 minutes ago, leclod said:

I followed the Facebook recommandations and nothing suspicious came up.

I would change my password regardless, just to be on the safe side. And, if you haven't already, enable 2FA.

 

53 minutes ago, leclod said:

If my desktop is compromised what can I do?

If you know it to be compromised, nuke and reinstall, with an installation media created on a known good machine. Of course that might be a bit drastic, maybe run a malware scan with something like Malwarebytes first. Though simply visiting a website should typically not pose much of a risk, provided your system and browser are up-to-date.

[leclod]

34 minutes ago, Eigenvektor said:

Why? You have nothing to win in such a situation.

I didn't know it yet. Don't you ever take a risk ?

35 minutes ago, Eigenvektor said:

I would change my password regardless, just to be on the safe side. And, if you haven't already, enable 2FA.

I could do that, but which wasspords ? all of them ?

35 minutes ago, Eigenvektor said:

If you know it to be compromised, nuke and reinstall, with an installation media created on a known good machine.

Not there yet.

36 minutes ago, Eigenvektor said:

provided your system and browser are up-to-date.

I'm very up-to-date

[Eigenvektor]

5 minutes ago, leclod said:

I didn't know it yet. Don't you ever take a risk?

Sure. But there's a difference between a calculated risk and an unnecessary risk. If someone contacts me out of the blue with a job offer… yeah, no.

 

At the very least I'd take some precautions like opening their website inside a virtual machine, using a non-Windows OS to reduce the risk of being compromised and the amount of damage it can do.

 

8 minutes ago, leclod said:

I could do that, but which wasspords ? all of them ?

Facebook and Whatapp. Unless you used something else you didn't mention?

 

10 minutes ago, leclod said:

I'm very up-to-date

Then at the very least use something like Malwarebytes to scan your system for known threats.

[Kilrah]

2 hours ago, leclod said:

they had me register on a company website

What details did it have you give? That could have allowed them to search for your FB profile.

[leclod]

16 minutes ago, Eigenvektor said:

Facebook and Whatapp. Unless you used something else you didn't mention?

I didn't use Facebook

 

17 minutes ago, Eigenvektor said:

Then at the very least use something like Malwarebytes to scan your system for known threats.

Just installed it

[leclod]

Just now, Kilrah said:

What details did it have you give? That could have allowed them to search for your FB profile.

Nothing, my first name,

[leclod]

23 minutes ago, Eigenvektor said:

Then at the very least use something like Malwarebytes to scan your system for known threats.

Just ran a scan, quarantined 2 files. But I doubt it had to do with the "scam"

[Eigenvektor]

11 minutes ago, leclod said:

I didn't use Facebook

As you said, you received a (probably unrelated) message from Facebook about suspicious activity. Even if unrelated to the scam attempt, I'd still change my password there, just to be on the safe side.

 

6 minutes ago, leclod said:

Just ran a scan, quarantined 2 files. But I doubt it had to do with the "scam"

True. As I said, visiting their site to enter a number is unlikely to pose much of a risk. Doesn't mean you couldn't have gotten malware from some other source at the same time.

[TheGreatestGazoo]

Possibly, if you created a password when you registered on their website, they may have tried to log into your FaceBook using the that password. Even now, lots of people just keep reusing the same passwords everywhere so they try to get that and log in to different websites to see if they get a match.

[leclod]

6 hours ago, TheGreatestGazoo said:

Possibly, if you created a password when you registered on their website, they may have tried to log into your FaceBook using the that password. Even now, lots of people just keep reusing the same passwords everywhere so they try to get that and log in to different websites to see if they get a match.

Nope, not guilty.

I did create an original password.

Good idea though.

Edit : ok, "they may have tried to log into your FaceBook" indeed !

Edited October 22, 2023 by leclod