How To Protect Yourself From Having A Scammer Lock Your Computer

If you’re unlucky enough to encounter a telephone scammer who manages to take control of your computer, it is likely that a scammer will try to lock it. The way that this scam works is that scammer will call you claiming to be from Microsoft, Amazon, Google or some other company. They will give you some sort of excuse to get access to your computer via some remote access software. Such as your computer is infected by viruses, or that they want to refund money that was stolen from you. Once they have access to the computer, they will lock it and hold it hostage as only they know the password. This scam is effective because a surprising number of people don’t do backups of their computer, and as a result are more likely to pay to get access to their computer.

So with that out of the way, let’s go down the rabbit hole of how this is done by the scammers. And the first way they do this is by using a little known Windows utility called syskey. This Windows utility used to encrypt system data, such as user account password hashes. But it also functions to prohibit you from booting the system directly to the desktop. Instead the system will ask for a password which is difficult, if not impossible for the average person to bypass. Which is why scammers love to use this method to your to lock a computer. Syskey exists in Windows NT 4, Windows XP, Windows 7 and 8, Windows 10 versions prior to version 1709 which is also known as the Fall Creators Update. After that version, syskey wasn’t included in any version of Windows. But the tool can still be copied to a computer and used by a scammer if they have remote access to said computer.

How to protect yourself: Given that syskey can still be copied and used on any version of Windows that’s currently out there, any sort of proactive protection is impossible to implement. While I have heard of people using the group policy editor on Windows to stop syskey from running, that’s a very rudimentary way of protection as all the scammer has to do is to change the name of the syskey.exe to something like “syskeyscam.exe” to get around that. Plus once a system has had syskey run on it, it’s extremely difficult to recover from that. Often it requires the computer to be reformatted which means you lose your data if you haven’t backed it

Thus given the fact that this is difficult to remediate after the fact, and that there’s really no way to protect yourself up front, education is the best way to deal with this way of locking your computer. In other words, you understand what as scam looks like so that you don’t fall for it. Making this a non issue. I’ll have some words of wisdom on that front later in this article.

Beyond that as I mentioned earlier, having a backup of the contents of your computer and doing regular backups either manually or automatically via a backup application is another way to deal with this situation. Because if a scammer gets in and locks the computer using syskey, you simply do a Windows reset, reinstall your applications, and restore your files. Or reformat your computer, reinstall Windows and your applications, and restore your files. While there is some work in doing some sort or restore or reinstall of your computer, it’s a far better option than paying a scammer. And having a backup has the bonus of protecting you from other catastrophic events such as hardware failure for example.

A second option that scammers use is to simply change the password of the account that is currently logged into Windows. Unfortunately many people don’t put a password in place to protect themselves when they set up a computer. They do that under the mistaken belief that it is more convenient to run a computer with no password as it’s one less thing to remember. And that combined with setting up the computer to automatically log in allows them to get into the computer faster. But that’s the sort of thing that a scammer will leverage to force you to pay them as they simply can add a password to the account and hold the computer hostage.

How to protect yourself: While I understand that many of you out there want to be able to flip on your computer and bang out that email, you should never, ever compromise your security or it may not end well for you. You should always add a password to the user account that you set up, and you should never set it up to auto login. That way if you come across dirtbags like these, they can’t change your password because they would have to know your password to do it. Which they won’t. You can look at a tutorial like this to walk you through how best to set a password on your computer.

Finally, here’s some words of wisdom to stop you from becoming a victim of a scam of any sort:

  • Fact: A legitimate company such as Microsoft, Apple, Amazon, Visa or Google would never call you on the phone saying things like “your computer is infected with viruses” or “you ordered items from Amazon and it looks like fraud”. If you get a call from any company saying things like that, hang up.
  • FACT: No company (again, Amazon, Google, Microsoft, Apple to name a few) would call you and require remote access to your computer for any reason. If you get a call from someone asking if they can connect to your computer, hang up. 
  • Fact: Companies don’t use call out technology that has robotic sounding voices that don’t reference you directly by name or by some other means of identification. If you get a call from any company using this sort of technology that fits that description, hang up.
  • FACT: If you get an invoice from Norton, McAfee, Netflix or any other company that doesn’t have your name on it, it’s fake and you should delete it. And you should not click on any links or attachments. And you should not phone any number that is on the invoice.
  • Fact: Companies don’t ask to be paid in gift cards. If you get a call asking you to buy gift cards, hang up. You can copy and paste that for crypto currency as well. 
  • Fact: The police don’t call you saying that you’re going to get arrested. If the police wanted to arrest you, they’d just arrest you. So if you get anyone saying that if you don’t co-operate with them, you will be arrested, hang up.

In other words, if you don’t fall for the scam because you spot that it’s a scam up front, you don’t have to worry about getting your computer locked. But if the worst does happen and you do get your computer locked by a scammer, and you don’t have a backup, I would advise that you call a computer professional for assistance. And by computer professional, I mean someone who has experience in dealing with situations related to scams as they are best suited to assist you in this situation. But be advised that there may be nothing that they can do other than erase the computer and set you up from scratch, which is another reason why having a backup is important. But under no circumstances should you pay the scammers to unlock your computer. Scumbags should never be rewarded for doing evil things. Thus paying them should be off the table by default. Not to mention that there is zero guarantee that they will follow through with unlocking your computer even if you do pay them. Plus you’ll still have to get a computer professional to look at your computer as who knows what they did to it.

These days you have to be really careful as scammers are becoming increasingly sophisticated. And the second you let your guard down, it can really come back to bite you. Thus I hope that this article helps you to avoid this specific scam. And if you want other tips on avoiding scams, check out this article which provides advice on how to stop seniors from being scammed.

Leave a Reply

%d bloggers like this: