Recently I was talking on the phone with someone that posed as PayPal customer support. I followed all their instructions and let them control my desktop via Quick Access. They installed a program and my computer had to restart to install “updates”. Instantly, I shut down my computer and ran Malwarebytes and it discovered some adware called Yontoo located in my Appdata and some PUP’s. I also reported the email in which the scammers had contacted me.
Everything went like normal after that and I thought it was over with but today my mouse was taken control of and the same “please wait for your computer to update” message appeared again. I quickly shut down my computer, ran Malwarebytes, Windows Defender, Sophos antivirus, and Emsisoft Emergency Kit but they didn’t find anything… The only thing that seemed to stop the attacks was to disconnect from the internet and as soon as I reconnected, they would take control of my mouse and the “please wait for your computer to update” message would appear.
I tried manually finding and deleting the malicious files and reinstalling chrome which seems to have stopped the attacks. I also made sure any information I cared about was deleted from this device and I enabled 2FA on all my accounts.
Are there any ways to prevent it from happening again? If they were trying to get my information, why did they make it so obvious?