It is exactly for this and so many other reasons that I no longer run Windows based machines, and have my systems locked down so tight my friends think I’m irrational … right up until they discover the hard way that backups should be a religion, and the most devastating computer attacks are wetware based with wetware targets.
When mom asked me to bring her down here, and it became evident we would have to do some banking by computer, the first thing I did was shoot every one of her credit cards in the head, and go to her bank and set an in-person go/no-go code with them. It’s like two-point ID. If they got a request, they texted me. If they didn’t get a certain code in response, they auto-locked the account and informed the fraud division automatically. (Part of the reason I love local small town banks!)
I only had to set off that auto-fail once when a check hadn’t been delivered in 28 days. I pulled the pin immediately upon hearing from the vendor … and naturally, the first check showed up a day later. Delay courtesy of the USPS. (Deep sigh of long suffering) However — it was comforting to live-test the system and see the speed at which it auto-locked the whole shooting match.
That being said, social engineering scams are particularly reprehensible. Therefore I don’t have much compunction against messing with them when they call. My record time for running one around the mulberry bush was about 45 minutes. He finally got wise and asked, “what version of Windows are you running?” I answered, “RHEL 6.” He asked, “What’s that?” I said, “The same thing the NSA uses.”
He hung up. Go figure. <..:-p..>