You’re correct that most of these scammers are barely computer literate and stick with using common remote access tools downloaded from the web and talk scripts to scam credit card numbers for bogus “services”. The more sophisticated hackers I’ve seen are really just elevated script kiddies exploiting common vulnerabilities in Windows. Running your instance inside a hypervisor restricts the kind of damage they can do and how far they can horizontally crawl your network.
Lessons learned: A. Never click on anything unless you’re sure it’s coming from someone you trust and
B. Don’t use Windows. Just…don’t.
I used to get calls from such guys. They all have obvious Indian or Russian accented English, purport to be working for Microsoft, and claim they urgently needed to fix my computer. Not being one to refuse free technical support, certainly not from an exalted institution like Microsoft, I generally try to follow their instructions to the letter but these instructions never seem to work at all – the buttons and menu items are in all the wrong places and the programs they ask me to download won’t ever run. After a while I call their technical competence into doubt and say something along the lines of “we’ve been at this for half an hour and nothing you suggest seems to do anything, are you sure you know what you’re doing?” At this point they start sounding a bit frantic, and I suggest that they shouldn’t bother, I’d just take the computer in to my buddy who set it up for me and he’ll sort it out! That usually lets them insist that they’re the only ones who can do that after all. Then I ask to be connected to their manager.
Of course my computer is running Linux. But they never ask and I don’t volunteer that information.
I know that. What I’m afraid of is that other people, that are less tech-literate, won’t understand this. That they may see this video and think it’s harmless to let a scammer into your system.
That is what I would like him to give a disclaimer about.