Earlier today, I was helping a friend with something on a gaming website called Roblox. They asked me to share my screen and guide me through some steps. While we were looking at a section for t-shirts, they instructed me to right-click, inspect, and open the sources tab in the browser. They told me to copy certain information and send the PowerShell script to them. After that, they accessed my Roblox account, took over my email, and even spent $50 from my card. I quickly deleted my cookies from the last 24 hours and changed my passwords. I'm currently running a virus scan. I'm wondering if there could be more that they did to me, and what other steps I should take. Does anyone know how they may have stolen my information—was it through a cookie logger or did they hack my computer? Any advice would really help. Thank you!
2 Answers
Hey! So, did you actually run the PowerShell code he sent you? That could have triggered something to grab your info. If not, it could just be that he got you to send more than you realized—you should definitely follow up on what you actually sent him.
First off, definitely report that credit card as stolen and get a new one issued. It's crucial because that card is compromised for sure. For online purchases, consider using virtual debit cards to keep your information safe—I've been using privacy.com and it's worked well for me. Also, don't run scripts from someone you don't fully trust; it’s risky. Can you share what the script was? It would help to figure out what damage could have been done. If you're comfortable replying here, use the code block feature in the reply box to paste the script for better clarity.
Honestly, I don't think I ran any code. I just copied the PowerShell part and sent it to him via Discord.