So, as one does, I googled Norton support and went to the third page, and found a number. So I called that, and then he referred me to another number. I called that one, and got him onto my virtual machine.
Scammer 2 got onto my VM by directing me to a support.norton.com website, and getting me to input a pin number for access. When he accessed my VM, he immediately told me to delete Teamviewer. He then deleted my Chrome history, disconnected, told me everything was fixed and to stay safe.
I know the second scammer wasn’t on a norton number, so I’m just extremely confused. Any ideas what he was up to?
More than likely he recognized you were using a VM and knew you were probably baiting. It is also the real website for Norton support. support is a subdomain of norton.com
Most likely you clicked a 3rd party website that referred you to the real website, which they make a few bucks on by referring people to them.
That’s what I figured after the fact, but I didn’t recognize the number or the automated system from the Norton support that got onto my VM.
The original, though, I know he was a scammer. He hung up the first time I called, and directed me to Norton the second time. I guess my old man voice didn’t pass the sniff test.