This is long, but something of which we all should be aware. Scammers trying to get to you allow them remote access to your computer. DO NOT FALL FOR IT! Good morning… I see in a couple of different groups that I monitor the rehashing of an older threat. Something that each of you need to be aware of and to tell those you care about to be aware of too.. When this happened at my house, I will admit, that the sadist got the better of me and I did have some fun with the poor sap that was trying hard to convince me that my computer was badly infected….(end result I sent some good tracking info off to the internet security gods to shut down at least that call center for the scam). Typically just after dinner, you get a phone call. “This is Dave from Microsoft (Comcast, Symantec, etc. ), we recently released a patch that allows us to track some of the major viral threats, and your system came up as being infected, if you just do a couple of easy things on your computer, I can help you get them cleared out right away.” They walk you through opening up “eventvwr” This is a built in log file system that records any errors within Windows. Now I defy any computer to not have at least one warning, let alone one alarm show up in event viewer, even a well running version of windows will have an error or six. But they will tell you that “these errors are really viruses or corrupt files that they can fix for you.” Some reports have them appearing to be very convincing, and kind of pushy, whereas others are more obvious in that it is a scam. What they are looking for you to do is to open a Remote Desktop Connection (RDP) on your computer, This allows them to have FULL control of your computer, often without you seeing what it is that they are doing. Now realize that a good hacker, can run an installation of his attack software, INVISIBLY, in a matter of seconds. That is all they need to embed a backdoor and OWN YOUR/YOU computer. Once RDP is allowed, they will typically ask for your IP address, to complete the connection.. (strange if their system said that your computer was infected, shouldn’t they know your IP address??? Hmmm. ) We have worked with a number of you, using different forms of this kind of software, it allows us to connect to and do things on your computer, as if I was sitting at your desk. (This keeps us from having to drive to your office / house to fix a number issues). Once we’re connected this way the response is typically, “Oh my God, that’s creepy. You are running my mouse, and doing things without me touching anything… plan creepy.” These tools are a great benefit for those of us doing support.. but they are amazingly scary when in the hands of the bad guys. And the software that some are using is NATIVE to Windows, it has to be turned on, thus their phone call. But once it’s turned on… you are at risk. So how do we protect yourselves??? Most of this is common sense but I’m going to say them anyways… Always take a couple of seconds (that’s all it takes, really) and ask yourself… Does this feel right?, trust your gut, don’t get pushed into doing something that you aren’t sure about. How did they discover a virus on my computer?, and why do they need to know my computers address? If they did find something, my computers address would be in their system, realize also that a good hacker, will/could already know your computers address, so it’s not the perfect question to ask, but ask it anyways. Why is it they seem to call mainly in the evenings, when I’m home? Instead of during the day and leaving me a message? Hmm.. nice reality check “So that I can help validate that you are legit, give me a number that I can call you back at?” “What call center are you based out of?” “Why does my caller ID say South Africa, India, China…” (no offense intended to any of my readers who might happen to be from one of the countries, they are on the hot sheets this month as hosting the majority of our creative software helpers). To confirm if your desktop even allows for Remote Desktop/Assistance Windows 7 Start, right click on Computer, Click on Properties Colum on the left side of the window Remote settings, In the lower portion of the popped up windows…check the box Don’t Allow connections to this computer. Now if I end up needing to do a Remote Connection, you will need to change this to middle box, but put it back once we are done. Windows XP Start, right click on Computer, Click on Properties On the Remote Tab, check or uncheck the Allow users to connect… as appropriate. Windows 8 Start, right click on Computer, Click on Properties Colum on the left side of the window Remote settings, Click on Advanced and UNCHECK allow this computer to be controlled remotely. While MACs are susceptible to this type of attack, I have yet to see or hear of any personal experience with that happening. Enjoy your summer, spread the word on this one, our best defense against these guys is education, and using good old fashioned common sense. When in doubt ASK!!! Question everything!!! Dave
Posted on: Fri, 12 Jul 2013 18:33:44 +0000
Trending Topics
Recently Viewed Topics
© 2015