Screenconnect, Connectwise, Logmein Rescue, Teamviewer11, ShowMyPC, Microsoft Registartion Files

peterbaker

almillar wrote:

Maybe you should READ in our beloved forum more than you POST then. You would have found plenty of tales of woe, and warning advice. If you've only just learnt all of this, it shows, again, that you're very late to the party and should maybe read up on the subject before providing help, or wasting your time and ours writing lengthy, content-less posts.

I think you are way overstepping the mark, almillar. The reason I have stepped forward and made a splash here on MSE is because I did do multiple searches to see what had been written previously and found very little. Even MSE's own scam guides do not mention Microsoft Tech Support Scam in any overt fashion - probably for fear of upsetting Microsoft.

I am not wasting my time - I am giving it. I am spending a lot of time countering a lot of very shallow 2D counter arguments, that's for sure. You my friend and many others responding to this thread appear to be the ones late for the party as you put it. Try a Google search for MSE posts mentioning "tech support scam" or "technical support" and scam.

Hits to my threads predominate the first search and in the second there are precious few recent threads or warnings. A further search for "remote control" scam only yields very stale threads and self-congratulatory posts about having spotted the risk. A more specific search for "remote control software" and scam is again dominated by hits to this thread and one or two of my others. However I do now note one particular January 2017 thread where three posters from this thread have also contributed - I see malwarebytes was recommended. That was my investigation start point too, but I soon learned Malwarebytes doesn't block remote access or even flag it, does it? On this type of scam, we all now know that malwarebytes may be as useful as a chocolate teapot.

This whole subject has not been addressed properly here in the forums, and it is frankly a bit of a joke to keep banging on about education when you we are self-evidently talking about people that are generally past learning anything new other than perhaps a few short steps towards doing something they are interested in achieving.

Anyone who has continuously kept studying various subjects will know that once schooling is behind you, the human mind simply will not easily be told what what it must learn. It learns what it is curious about or what it is rewarded for learning. Very few people ever sit down and decide to learn something that might one day protect them from something bad happening. They generally only learn something that is of positive benefit. Can anyone think of a common example where that is not so? Even taking part in fire drills and in the process becoming slightly more familiar with where the fire marshalls expect you to group if a real fire breaks out are generally only tolerated as part of required culture at work (for which we are rewarded).

However, most people do respond to real time prompts out of their ordinary routine. I am not talking of "Click OK to continue" type soft prompts. I am talking of hard prompts of the sort that cause computer users headed off piste to ask themselves "Why has the process stopped? What just happened?" "What caused that?" "What is that very in my face pop up from my antivirus software trying to tell me?"

And as for "So she'll just get scammed again. She'll ignore any warnings you want the software makers to put in and click on through. This is all pointless." I again honestly do not understand your very 2D logic. It is silly. The dear lady most definitely now knows she at one point had lost £8,000 and was very uncertain for a few days about whether she would ever get it back. That is something she will not forget in a hurry and you should be able to understand that, because that, my friend was a real learning process and not some undefined "education".

You should also be able to understand that my urging that particular victim of a telephone scam to change the way she answers the phone being a failed attempt at education, was a failure to be expected. There is no direct and obvious association between making that recommended change and being rewarded for doing so. There is only an easy to forget rationale about how not giving your name when you answer the phone and demanding to know exactly who is calling might make you less easy to scam.

That's why I consider that anything other than very high investment very repetitive one-to-one education could ever do as good a job as real-time anti-virus/firewall Danger prompts which block further access until acknowledgement of the risk is done in such a way as to indicate the user is fully aware of what they are about to do.

Paying lip service only to a word "education" in this matter without bothering to say how that education can be successfully achieved seems to me to be naive. It is definitely not the same as Martin Lewis's drive to financially educate youngsters - youngsters can still be directed in their learning. Few of the rest of us can without clear positive motive, be it for pleasure, or for work, or for enhanced self esteem, or for more general financial reward.

debitcardmayhem

Just got this message from my Firewall/Anti Virus https://www.youtube.com/watch?reload=9&v=_Jtpf8N5IDE

RumRat

peterbaker wrote: »

etzz etzz

TL;DR

Your problem is that you are just boring. You could send a glass eye to sleep.
So, your message has absolutely no chance of going anywhere. People turn of to self gratifying over long lectures, especially when they have been so thoroughly dismantled.
Try another forum, where you may find an audience, maybe this one.....https://www.gransnet.com/forums

peterbaker

Sorry RumRat - This is an open forum - anyone can post.

You carry on doing your thing. I'll carry on keeping the message in front of the forum until there are signs that naysayers are so bored that they don't even feel the need to post insults.

You can try another forum if you like. I have better things to do.

Meantime, it ought to be clear by now that Remote Control Softwares should not be easily downloadable without a robust warning and at least temporary block popping up in our main brand anti-virus/internet protection apps.

Yes, we can see you just don't get it, but you don't have to embarrass yourself further by being seen to deliberately deflect and dilute the message of the thread if you don't want to.

The remote control software manufacturers could also follow ShowmyPC's lead and do something about a warnng on their website download links.

Meantime, I wonder if one of the smarter cookies on this forum can advice whether there is a sure-fire way to prevent remote access connections even if remote access software is installed? I suppose the act of installing such softwares probably switches it on behid the scenes in Windows10 for example, even if it has been switched off in Windows 10 settings?

I think I will try it. I seems that my own installation of Windows10 has "remote assistance" allowed by default so I will remove the default tick in the box, install Teamviewer and see what happens ... watch this space if interested ... otherwise don't ...

almillar

do not mention Microsoft Tech Support Scam in any overt fashion - probably for fear of upsetting Microsoft.

Nope, MS wouldn't get upset about it.
And again, you seem to be obsessing over the 'MS' scam. It's very similar to an ISP scam - instead of 'hello, this is microsoft, there's something wrong with your computer' you get 'hello, this is <talktalk>, there's something wrong with your internet connection. After this, the scam will be similar.
So, for the umpteenth time, don't put energy into educating users about remote desktop software (RDS), DO educate them about trusting every chump that phones them. This idea is futureproof.

Malwarebytes - the clue's in the name. Malware. RDS is not malware, warning not necessary. You argue it is. Again, the warning will be TOO LATE and EASILY IGNORED.

banging on about education when you we are self-evidently talking about people that are generally past learning anything new other than perhaps a few short steps towards doing something they are interested in achieving.

These people will click through your wonderful warning.

I am not talking of "Click OK to continue" type soft prompts. I am talking of hard prompts of the sort that cause computer users headed off piste to ask themselves "Why has the process stopped? What just happened?" "What caused that?" "What is that very in my face pop up from my antivirus software trying to tell me?"

Can you please answer me (I've already asked) about the screen going dark and having to click a tiny window to install anything on Windows 10? I don't think you're reading, or understanding, what I'm typing. You will not win an argument simply by using more words.

And as for "So she'll just get scammed again. She'll ignore any warnings you want the software makers to put in and click on through. This is all pointless." I again honestly do not understand your very 2D logic. It is silly. The dear lady most definitely now knows she at one point had lost £8,000 and was very uncertain for a few days about whether she would ever get it back. That is something she will not forget in a hurry and you should be able to understand that, because that, my friend was a real learning process and not some undefined "education".

So, she has learnt by 'losing' the money. A traumatic experience I wouldn't wish on anyone. My point here is that she would still click through your warning, if we turned back time.

Your attitude to most on this thread, who have explained why your idea isn't good, is that we're know-it-all nerds who already know better, and think everyone else should too. Your attitude to your neighbour is that you care about her but she's not clever enough to hang up on a scammer, whilst also being intelligent enough to stop at just one more warning, amongst the many warnings she already had to click through to be scammed. And your attitude to anyone post education is that they can no longer learn. That last one certainly seems to apply to you 95 posts into this thread.

Meantime, it ought to be clear by now

If only...

Meantime, I wonder if one of the smarter cookies on this forum can advice whether there is a sure-fire way to prevent remote access connections even if remote access software is installed?

What you're thinking of is a firewall, and blocking the commonly used ports for RDS. But then the scammer could, after a while, talk a user through unblocking it. It's certainly a hurdle though and would actually take the scammer TIME to bypass, unlike your other daft idea.

peterbaker

almillar wrote: »

And your attitude to anyone post education is that they can no longer learn. That last one certainly seems to apply to you 95 posts into this thread.

You are I think deliberately misquoting me on that one as on many other points I have communicated but which you do not care to acknowledge - my point is that post-school, no learning attempt is seen as mandatory unless required by an employer, or HMRC in requiring forms to be filled in, and indeed because of that, most people do fall out of the habit of being able to assimilate new knowledge of anything much, especially non-commercial risk, unless they see obvious direct and positive benefit in making the effort. Surely you can accept something along those lines?

Your point about turning back time is understood, but I consider that the proportion of potential victims who might "click through" an overt and well designed warning and temporary block by their antivirus / firewall software would be statistically and noticeably less than currently where no warnings appear, and also obviously less than your undefined 'let someone else do it' "education" alternative.

What you're thinking of is a firewall, and blocking the commonly used ports for RDS. But then the scammer could, after a while, talk a user through unblocking it. It's certainly a hurdle though and would actually take the scammer TIME to bypass, unlike your other daft idea.

Yes I know what I am thinking of and finally you begin to grasp the concept of TIME and additional hurdles in order to slow a scammer down and also that same time and those same hurdles increase the chances of the victim becoming very suspicious BEFORE it is 'game over'. That's all my suggested warnings are too. I am not suggesting anything as simple as a warning that can be circumvented in milliseconds by a "Click OK to that" as I have already made clear. It needs more than that. It needs several different layers in fact - better warnings in Windows10, a degree of technical difficulty that can only be coached over a long period by a trusted tech support person in switching Remote Control on (it should not be on by default - if it is?), temporary blocks and overt questioning warnings in antivirus/internet protection apps including for anyone visiting a download page for one of the known softwares, and download link warnings too at the manufacturers' websites. Oh and "education" if anyone is prepared to invest in it and execute it ... which so far seems only to attract lip service ...

RumRat

peterbaker wrote: »

Yes, we can see you just don't get it, but you don't have to embarrass yourself further by being seen to deliberately deflect and dilute the message of the thread if you don't want to.

You'll find, I'm not easily embarrassed, so your barb missed the spot.
Your message has been consistently shot down in the flames of common sense.
I couldn't possibly dilute anything more than you have done.

peterbaker

RumRat wrote: »

You'll find, I'm not easily embarrassed, so your barb missed the spot.
Your message has been consistently shot down in the flames of common sense.
I couldn't possibly dilute anything more than you have done.

Still here deflecting?

OK you may as well learn what I have just learned by installing Teamviewer:

1. (this one is for almillar) - the screen going dim and a standard W10 pop up install question asking whether to allow the proposed new App to make changes to your system gives no warning whatsoever of what exactly might be changed. As such it is useless. It is a warning along the lines of Peter and the Wolf i.e. it is so routine that no ordinary person takes much notice of it.

It is the same pop up as applies for any install and it is so regular that it is useless as a warning to anyone other than an initiated person who might try installing something as a test to see just what exactly has been changed - and Teamviewer (as an example) changes the following surreptitiously (the following are just random observations and are not an exhaustive list of the dangers), so

2.

• Teamviewer surreptitiously changes internet firewall settings to allow Teamviewer to get through.
• Teamviewer puts itself in the W10 automatic Start-Up list by default
• Teamviewer appears not to use built in W10 remote assistance settings. Mine are still turned off yet I can access my laptop using my iPhone now (using the free iOS app) and watch myself typing this real-time on my iPhone.
• Using my iPhone I can go anywhere now in the PC, including into windows admin settings, and I think I might even be able to access the computer when it is unattended?
• I don't think I need see much more. Teamviewer is a bloody dangerous App to install on your W10 machine if you have installed it in good faith and handed over the Teamviewer ID and password. As I said earlier, I think I would only do that if I was married to the person I handed control to, or at least I would ensure they had bound themselves to acting in my official capacity by a proper registration with the Office of the Public Guardian (i.e. via LPAs).
• I have a feeling that if Teamviewer account is set up using email, then it becomes even more dangerous. Anyone care to comment (sensibly please)?

Oh, and
3. (also for almillar) - there is no RDS in W10 Home Edition. So what are you referring to exactly? Hidden potential exploits that come built-in to all current versions of W10?

almillar

Surely you can accept something along those lines?

I paraphrased you as saying 'people can no longer learn'.

You feel misquoted, and really meant 'people are no longer motivated to learn'. If that difference is important to you, then sure. But they still get scammed via your wonderful warning.

I consider that the proportion of potential victims who might "click through" an overt and well designed warning and temporary block by their antivirus / firewall software would be statistically and noticeably less than currently where no warnings appear

We fundamentally differ here (and more people agree with me, if you recognise that - think of it as 'peer review' rather than 'ganging up'). We can't prove either way. No point in pursuing this.

and also obviously less than your undefined 'let someone else do it' "education" alternative.

No, let 'everyone' do it. I happily help people online and offline all the time. I do my bit. I can't go into everyone's homes and tell them not to talk to idiots on the phone. Maybe I should just go through the phone book and call everyone to tell them? Would they talk to me?!!

Yes I know what I am thinking of and finally you begin to grasp the concept of TIME and additional hurdles in order to slow a scammer down and also that same time and those same hurdles increase the chances of the victim becoming very suspicious BEFORE it is 'game over'

What a joke. You're welcome, BTW. I'm fully aware of the concept of TIME. Overcoming firewall settings VIA DIRECTING THE USER (the RDS doesn't work yet, remember!) will take TIME. Your warning can be clicked through, like all the other ones (you still haven't answered that!) in less than a second. No hurdle. And all the layers you speak of just make it more difficult to use the software for its legitimate purposes.
Is there no point at which any computer user has to take responsibility for their own actions?

It is the same pop up as applies for any install and it is so regular that it is useless as a warning to anyone other than an initiated person who might try installing something as a test to see just what exactly has been changed - and Teamviewer (as an example) changes the following surreptitiously (the following are just random observations and are not an exhaustive list of the dangers), so

Read the message. Sure it might be routine to some, but to these uninitiated users, it should NOT be routine, it SHOULD be scary, and they SHOULD read it.

Plenty of software is dangerous, and comes with warnings.

Your question about RDS in W10 Home isn't really relevant, your whole post is about being warned about these softwares being installed.

peterbaker

almillar wrote: »

I paraphrased you as saying 'people can no longer learn'.

You feel misquoted, and really meant 'people are no longer motivated to learn'. If that difference is important to you, then sure. But they still get scammed via your wonderful warning.

Well it is important in the sense that it is the unfortunate logical response to your suggestion that education is the prime answer to the overall problem when you make no suggestion as to how it is done or who actually will do it or ensure it. Your suggestion is a bit like government or MetOffice warnings of cold snaps and heatwaves where they implore other people to look in on the vulnerable, is it not?

We fundamentally differ here (and more people agree with me, if you recognise that - think of it as 'peer review' rather than 'ganging up'). We can't prove either way. No point in pursuing this.

I am afraid I do not automatically consider those who respond in these forums as "peers". They may be your peers, but whether their knowledge exceeds mine in certain areas or not, they do not respond in ways I would expect from my peers.

No, let 'everyone' do it. I happily help people online and offline all the time. I do my bit. I can't go into everyone's homes and tell them not to talk to idiots on the phone.

Those making the calls are far from being idiots. They are often exceedingly clever confidence tricksters. Those on the receiving end are not idiots either. There does not have to be any idiot in the equation at all. That is why I am still here - highlighting a very dangerous risk.

Maybe I should just go through the phone book and call everyone to tell them? Would they talk to me?!!

Try it if you are up for a challenge and a bit of rudimentary research. I have spent long hours cold-calling in my own dim-distant past, but would not attempt it now given the laws that might now control such activity. I learned very early on that a degree of what AndyPix might call "social engineering", and what I then called little white lies smoothed the way to getting access to prospects who might otherwise so "No thanks" before I got to first base. The sort of white lie I used was "You may have seen the brochures that my company recently sent out to all the Financial Directors in your industry sector." I knew exactly who had been sent such brochures and who had not and I had learned from earlier calls that the answer to that question was more likely to be Yes than No, and irrespective of whether one of our brochures had crossed the desk and/or gone i their bin or had never been sent or received.

So I quickly learned to save my company money both on the expensive mailshots, and on my time because I could usefully still use office spare time on cold calls where previously I would think to myself "I can't call that particular group because I haven't mailshotted them yet!!" , and I am talking about one way I upped my calls made to appointment conversion rates. I am talking about decades ago I hasten to add. I don't doubt, but I wonder if others do doubt, that the scammers learn something new about their own MO in every call they make, which if it works better than before, gets added to their technique for the next call. I am sure that especially will include variations to spiels they use to distract victims when they are actually opening and closing windows and hiding live attack processes in the background as quickly as possible on the victim's computer. Many ordinary Windows users scarcely understand the whole point of the main benefit of "windows" at all, let alone that you can deliberately open multiple tabs in browsers and detach and minimise selected individual browser tabs in fractions of a second

What a joke. You're welcome, BTW. I'm fully aware of the concept of TIME.

Good. I am just reminding you of the pre-existence of your own logic.

Your warning can be clicked through, like all the other ones (you still haven't answered that!) in less than a second.

Hold on - that isn't the type of warning and block I have worked hard to describe as desirable.

No hurdle. And all the layers you speak of just make it more difficult to use the software for its legitimate purposes.

Again you acknowledge that warnings of the type I have communicated (and which you obviously DO understand) slow down all comers including scammers and legitimate users of remote control softwares.

Is there no point at which any computer user has to take responsibility for their own actions?

How can they when they are made vulnerable in so many complex and unseen ways by the standard Operating Systems, standard Anti-virus/Firewall/Internet Protection and Apps they are encouraged to use?

Do you remember when installed Apps (we called them programs then!) used to affix themselves to your computer and were almost impossible to uninstall cleanly unless you were a guru and knew all the dark corners in Windows where you'd find shrapnel from unwanted supposedly already uninstalled apps, or those apps you wanted to uninstall but just had no idea where to start because they didn't seem to respond to the standard Windows Control Panel Programs/Uninstall feature or simply weren't in the list? That all changed by general software industry consensus did it not? Broadly no genuine App gets distributed now unless it has a very slick Uninstall routine with it to get rid of it as fast and as cleanly as it was installed.

Well now we need an industry wide decree that no App which is known to facilitate eBanking fraud can be distributed or installed without the OS manufacturer, the App manufacturer and the Antivirus Manufacturer all being aware of it and what it does, and all three building in specific and robust blocks and warnings. Else all three parts of the industry should treat the remote control apps as potential malware. Sure it adds costs to software development and accreditation, but the alternative is what we have now where all the costs of not doig the job responsibly fall squarely on the shoulders of the "idiot" victims as many would have them categorised.

I mean Microsoft themselves deserve a kicking over what I have discovered about Teamviewer today. They publish support articles which imply that turning off remote assistance/remote control in W10 will stop remote control softwares being used. That is the most awful joke! Those settings appear meaningless with Teamviewer, for example.

In the days of Windows NT, we started seeing warnings that Microsoft did not approve certain softwares as compatible with their OS. Did we really wish to proceed to install? That implies some kind of testing had occurred which satisfied Microsoft (or not). Those kinds of messages disappeared in later Windows OS versions. I have a licensed version of an FTP program I can still use on W10 to edit websites hosted elsewhere (another rudimentary remote control program if you like). I obtained it when Windows95 was my OS! The next few versions of Windows recognised it as old and warned me, but it still worked. Windows no longer bothers to warn me when I install it on W10. But my point is, it could, and it most definitely should!

That kind of formal Microsoft partner registration is probably becoming far more necessary now that computers have become so powerful i.e. as the way things stand, with no sleeping policemen in the street, really serious financial hit and run damage can be done to unsuspecting ordinary users in seconds, not minutes or hours.

Oh and Teamviewer's and Connectwise's use of the word "partner" is also a dangerous practice lending credibility to anyone who wants to persuade you to give them access: "Here let me give you my trusted Teamviewer Partner ID and you just give me your ID and the unique Teamviewer password on your screen and we'll soon be able to sort you out ... "