Screenconnect, Connectwise, Logmein Rescue, Teamviewer11, ShowMyPC, Microsoft Registartion Files

peterbaker

By way of an update I have been playing around with Teamviewer to see just how dangerous a standard installation (with no warnings) can be.

I think one poster suggested that the password for each remote control session is unique. Not by default it isn't. If the victims computer is switched on unattended next day or next week then the scammer who used it last week can get back in anytime he or she likes using the same password. And if the scammer is really clever they may be able to configure the TeamViewer App on your computer so they can wake up the computer via Wake on LAN.

Also by default, Teamviewer allows the scammer to use any VPN of their choice to connect (e.g. to anonymise their IP). That is a ridiculous default for non-commercial use of Teamviewer.

There are also tick box options granting full access control to a scammer when the victim is using the Windows logon screen. This can result in the user's password being revealed on any slo-mo playback of recordings at the scammer end which teamviewer also most helpfully provides) after the scammer has been busily remote clicking the "show password" button on the victim's logon screen. The scammer can also stop your mouse and keyboard input at any moment e.g. as soon as you have completed password input thus preventing you from moving past the Windows logon screen or from deleting the passowrd you kindly just put in the box for the scammer.

On some victims machines, but not all, because Teamviewer developers are accused of being slow to respond to bug-fixing and continue to issue software with known bugs, it is possible for a scammer to both disable the victim's input AND make the victim's screen go blank. Teamviewer appear to have little intention of fixing their unsigned PnP Monitor driver which enables screen-blanking or otherwise messes up your Windows installation until you remove the driver.

But if yours is a machine that allows the driver to install seamlessly, just think what might then be going on behind the blank screen when you just think the computer has frozen or just gone slow at logon? :eek:

Teamviewer allows an immediate remote reboot of the victim's machine without needing to move the mouse across the victim's screen or indeed do anything that is visible for more than the time it takes for the scammer to click ok on the victim's screen save for the reboot itself.

They can do all this from an anonymous mobile phone which they could easily afford to bin moments after they manage to take you for thousands of pounds in one session.

I honestly cannot understand why so many posters have repeatedly piled in to this thread to deny that remote control softwares like this are a problem. As far as Microsoft Tech Support Scams are concerned, I easily conclude now that softwares like Teamviewer really ARE the problem.

Do we even dare wonder if any of the naysayers on MSE might actually be organised criminals? :eek:

AndyPix

The OP's inability to grasp a basic premis is mindblowing .


OP, throwing loads and loads of words at something you only partially understand does not make you right.


For anyone else reading this thread in future I will boil it down to the only information that is relevent .
Here goes ..




If somebody calls you - and starts to direct you to install something on your computer - It is 100% definitely a scam . Stop here and hang up the phone


Teamviewer is a legitimate tool and is used for controlling your computer. But it is just that, a tool, the whole point is that you should not - under any circumstances, install any software atall - whatever its nature - on the back of a cold call


It cannot install its'self - you have to install it . So rather than need warnings, or think "should i install that what he is telling me to" the answer is always always a resounding NO


You will most likely find a very very long post by the OP below this one , with lots and lots of words. But dont let that muddy the waters for you , he is talking drivel .
What you need to take away from all of this is written in bold above

peterbaker

AndyPix wrote: »

The OP's inability to grasp a basic premis is mindblowing .


OP, throwing loads and loads of words at something you only partially understand does not make you right.

I don't profess to totally understand anything, but I do have a knack of judging what is in the ordinary persons interest and what is not, and it often upsets those whose gainful employment or some other agenda is dependent on looking the other way.

You only partially understand the risks of these softwares too, AndyPix, and worse still, you do not have much understanding of any computer user's mind which IS NOT stuffed full of what your mind contains - that much is extremely clear.

TeamViewer is a disgracefully dangerous piece of software to be out there with no warnings. I have now used it, and I judge it to be a telephone scammer's wet dream, if not yours.

AndyPix

peterbaker wrote: »

I don't profess to totally understand anything, but I do have a knack of judging what is in the ordinary persons interest and what is not, and it often upsets those whose gainful employment or some other agenda is dependent on looking the other way..

Your little bit of knowledge on this is actually doing you a disservice - If you understood it all fully, you would see how daft you are sounding

peterbaker wrote: »

You only partially understand the risks of these softwares too, AndyPix, and worse still, you do not have much understanding of any computer user's mind which IS NOT stuffed full of what your mind contains - that much is extremely clear..

How wrong you are here is just flabberghasting me - It is my job to understand this stuff , I know it inside out and upside down . I have been researching it (cybercrime) , and its affects on victims for a very very long time
This is not my first rodeo - whereas it is yours , listen to experience and you may learn

peterbaker wrote: »

TeamViewer is a disgracefully dangerous piece of software to be out there with no warnings. I have now used it, and I judge it to be a telephone scammer's wet dream, if not yours.

Only in the same way that an axe is a very very dangerous tool . And is an axe murderers wet dream.
But dont you understand, we cannot warn everyone about everything. Your arguement, as has been said to you time and time again, is stupid.
By your logic, perhaps it would be best to have a massive red flashing warning when connecting to the internet . "BY USING THIS YOU COULD FALL VICTIM TO A SCAMMER"


mind=boggled

AndyPix

Another analogy - The "Nigerian prince" 419 scam ..


By your logic every email program should start with a warning about how this could be used to scam you ..


Are you starting to get it yet, or do you need more examples ?

wongataa

AndyPix wrote: »

Another analogy - The "Nigerian prince" 419 scam ..


By your logic every email program should start with a warning about how this could be used to scam you ..


Are you starting to get it yet, or do you need more examples ?

In the case of the 419 scam you would also need massive warnings from your postman about every letter they deliver as this scam can be carried out over the regular mail service!


How would the warnings be delivered about dodgy people who knock at your door and try to scam you into buying things that will cost way over the odds/you don't need/sell you dodgy services? Do doors need warnings stating that callers may be unsavoury and scam you out of your money?


Phones need huge warnings too as people are regularly scammed out of their money by cold callers who don't need them to go near a computer.

peterbaker

AndyPix wrote: »

Another analogy - The "Nigerian prince" 419 scam ..


By your logic every email program should start with a warning about how this could be used to scam you ..


Are you starting to get it yet, or do you need more examples ?

I get that you are not very public-spirited, AndyPix.

Put your experienced cybercrime hat on and answer these questions for us please based on functionality provided far too easily within TeamViewer:

• What is the purpose of being able to restart a remote computer at the will of the scammer/technical support person? Balance your argument in each case.
  
• What is the purpose of being able to operate the remote computer whilst it is unattended if you are a scammer/technical support person? Balance your argument in each case.
  
• What is the purpose of being able to instantly lock the remote user's keyboard and mouse inputs at any point including during Windows Logon?
• What is the purpose of being able to stop the remote user from clicking Enter after they have entered their Windows password when you have remote rebooted their computer ? And what is the purpose of then being able to reveal that password on the scammer/tech support persons computer? Again please balance the pros and cons in each case.
• What is the purpose of the scammer/tech support person being allowed to reconnect ooutomatically and seamessly to the remote computer even after the connection has dropped and the TeamViewer remote computer password has been changed and even when the (victim's/support needy user's) remote computer has changed its VPN location?
  
• What is the purpose of being able to instantaneously blank the remote users screen (to black)?
• What is the purpose of the scammer/tech support person being able to operate the remote user's webcam? Balance your argument in each case please.

Call it a risk assessment if you like. You do know everything about those too?

Of course I know that millions of corporate computers and other corporate devices including smartphones are managed by corporate IT departments worldwide by such softwares. Of course I also know that if my message in preference to yours begins to seep through to some of the corporate users or to those home users who use a local small business for tech support, it'll cause tech support units to have to answer what you would call bloody silly user questions I expect.

The fact however is, that this software can end up on the computers of people who are not idiots, and once it is there and they do not realise the enormous breadth of functionality of it, yes I do now agree that it is almost your "game over" scenario unless they instantly hard kill the power to their PC and the power to their router.

That's even before they hang up the phone! If the victim has suddenly realised what has happened, it might be better to stay on the line a moment or two longer to hear the confirmatory "What's happened - I've lost the connection?" from the scammer.

onomatopoeia99

peterbaker wrote: »

You only partially understand the risks of these softwares too, AndyPix, and worse still, you do not have much understanding of any computer user's mind which IS NOT stuffed full of what your mind contains - that much is extremely clear.

You're wrong. It's clear AndyPix does understand the software involved, and you make a fallacious assumption that people that work with computers and are familiar with this sort of software only ever talk to other people that are the same. This is simply not true.

I'm another that is fully conversant with remote access software like TeamViewer, I work in software security over the full product lifecycle and am all in all pretty bleedin' nerdy. Many of my friends are not. My parents are not, they are in their 80s and have no idea about computers other than a bit of surfing, email and Word. I know very well how their mind works from the number of times I've had to talk them through fixing problems on their computers.

The main thing I've impressed on them is not to install anything on their computer. Wait for me or my brother to visit and one of us will install anything they need. That keeps them safe from all the scammers out there, despite the fact they have teamviewer on their computer, because I put it there so I could help them without a two hour each way drive.

DCFC79

Im a previous user of Logmein (dont use it anymore as they removed the free option) and Teamviewer (not used it for weeks now), never had a problem with either program, in fact they were useful.

AndyPix

peterbaker wrote: »

I get that you are not very public-spirited, AndyPix..

How very wrong you are - and i struggle to see where you have come up with that assumption

peterbaker wrote: »

Put your experienced cybercrime hat on and answer these questions for us please based on functionality provided far too easily within TeamViewer:..

Ok - will do

peterbaker wrote: »

What is the purpose of being able to restart a remote computer at the will of the scammer/technical support person? Balance your argument in each case.:..

This is because various fixes are multifaceted, and require a restart after each step (editing certain parts of registry for one example) , and the user has often gone to make a brew etc while you are working so asking them each time to perform a reboot just adds labour.
Also, a lot of the time, you may be fixing a machine at a remote location - where no user is present atall eg computers monitoring weather stations for one example.

peterbaker wrote: »

• What is the purpose of being able to operate the remote computer whilst it is unattended if you are a scammer/technical support person? Balance your argument in each case.

See above reasons , Plus the reason that you may be using teamviewer to control your own machine at home - as I and lots of other people regularly do - or vice versa, if i am working from home then no one is at my work PC by definition - but i still want to control it, and the other servers i may be working on

peterbaker wrote: »

• What is the purpose of being able to instantly lock the remote user's keyboard and mouse inputs at any point including during Windows Logon?

I use this quite a lot - because some jobs take time, and the user may forget you are working in the background, especially if they dont see the mouse moving etc - but any input from their mouse or keyboard will hamper what you are trying to do, so it is useful to be able to temporarily disable this ..
Also you always get the users that try to "help" you by moving the mouse to where they think you want it to be - again this is annoying and detracts from the purpose of you being connected in the first place ie to fix their machine

peterbaker wrote: »

• What is the purpose of the scammer/tech support person being allowed to reconnect ooutomatically and seamessly to the remote computer even after the connection has dropped and the TeamViewer remote computer password has been changed and even when the (victim's/support needy user's) remote computer has changed its VPN location?

Its plain by your language that you dont quite understand all this - but i still applaud your motive - just your execution is very bad ..
The answer to this is partly answwered above . If i want to control my home PC from wherever i am, then i am obviously not there to initiate a remote connection. That would deviate from one of the main uses of teamviewer - to facilitate unattended access.
I have servers running with teamviewer all over the country, and my home and office PC's, and probly around 20 "friends and family" who i provide support for (reluctantly lol)
Some are set up for unattended access - others are not - It is a higly configurable and invaluable tool

peterbaker wrote: »

• What is the purpose of being able to instantaneously blank the remote users screen (to black)?

Sometimes you may be entering network paths, admin folder locations, certain commands that you dont want the user to have knowledge of - as is in your case, a little knowledge is a dangerous thing and its best some users arent privvy to this.

peterbaker wrote: »

The fact however is, that this software can end up on the computers of people who are not idiots,

NO NO NO


NO IT CANT - JESUS !! this is the whole crux of the arguement . It can categorically NOT just "end up on there" - the user has to install it themselves


It is powerful software - no doubt - but by the time this is installed for nefarious purposes - the victim has already been scammed ..


Please please say you understand now .. I have answered all your questions thouroughly and succinctly