Screenconnect, Connectwise, Logmein Rescue, Teamviewer11, ShowMyPC, Microsoft Registartion Files

AndyPix

OP is either a very good troll - or unable to process reason ..


I can't decide which it is

peterbaker

RumRat wrote: »

I've held a PPL for some years and not killed anyone, yet.



You are deluded if you think it's getting anywhere.....

You may be deluded if you think a PPL trumps my knowledge. I told you I know a little about a lot. A PPL means you know a little more than some about how to fly a Cessna. Do you have an IR? I think not or you’d probably have said so. Have you ever flown an aircraft that has GPWS ... clearly not from what silly things you said before. Some PPLs are ehm ... lacking. Most CPLs are a cut above.

AndyPix, I am sorry you have been frustrated to the point of slinging the “t” word about now. I wanted you to explain more of the risks of a scammer using those features I questioned.

I’ll be back later to try to answer questions I have been asked.

RumRat

peterbaker wrote: »

You may be deluded if you think a PPL trumps my knowledge. I told you I know a little about a lot. A PPL means you know a little more than some about how to fly a Cessna. Do you have an IR? I think not or you’d probably have said so. Have you ever flown an aircraft that has GPWS ... clearly not from what silly things you said before. Some PPLs are ehm ... lacking. Most CPLs are a cut above.

AndyPix, I am sorry you have been frustrated to the point of slinging the “t” word about now. I wanted you to explain more of the risks of a scammer using those features I questioned.

I’ll be back later to try to answer questions I have been asked.

Sadly, it's obvious you only know a little about anything.
You are the master of the long boring self promotion. I'm guessing no one is interested in my Instrument rating or that I've flown A/C with both GPWS and TAWS. to be honest it's pretty irrelevant to the subject at hand.
It's been explained to you in simple terms why you are wrong. Everyone else understands it, so, it's just you.
I'm sure everyone is quivering with anticipation waiting for you to answer Andy's questions.

dealer_wins

OMG is this thread still live, boooorrrrrrriiiiiiiiiinnnnnnnnnnnnnnnnggggggggggggggg now

peterbaker

RumRat wrote: »

Sadly, it's obvious you only know a little about anything.
You are the master of the long boring self promotion. I'm guessing no one is interested in my Instrument rating or that I've flown A/C with both GPWS and TAWS. to be honest it's pretty irrelevant to the subject at hand.

I think psychologists might call that little excursion somewhat Freudian, and PPL/IRs and CPLs might call you a wannabe, RumRat. You rather gave the game away when you said that CPLs know when to ignore GPWS

So then, been out to dinner and watched a really beautifully shot movie with friends "The Guernsey Literary and Potato Peel Pie Society"There is a classic aircraft in it taking off from a beach, RumRat. No GPWS on that one either I fear, but it has survived more than few decades without those sort of warning devices, so we probably never needed them to be invented, eh?

Time for AnyPix's questions even though he has given me the best answers he reckons:

AndyPix wrote:

Do you think that all email programs should start with a warning that you might get scammed by using them ?

No, not yet, because most antivirus programs and most email server providers do interact with the most common email clients and block the worst that comes through in terms of attachments that contain suspected or known trojans, and likely scams (I had a red "do not open unless very sure" warning just this morning in Thunderbird about a likely scam email although I have a feeling it was just badly put together by the SME that sent it). I actually went a step past the warning because it looked genuine and referred to an organisation I recognised and was sent to an email address I only use for one specific purpose. I did however notify the sender that it had fallen foul of my antivirus which probably was not the news they wanted

However, speculative email attacks are getting to the stage now where something more is needed.

Here is another direct question - please answer it


Another type of fraud , called advanced fee fraud, is prevelent on Ebay.
Do you think that , when starting ebay, there should be a "pull up, pull up" warning there ?

I have been an eBay user for 15 years both as buyer and seller. It is the wild west thesedays. I have had to hammer both PayPal and eBay about their failure to crack down on fraud especially with fakes received when I have demanded return of funds and demanded not to have to return the fakes to circulation (with about 90% success). I was annoyed about the one that got away - eBay insisted I had to return the fakes before I got my money back on that one, and I saw the same fakes for sale by the same seller a few months later. EBay did nothing. Others also complain about eBay's failure to do enough to prevent fraud. Are you saying they do enough, AndyPix?

Here is another direct question - please answer it


Many nefarious websites implement what is called a "drive by attack" using various methods to run a java applet on your computer that in turn , downloads ransomware onto your computer ..


Do you think there should be a warning every time you open internet explorer that using this software could harm your computer ?

Again, if antivirus and internet protection softwares are falling behind the curve with this type of problem, then possibly the browser software houses should start adding in some warnings. Not necessarily at the start of each browser session as I often have twenty browser windows open and some stay open for days as each night I tend to just put the PC in standby and turn off my router. I am not sure vulnerable users do that. I have a feeling the browser softwares may already flag some suspect websites. Again this morning my Opera browser threw up a potential malicious software warning when I visited the website for that suspected Scam email and tried to download the specialist guide in PDF format which they were promoting.

I did not proceed with the download as by then I judged I was taking an unnecessary risk and hadn't the time or inclination to check whether it was a real risk or the likely false alarm I suspected. I am not familiar with exactly how malicious code in PDFs or picture files works because I have never researched it. But again, yes, I do know this type of risk is getting quite bad so additional warnings have probably now become necessary via the browsers, even though AndyPix strangely suggests they are not necessary.

Another direct question - please answer it
Special macros can be created in microsoft word, that when opening a word document, will go away and download ransomware to your computer - these ransomwares are pretty undetectable to antivirus systems as they exhibit no virus like behaviour but ruin lives and cost millions to the public.
Do you think that microsoft word should start with a massive warning about this ?

Yes I was writing quite complex Macros in Word Excel and Access over 20 years ago, all of which interacted - no mean feat then because despite being Microsoft, they each had their own brand of VB coding, and to execute code within one of the three Apps to automate actions in one or both of the two others was quite challenging at times!

The latest editions of these Microsoft softwares do contain some blocks on macros warning that if you don't know where the file came from, best not to allow the Macros to execute. But again, I guess as the problem gets worse much as rmg1 suggests it already has, more and more real-time warnings will be necessary.


I am not a scammer, but I have been in sales. There are similarities when it comes to economy of effort to get the desired result. rmg1 implies he could improve results of his brand of Excel spreadsheet trojan with a ten minute phone call and then bide his time to farm the opportunities that come back to him via the trojan and keyloggers and stuff we may not even have dreamed of, but which we must presume from his contribution rmg1 could use to steal a victim's identity on a grand scale.

One assumes that rmg1 is quite a slick coder, but may not rate his own telephone bedside manner quite so highly. He says he thinks a ten minute call could persuade his victim to open the spreadsheet that Microsoft blocked or "did not open" because it was essentially a macro and not much else, this time executing the macro or VBA code (call it what you prefer), and although I have not coded with such myself, embedded javascript too I believe.

Most people do not realise that you can create applications in Excel and control exactly how it looks or indeed whether it actually does anything visible on screen at all (it does not have to open as a spreadsheet!). That much I know has been possible for over two decades. Goodness knows what can be done with it in 2018 though. It may even be possible to write a full function remote control software App in Excel to emulate a TeamViewer client

However, if your forte as a scammer is a silver tongue, then rather than spend long hours coding a trojan masterpiece, and then deciding how to deliver it and to whom, and who to call up to overcome the blocks, if you are going to call anyway, why not just use some off the shelf remote control software and try your luck with some cold calls on some likely looking targets? E.g. if you have got some lost HMRC data with NINo, I believe it may be possible to guess the age range of the victim from the NINo series?

Or perhaps as organised criminals, you already have dob from somewhere - I know organised crime databases contain my dob, so in a few short years, I expect to start receiving Tech Support Scam phone calls myself. Question is, will I have been educated enough by then to protect myself, or by then will I be totally reliant on PULL UP! PULL UP! PULL UP! warnings ?

RumRat

peterbaker wrote: »

I think psychologists might call that little excursion somewhat Freudian, and PPL/IRs and CPLs might call you a wannabe, RumRat. You rather gave the game away when you said that CPLs know when to ignore GPWS

You've obviously never landed an aircraft as you are obviously ignorant of the procedures.....But hey, that seems to be your normal state.
You can try all you want to deflect....But, at the end of the day, you are still wrong.....

peterbaker

GPWS warnings must never be ignored. However, the pilot's response may be limited to that appropriate for a caution only if the aeroplane is being operated by day in clear visual conditions, and it is immediately obvious to the pilot that the aircraft is in no danger in respect of its configuration, proximity to terrain or current flight path.

So RumRat, PULL UP! PULL UP! PULL UP! or crash and burn. Your choice.

wongataa

peterbaker wrote: »

I have been an eBay user for 15 years both as buyer and seller. It is the wild west thesedays. I have had to hammer both PayPal and eBay about their failure to crack down on fraud especially with fakes received when I have demanded return of funds and demanded not to have to return the fakes to circulation (with about 90% success). I was annoyed about the one that got away - eBay insisted I had to return the fakes before I got my money back on that one, and I saw the same fakes for sale by the same seller a few months later. EBay did nothing. Others also complain about eBay's failure to do enough to prevent fraud. Are you saying they do enough, AndyPix?

Andy implied nothing which is blatantly clear and you have quite obviously not answered his question. What is your answer to the very clear question? Do you have one? You just waffled on and failed to answer a simple question.

peterbaker

Ehm ... not sure I get your gist. I think you are saying AndyPix did not offer his own answers to the eBay question and the others?

Well he did - he posted: "Now my answwers to the above questions would be " no, of course not" - its just crazy - the same as the answer to the question as to wether antivirus should flag up a remote tool.
Because the tools themselves are just tools - it is the way in which they are used which causes harm."

I said eBay are not doing enough to prevent fraud. I think that is blatantly clear (to use your sort of emphasis:p)

So I asked if AndyPix was really telling us that eBay are already doing enough to clean up their act.

If you are asking whether eBay should be made to give a warning to all who login to eBay, then yes it wouldn't be a bad idea if they gave a warning right up front linking to examples of the sorts of fraud they have seen recently, and indeed they have planted a warning on the motors section of their US website, but I don't think it is particularly upfront. It is in their motors/buy/purchase-protection page. It would suggest fraud in USA has got so bad that they have had to offer their Vehicle Protection Plan to give themselves a competitive advantage over CraigsList and other non-eBay websites, but possibly they have not yet offered fraud protection of that sort yet on the UK site?

As an aside, I mentioned my Opera browser giving warnings about links to suspect webpages - the "Learn More" link in that eBay.com webpage throws up a warning in Opera:

"Invalid Certificate
Opera cannot verify the identity of the server "pages.motors.ebay.com", due to a certificate problem. The
server could be trying to trick you. Would you like to continue
to the server?

<Show Certificate> <Continue Anyway> <Cancel>

Google Chrome does it a bit differently:

Your connection is not private
Attackers might be trying to steal your information from pages.motors.ebay.com (for example, passwords, messages, or credit cards). Learn more
NET::ERR_CERT_COMMON_NAME_INVALID

Automatically send some system information and page content to Google to help detect dangerous apps and sites. Privacy policy

Firefox, IE and Edge seem to be oblivious to any certificate problem on pages.motors.ebay.com or maybe Mozilla and Microsoft know best?

wongataa

peterbaker wrote: »

Ehm ... not sure I get your gist. I think you are saying AndyPix did not offer his own answers to the eBay question and the others?

Well he did - he posted: "Now my answwers to the above questions would be " no, of course not" - its just crazy - the same as the answer to the question as to wether antivirus should flag up a remote tool.
Because the tools themselves are just tools - it is the way in which they are used which causes harm."

I said eBay are not doing enough to prevent fraud. I think that is blatantly clear (to use your sort of emphasis:p)

Indeed but that wasn't the question.

peterbaker wrote: »

If you are asking whether eBay should be made to give a warning to all who login to eBay, then yes it wouldn't be a bad idea if they gave a warning right up front linking to examples of the sorts of fraud they have seen recently

That is an answer to the question. Why couldn't you just say that in the first place instead of waffling on about issues with eBay? It is quicker and what was requested in the first place.


As you seem to want all these warnings don't you think that people will just get so used to them they won't read them and just click past them?