Screenconnect, Connectwise, Logmein Rescue, Teamviewer11, ShowMyPC, Microsoft Registartion Files

peterbaker

indesisiv wrote: »

Hang on a min I am a bit confused here. You want to have a warning for any program that you have installed yourself? Because the scammers certainly haven't installed the program.
Why not just not click on random links and install things that you don't know.
Personally I use teamviewer quite a lot to access my home PC from my mobile. I certainly wouldn't want this process interrupting by having to go home and then click something to allow the connection, what would be the point of that!

You have no idea who installed the remote control program, but you wish to assert that the scammers certainly haven't installed the program????

Interesting, but seriously naive in the realms of Microsoft Tech Support Scam discussions where we already the history of a hidden crescendo of combined different branded softwares remote control attacks all built upon a little innocent looking ShowMyPC outing near the beginning of the call, don't you think?

Never mind Teamviewer (but let's have a warning in antivirus please at least as strong as an adware warning) - that was just the second most innocent software used in the chain. Anyone know what you can really do with Connectwise/ScreenConnect Premium? I have never before used these softwares in my life even though I have helped a lot of people with their home PCs over the years. The fact that some of you do, "for helping friends" makes me wonder what sort of disclosure and acceptance you need you make at the point you persuade them you should be allowed to do that? Personally I think I might almost need to be married to someone before I let them have that sort of access! And the level of trust you are asking them to give you may be very much akin to asking them to make you an attorney under both Financial Affairs and Welfare LPA!

Seriously, if something bad happens, vulnerable friends may be forgiven for even wondering if their friend the computer person ought to be on the list of suspects!

That is how stressed vulnerable minds can often think - paranoia is a known feature of dementia I believe. I am not concerned about the doubting of the person that gives the help and the fallout from that, but the extra worry of the victim who maybe awake at night thinking "so can I trust no-one - not even my friend perhaps?" Do I know how Teamviewer really works? Can he or she do things in my computer without me knowing? Has my friend installed anything else?

Again, please do not take this as any denigration of anyone's good intent - it is just another angle that perhaps many don't think of.

I have spent best part of two weeks trying to manage the feeling of well-being of a elderly fraud victim. The worry goes up and down with every turn of events in "the process".

My friend is blissfully unaware of the extent of takeover of her PC she suffered. She now knows remote control software was involved, but she isn't even aware of SMS's received while she was on the call or what they were. She has an ancient non-smartphone and can scarcely go back and find who just called let alone open an SMS from a strange outfit and understand what it is or if she has to do anything.

I have purposely not investigated every piece of hard evidence on the trail of the fraudsters - just enough to persuade the bank that I can prove enough of what happened to mean some £8,000 plus total losses are down to them, and most of it is back now, but not without a worrying delay.

I purposely have not investigated every line of the trail because I would need to involve the victim in receiving new verification SMS's etc. so I could hack back further into false accounts. And there is the risk of the hackers knowing I have done a bit of DIY hackback and them calling her again and saying we know not what, do we? I know Bank fraud departments get harassed constantly by fraudsters on the phone who tease the bank to try and track them.

Instead I have managed to lock down the worst remote control software account that was still being used days after the initial fraud was reported and advised them very strongly not to quarantine all the session data etc in it, and not to reactivate it under any circumstances other than that countenanced by police.

I saw how damaging it was on my own screen when I found myself looking at personal data through that account belonging to no less than ten strangers' PC's including one that was online live!

After I hacked into it, using simple SMS forgotten password verification same as I hacked into the false GMail account, both got hacked back hours later but still I had a new session open on my PC with the latest four victims replacing the six historical ones I had seen the day before including the one live one on the second day.

At that point I banged the drum very hard indeed at the software company. They finally got the message after two attempts. They had succumbed to the hack back.

I am sorry to say the methods I have learned in just the past two weeks that these scammers use are way beyond the understanding of anyone with just a binary view on the real risk (i.e. installs need the victim to install therefore it is not the scammers)

If you could see what I have seen, you might begin to understand why I am banging the drum here so loudly.

Of course I understand my views are contentious, but I strongly believe this to be a very very important subject in an ageing society.

EssexExile

peterbaker wrote: »

Of course I understand my views are contentious, but I strongly believe this to be a very very important subject in an ageing society.

You really do have it in for us old people!

agrinnall

AndyPix wrote: »

What a silly thread !!


Of course AV suites dont flag these programs because they are completely legitimate tools..


By your reasoning then surely AV programs should flag browsers as being dangerous too, because they are the most common infection vector ..


Bizzare is an understatement

I can only assume that the OP has relatively recetly been scammed and is now on a one man mission to rid the world of online fraud by starting many, many such threads, all equally peculiar, in various places on MSE. He's only not gone on my Ignore list yet because of the entertainment value, but it's getting closer to that point all the time, especially as he seems intent on insulting more groups with every post.

AndyPix

peterbaker wrote: »

Drivel.

Long and short of it .. Remote tools are just that - tools ..


If you have been "tricked" into installing one, then by that point you are doomed anyway because the scammers could have tricked you into installing anything .. RAT's , adware, mining software, anything ..


Your point and whole arguement is moot and you are scaring naive people unnecessarily


stop

onomatopoeia99

peterbaker wrote: »

Never mind Teamviewer (but let's have a warning in antivirus please at least as strong as an adware warning) - that was just the second most innocent software used in the chain. Anyone know what you can really do with Connectwise/ScreenConnect Premium? I have never before used these softwares in my life even though I have helped a lot of people with their home PCs over the years. The fact that some of you do, "for helping friends" makes me wonder what sort of disclosure and acceptance you need you make at the point you persuade them you should be allowed to do that? Personally I think I might almost need to be married to someone before I let them have that sort of access! And the level of trust you are asking them to give you may be very much akin to asking them to make you an attorney under both Financial Affairs and Welfare LPA!

I installed Teamviewer on my mother's computer because trying to give her technical support on the telephone as she describes all of the largely irrelevant the contents of the screen is an exercise in frustration. Despite using PCs for 20 years she does not understand any of the terminology and I get phraseology from the era of the comptometer . With teamviewer I can usually get a problem sorted in under a minute that would take forever on the telephone.

For me to gain access to take over her computer she has to start the teamviewer software then needs to tell me two long numbers over the telephone, one is an identifier for her machine and the other is effectively a one time password that allows me access for that session only. It is not a simple matter of installing the software and anyone can take over.

The last thing I need is her telling me that she can't use it because the computer says it's dangerous.

GunJack

peterbaker wrote: »

You have no idea who installed the remote control program, but you wish to assert that the scammers certainly haven't installed the program????

Interesting, but seriously naive in the realms of Microsoft Tech Support Scam discussions where we already the history of a hidden crescendo of combined different branded softwares remote control attacks all built upon a little innocent looking ShowMyPC outing near the beginning of the call, don't you think?

Never mind Teamviewer (but let's have a warning in antivirus please at least as strong as an adware warning) - that was just the second most innocent software used in the chain. Anyone know what you can really do with Connectwise/ScreenConnect Premium? I have never before used these softwares in my life even though I have helped a lot of people with their home PCs over the years. The fact that some of you do, "for helping friends" makes me wonder what sort of disclosure and acceptance you need you make at the point you persuade them you should be allowed to do that? Personally I think I might almost need to be married to someone before I let them have that sort of access! And the level of trust you are asking them to give you may be very much akin to asking them to make you an attorney under both Financial Affairs and Welfare LPA!

Seriously, if something bad happens, vulnerable friends may be forgiven for even wondering if their friend the computer person ought to be on the list of suspects!

That is how stressed vulnerable minds can often think - paranoia is a known feature of dementia I believe. I am not concerned about the doubting of the person that gives the help and the fallout from that, but the extra worry of the victim who maybe awake at night thinking "so can I trust no-one - not even my friend perhaps?" Do I know how Teamviewer really works? Can he or she do things in my computer without me knowing? Has my friend installed anything else?

Again, please do not take this as any denigration of anyone's good intent - it is just another angle that perhaps many don't think of.

I have spent best part of two weeks trying to manage the feeling of well-being of a elderly fraud victim. The worry goes up and down with every turn of events in "the process".

My friend is blissfully unaware of the extent of takeover of her PC she suffered. She now knows remote control software was involved, but she isn't even aware of SMS's received while she was on the call or what they were. She has an ancient non-smartphone and can scarcely go back and find who just called let alone open an SMS from a strange outfit and understand what it is or if she has to do anything.

I have purposely not investigated every piece of hard evidence on the trail of the fraudsters - just enough to persuade the bank that I can prove enough of what happened to mean some £8,000 plus total losses are down to them, and most of it is back now, but not without a worrying delay.

I purposely have not investigated every line of the trail because I would need to involve the victim in receiving new verification SMS's etc. so I could hack back further into false accounts. And there is the risk of the hackers knowing I have done a bit of DIY hackback and them calling her again and saying we know not what, do we? I know Bank fraud departments get harassed constantly by fraudsters on the phone who tease the bank to try and track them.

Instead I have managed to lock down the worst remote control software account that was still being used days after the initial fraud was reported and advised them very strongly not to quarantine all the session data etc in it, and not to reactivate it under any circumstances other than that countenanced by police.

I saw how damaging it was on my own screen when I found myself looking at personal data through that account belonging to no less than ten strangers' PC's including one that was online live!

After I hacked into it, using simple SMS forgotten password verification same as I hacked into the false GMail account, both got hacked back hours later but still I had a new session open on my PC with the latest four victims replacing the six historical ones I had seen the day before including the one live one on the second day.

At that point I banged the drum very hard indeed at the software company. They finally got the message after two attempts. They had succumbed to the hack back.

I am sorry to say the methods I have learned in just the past two weeks that these scammers use are way beyond the understanding of anyone with just a binary view on the real risk (i.e. installs need the victim to install therefore it is not the scammers)

If you could see what I have seen, you might begin to understand why I am banging the drum here so loudly.

Of course I understand my views are contentious, but I strongly believe this to be a very very important subject in an ageing society.

This is a classic case of PICNIC - Problem In Chair, Not In Computer. Your friend followed what they'd been told to do by some random person, not by any bit of software.

Also, you couldn't have been a very good friend if you hadn't explained how these scams operate, and keep checking your vunerable friend was ok and ignoring this $h1t.

Trying to blame legitimate, useful software for this situation is completely ridiculous.....

indesisiv

peterbaker wrote: »

I have never before used these softwares in my life even though I have helped a lot of people with their home PCs over the years. The fact that some of you do, "for helping friends" makes me wonder what sort of disclosure and acceptance you need you make at the point you persuade them you should be allowed to do that? Personally I think I might almost need to be married to someone before I let them have that sort of access! And the level of trust you are asking them to give you may be very much akin to asking them to make you an attorney under both Financial Affairs and Welfare LPA!

Seriously? Where is the difference between remoting into someones computer or them giving you their computer with their password so you can fix it?
How have you ever managed to help people without having access to their computer?

The fact of the matter is you are railing against something that is not the issue. The person installed a program (This could have been any back door program to do anything) that in this instance was a tool that allowed other people to use their computer. The warning around programs doesn't need to exist, the education needs improving so that people do not allow scammers to ring them up and then grant them access to their computer. You wouldn't let someone in that knocks on your door and says I just need to install a program on your computer so clearly the person scammed needs educating not to install random things someone who has cold called them tells them to.
I can tell you now that my elderly parents wouldn't install something so please don't insult the elderly.

RumRat

....

almillar

You have no idea who installed the remote control program, but you wish to assert that the scammers certainly haven't installed the program????

This seems to be the source of your confusion. Scammers can't install it. You have to. They'll try to trick you into doing it, maybe, but they can't do it.

If you could see what I have seen, you might begin to understand why I am banging the drum here so loudly.

I don't doubt that it's traumatic for a user, but you're banging the wrong drum, very loudly, and shouting down anyone that tries to tell you so.

peterbaker

almillar wrote: »

This seems to be the source of your confusion. Scammers can't install it. You have to. They'll try to trick you into doing it, maybe, but they can't do it.

You are splitting hairs. Most users know that their Windows PCs suffer constant automatic updates, many of which do not even announce that they have installed.

New applications do not have to be very large - if they are chosen because the install is quick and does not announce itself boldly or give the user any option to choose to continue to install or stop or change the install then the fact anything dodgy has been installed can easily be missed when you believe you are being guided by someone who is genuinely trying to assist.

I don't doubt that it's traumatic for a user, but you're banging the wrong drum, very loudly, and shouting down anyone that tries to tell you so.

I am not banging the wrong drum. It is very clear that the makers of these types of software know their products are used far too easily and surreptitiously by scammers, so they should contain clear warnings when they are being installed.

To argue otherwise because you personally are unlikely to be tricked does no-one any favours. Based on what you assert, the implication might be that your knowledge of the subject makes you more likely to be tricked into inadvertently installing something dodgy than I am.