Your browser isn't supported
It looks like you're using an old web browser. To get the most out of the site and to ensure guides display correctly, we suggest upgrading your browser now. Download the latest:

Welcome to the MSE Forums

We're home to a fantastic community of MoneySavers but anyone can post. Please exercise caution & report spam, illegal, offensive or libellous posts/messages: click "report" or email forumteam@. Skimlinks & other affiliated links are turned on

Search
  • FIRST POST
    • peterbaker
    • By peterbaker 28th Jul 18, 10:28 AM
    • 2,200Posts
    • 850Thanks
    peterbaker
    Screenconnect, Connectwise, Logmein Rescue, Teamviewer11, ShowMyPC, Microsoft Registartion Files
    • #1
    • 28th Jul 18, 10:28 AM
    Screenconnect, Connectwise, Logmein Rescue, Teamviewer11, ShowMyPC, Microsoft Registartion Files 28th Jul 18 at 10:28 AM
    Anyone seen evidence of Screenconnect, Connectwise, Logmein Rescue, Teamviewer11, ShowMyPC, Microsoft Registartion Files on their PC?

    The main brand antivirus programs seemingly don't report their existence.
Page 3
    • peterbaker
    • By peterbaker 7th Aug 18, 8:42 AM
    • 2,200 Posts
    • 850 Thanks
    peterbaker
    This seems to be the source of your confusion. Scammers can't install it. You have to. They'll try to trick you into doing it, maybe, but they can't do it.
    Originally posted by almillar
    You are splitting hairs. Most users know that their Windows PCs suffer constant automatic updates, many of which do not even announce that they have installed.

    New applications do not have to be very large - if they are chosen because the install is quick and does not announce itself boldly or give the user any option to choose to continue to install or stop or change the install then the fact anything dodgy has been installed can easily be missed when you believe you are being guided by someone who is genuinely trying to assist.

    I don't doubt that it's traumatic for a user, but you're banging the wrong drum, very loudly, and shouting down anyone that tries to tell you so.
    I am not banging the wrong drum. It is very clear that the makers of these types of software know their products are used far too easily and surreptitiously by scammers, so they should contain clear warnings when they are being installed.

    To argue otherwise because you personally are unlikely to be tricked does no-one any favours. Based on what you assert, the implication might be that your knowledge of the subject makes you more likely to be tricked into inadvertently installing something dodgy than I am.
    Last edited by peterbaker; 07-08-2018 at 8:45 AM.
    • AndyPix
    • By AndyPix 7th Aug 18, 8:57 AM
    • 4,053 Posts
    • 3,441 Thanks
    AndyPix
    They are not easily used surreptitiously - It is clear from your words that you do not understand this technology and this is the source of your concern ..


    These tools cannot be installed by anyone except the user in fromt of the screen.


    I say again, if someone has managed to trick you into installing this, and also guided you to accept all the boxes that pop up asking if you want to allow control, then it is game over for you anyway and remote tools are the least of your worries.
    Running with scissors since 1978
    • peterbaker
    • By peterbaker 7th Aug 18, 11:12 AM
    • 2,200 Posts
    • 850 Thanks
    peterbaker
    I understand it well enough to convince a bank fraud department that they had no cause to blame the fraud victim and to reimburse the 8,000 plus lost.

    Does your understanding of the subject go that far? I wonder.
    • peterbaker
    • By peterbaker 7th Aug 18, 11:23 AM
    • 2,200 Posts
    • 850 Thanks
    peterbaker
    They are not easily used surreptitiously - It is clear from your words that you do not understand this technology and this is the source of your concern ..
    Originally posted by AndyPix
    Did I say they were easily used? They were knowledgeably used against a customer who they targeted as being likely to be easily confidence tricked into following instructions like "now just click on the link in the bottom right corner, and then just click OK on any box that pops up after that ..." etc.

    These tools cannot be installed by anyone except the user in fromt of the screen.
    Really? And why then would it be worthwhile for a fraudster to use USD1,080 of defrauded money on upgrading a trial version to PREMIUM? And how might they do that if they already have the other listed remote control softwares up and running? Think harder before you post please. What I describe did happen. What you are asserting is that no-one but a complete fool would suffer the fate of having telephone scammers emptying their bank account using fresh installs of such softwares, which I earnestly suggest is not very helpful given your enormous breadth of digital knowledge under that hood
    Last edited by peterbaker; 07-08-2018 at 11:25 AM.
    • AndyPix
    • By AndyPix 7th Aug 18, 11:27 AM
    • 4,053 Posts
    • 3,441 Thanks
    AndyPix
    I understand it well enough to convince a bank fraud department that they had no cause to blame the fraud victim and to reimburse the 8,000 plus lost.

    Does your understanding of the subject go that far? I wonder.
    Originally posted by peterbaker

    Well I am an IT security consultant, work for a very large well known technology company, and have qualifications in offensive security amongst many others ..


    So yes my understanding on this subject is not lacking ..


    You explaining to the bank that the victim has been defrauded does not show that you understand how remote tools are installed on a system, nor does it have any bearing on wether antivirus syetems should flag remote tools as malicious - which is what this thread is about
    Running with scissors since 1978
    • AndyPix
    • By AndyPix 7th Aug 18, 11:30 AM
    • 4,053 Posts
    • 3,441 Thanks
    AndyPix
    Did I say they were easily used?
    Originally posted by peterbaker

    Yes, before you edited your post


    They were knowledgeably used against a customer who they targeted as being likely to be easily confidence tricked into following instructions like "now just click on the link in the bottom right corner, and then just click OK on any box that pops up after that ..." etc.

    Really? And why then would it be worthwhile for a fraudster to use USD1,080 of defrauded money on upgrading a trial version to PREMIUM? And how might they do that if they already have the other listed remote control softwares up and running? Think harder before you post please. What I describe did happen. What you are asserting is that no-one but a complete fool would suffer the fate of having telephone scammers emptying their bank account using fresh installs of such softwares, which I earnestly suggest is not very helpful given your enormous breadth of digital knowledge under that hood
    Originally posted by peterbaker

    The rest of your post just hammers home that fact that you do not understand what you are complaining about - veiled insults aside


    What you are asserting is that no-one but a complete fool would suffer the fate of having telephone scammers emptying their bank account using fresh installs of such softwares, which I earnestly suggest is not very helpful given your enormous breadth of digital knowledge under that hood
    Originally posted by peterbaker

    Please point out where anyone asserted this .. this is entirely your imagination


    You started the thread complaining that AV suites dont flag remote tools.
    It has been explained to you why this is completely unnecessary.


    No one is talking about fools except you.


    A good analogy is the buying of hammers .. They dont come with a warning that someone may take it out of your hand and kill you with it - do you think they should ??
    Last edited by AndyPix; 07-08-2018 at 11:35 AM.
    Running with scissors since 1978
    • almillar
    • By almillar 7th Aug 18, 1:15 PM
    • 7,664 Posts
    • 3,147 Thanks
    almillar
    You are splitting hairs. Most users know that their Windows PCs suffer constant automatic updates, many of which do not even announce that they have installed.

    New applications do not have to be very large - if they are chosen because the install is quick and does not announce itself boldly or give the user any option to choose to continue to install or stop or change the install then the fact anything dodgy has been installed can easily be missed when you believe you are being guided by someone who is genuinely trying to assist.
    I don't think 'the user has to install, the scammer cannot' is splitting hairs, I think it's actually fundamental to your argument. Anyway, your defence above, is that users shouldn't have to read stuff on their screen whilst installing or updading things. I bet you've had your default search engine changed because you haven't read something properly before. Again, that's your fault.

    It is very clear that the makers of these types of software know their products are used far too easily and surreptitiously by scammers, so they should contain clear warnings when they are being installed.
    Right, so you get your way, the makers alter their software. The scammers remove the warnings. Back to square 1. I reiterate - make users smarter!

    Really? And why then would it be worthwhile for a fraudster to use USD1,080 of defrauded money on upgrading a trial version to PREMIUM?
    You think scammers pay for software.

    (Text removed by MSE Forum Team)
    Last edited by MSE ForumTeam3; 10-08-2018 at 7:26 AM.
    • peterbaker
    • By peterbaker 8th Aug 18, 1:10 AM
    • 2,200 Posts
    • 850 Thanks
    peterbaker
    You think scammers pay for software. You really are deluded.
    Originally posted by almillar
    No you guys are. You need to look up from your ones and zeros occasionally and see beyond what you believe to be the scope of the problems besetting everyday applications of the latest data science, and also besetting the users who barely know their way to their webmail from switching on, and who typically keep their way in to ebanking as Desktop shortcut or a bookmark as they can't find their way in the raw without a little prompting.

    I have the receipt from Connectwise ScreenConnect for $1,080, paid for by a fraudulent transaction during the course of a telephone scam, so because I hold that receipt, and receipts for other transactions made fraudulently in the same attack, does that make me the scammer? Clue: No it doesn't, and it doesn't make the victim the scammer either because she didn't have a clue what software had been installed or used against her, nor that her money had been used to buy the PREMIUM software licence, nor that any software house receipts existed that I could discover - nor do you by the sounds of it.

    Otherwise hold your fire please.

    (Text removed by MSE Forum Team)
    Last edited by MSE ForumTeam3; 10-08-2018 at 7:24 AM.
    • GunJack
    • By GunJack 8th Aug 18, 11:34 AM
    • 10,465 Posts
    • 7,827 Thanks
    GunJack
    I really can't believe this thread is still running...and that peterbaker is STILL not understanding the true nature of the problem...
    ......Gettin' There, Wherever There is......
    • rmg1
    • By rmg1 8th Aug 18, 12:38 PM
    • 2,950 Posts
    • 768 Thanks
    rmg1
    I've been following this thread with some interest as it's something I want to learn more about.

    I haven't been scammed (thankfully) but I'm not as computer-savvy as some (although not a novice by any means).

    Even I know that the user has to download a program and install it (whether by being duped into doing so or deliberately).

    Scammers cannot do anything on your machine without you first giving them access. I have had a couple of calls from "Microsoft" or "my ISP" saying my computer had viruses and they needed access to my machine to sort it out.

    Fortunately, I know enough to ignore these calls as "Microsoft" or "my ISP" is not philanthropic enough to make these calls (or even care what's on my computer if it doesn't cause them issues) but some people wouldn't.

    I agree with previous posters that these sharing tools do not need to come with warnings (as has been said before, scammers would just hack them to remove the warnings) as they are perfectly legitimate. Users need educating to show that people will not phone up, out of the blue, to "help" them with their computer issues.

    If someone has the misfortune to falls for one of these scams, I just hope that their are people available (like on here) to help get them out of the mess they have unwittingly caused themselves.
    Flagellation, necrophilia and bestiality - Am I flogging a dead horse?

    Any posts are my opinion and only that. Please read at your own risk.
    • almillar
    • By almillar 8th Aug 18, 12:57 PM
    • 7,664 Posts
    • 3,147 Thanks
    almillar
    I have the receipt from Connectwise ScreenConnect for $1,080, paid for by a fraudulent transaction during the course of a telephone scam, so because I hold that receipt
    A receipt from a fraudster? Think it might be fake? They got your neighbour to buy software for them?

    Look, you're overthinking all of this on the basis of 1 experience. Someone was on the phone with your neighbour and was able to persuade them to do all sorts of things on their own computer, including installing some remote desktop software. There would have been lots of

    'just click here'
    'close that window'
    'type this in here'
    'just ignore that'.

    Your super duper solution of warning users upon installation would just be another window that can be clicked away, if indeed the scammers don't get rid of it in the dodgy version they install.

    Go find it if you are interested - should be a breeze for those such as your goodselves if applying the latest string search techniques.
    Post anything relevant in this thread, please.
    Please re-read my posts, explaining why your solution simply, won't, work, instead of calling us smart alec know it alls.
    • peterbaker
    • By peterbaker 8th Aug 18, 11:11 PM
    • 2,200 Posts
    • 850 Thanks
    peterbaker
    $1,080 went from my friend's bank account to Connectwise. It is confirmed by the bank. It looks like a standard transaction. The receipt was sent by Connectwise to the fraudulent email account used to open the Connectwise registration account. How do I know? I later hacked into the new Gmail account they had set up for the purpose right at the beginning of the scam call using the victim's personal data and real mobile number.
    'just click here'
    'close that window'
    'type this in here'
    'just ignore that'.

    Your super duper solution of warning users upon installation would just be another window that can be clicked away, if indeed the scammers don't get rid of it in the dodgy version they install.
    Ah, now you seem to be getting to the nub of it ... and we might note that those types of hustled instructions to ignore pop ups etc would only be necessary for the processes that the PREMIUM Remote Control software cannot handle surreptitiously in other windows e.g. perhaps in windows opened on a remote screen masquerading as a hidden second screen on the victims computer? The more that can be done hidden from view via the remote control software, the less likely the victim will be made suspicious.

    I didn't realise I'd called for any super duper warning system, just a basic warning similar to an "Adware - possible Malware Detected" pop up dialog ,,,
    Last edited by peterbaker; 08-08-2018 at 11:32 PM.
    • debitcardmayhem
    • By debitcardmayhem 8th Aug 18, 11:17 PM
    • 8,769 Posts
    • 6,615 Thanks
    debitcardmayhem
    $1,080 went from my friend's bank account to Connectwise. It is confirmed by the bank. It looks like a standard transaction. The receipt was sent by Connectwise to the fraudulent email account used to open the Connectwise registration account. How do I know? I later hacked into the new Gmail account they had set up for the purpose right at the beginning of the scam call using the victim's personal data and real mobile number.
    Originally posted by peterbaker
    They weren't very clever then if they set up a bogus email and then didn't change the details afterwards so that people like you on the case could access it.
    • peterbaker
    • By peterbaker 8th Aug 18, 11:22 PM
    • 2,200 Posts
    • 850 Thanks
    peterbaker
    They weren't very clever then if they set up a bogus email and then didn't change the details afterwards so that people like you on the case could access it.
    Originally posted by debitcardmayhem
    Think a stage further - they were perhaps clever enough to know that they need not clear up after themselves because they couldn't be traced and caught?

    I am led to understand that some of these fraudsters beset bank fraud department telephone lines mocking and goading the investigators into trying to "catch me if you can".
    Last edited by peterbaker; 08-08-2018 at 11:26 PM.
    • RumRat
    • By RumRat 8th Aug 18, 11:42 PM
    • 2,978 Posts
    • 1,776 Thanks
    RumRat
    Still not seeing how any of this is the fault of genuine software.
    Sometimes people just have to hold their hands up and admit they've been a complete idiot.
    Drinking Rum before 10am makes you
    A PIRATE
    Not an Alcoholic...!
    • Tarambor
    • By Tarambor 9th Aug 18, 12:33 AM
    • 3,940 Posts
    • 2,981 Thanks
    Tarambor
    Y It is very clear that the makers of these types of software know their products are used far too easily and surreptitiously by scammers, so they should contain clear warnings when they are being installed.
    Originally posted by peterbaker
    Virtually anything can be used for nefarious means. What's next, only selling tampons to 18 year olds or older with ID and who sign a form to say they've received them because technically its possible to ram one down someone's throat and kill them?

    Maybe you should write to Microsoft, every Linux distro, the entire internet and every computer manufacturer and manufacturer of any device that can communicate over the internet and tell them they need to put warnings on because terrorists use them to communicate.

    That is how stupid and pathetic your argument is.
    • forgotmyname
    • By forgotmyname 9th Aug 18, 2:14 AM
    • 28,184 Posts
    • 11,457 Thanks
    forgotmyname
    Because on a cascading basis and not in the order I gave them, they are the preferred tools of trade of confidence tricksters and they can all be downloaded in the background and the strongest versions purchased using fraudulently set up online registrations from anonymous new email accounts, ALL WHILST THE VICTIM IS DISTRACTED. The victim may have only been persuaded to click on one or two innocuous or helpful-looking links (remember they believe they being are telephone assisted by Microsoft or similar into stopping a hack in progress). The worst of the downloads and the worst of the fraud then occurs behind the screens that are being discussed with the victim if the victim can be kept on the line long enough.

    And how can that be? Well such software will only end up live on your machine by fraudsters who have far too easy non-verified access to such dangerous software and the comparison with Microsoft Word is if you forgive me, a rather naive one.

    I think a better comparison might be to suggest that these softwares in the wrong hands are a bit like a crowbar in the wrong hands. If you see someone other than a craftsman in the street with a crowbar, you report it right?

    If you see a normal non-corporate antivirus customer with these Tech Support Desk type softwares on their machine, you are saying they should not be reported by the antivirus software? Why not? Even simple adware is reported routinely!
    Originally posted by peterbaker
    Why not just ban digital/online/phone banking? That will prevent the scammers from getting payment by electronic means. Ban emails and the internet also. Without the internet all the internet scams will instantly stop.


    What about all those scammers that knock on peoples doors to ask if they can use the toilet, should we all demolish inside toilets to prevent this issue?
    Punctuation, Spelling and Grammar will be used sparingly. Due to rising costs of inflation.

    My contribution to MSE. Other contributions will only be used if they cost me nothing.

    Due to me being a tight git.
    • tempus_fugit
    • By tempus_fugit 9th Aug 18, 7:41 AM
    • 545 Posts
    • 488 Thanks
    tempus_fugit
    Because on a cascading basis and not in the order I gave them, they are the preferred tools of trade of confidence tricksters and they can all be downloaded in the background and the strongest versions purchased using fraudulently set up online registrations from anonymous new email accounts, ALL WHILST THE VICTIM IS DISTRACTED. The victim may have only been persuaded to click on one or two innocuous or helpful-looking links (remember they believe they being are telephone assisted by Microsoft or similar into stopping a hack in progress). The worst of the downloads and the worst of the fraud then occurs behind the screens that are being discussed with the victim if the victim can be kept on the line long enough.
    !
    Originally posted by peterbaker
    This argument is analogous to saying, oh I was distracted for a moment and gave my car keys to an unknown person and they subsequently stole my car, so there should be a warning on the keys to say that if I give the keys to someone else they could use them to unlock and even, get this, drive away with my car.

    What should be happening is that we educate people not to respond to these phone calls, and indeed there are reports of these scams all theme and yet people still get taken in by them, so if we can't educate them to nip things in the bud at the first hurdle then any further warnings are unlikely to have much more effect. In the car example then anyone likely to give away their car keys should not really be in charge of them in the first place, I would say the same analogy applies to those that respond to the phone calls purporting to come from Microsoft. Work that one out if you can.
    Retired at age 56 after having "light bulb moment" due to reading MSE and its forums. Have been converted to the "budget to zero" concept and use YNAB for all monthly budgeting and long term goals.
    • prowla
    • By prowla 9th Aug 18, 7:53 AM
    • 10,108 Posts
    • 8,339 Thanks
    prowla
    I know the "your computer has a virus" scammers try to get you to install a remote access tool, but that does not mean that the tool itself is dodgy.


    How about RDP, SSH, Skype, which allow remote access & desktop sharing?


    Does the camera on a laptop need to be warned about too?
    • AndyPix
    • By AndyPix 9th Aug 18, 9:08 AM
    • 4,053 Posts
    • 3,441 Thanks
    AndyPix
    This thread is bizarre ..


    OP i understand that you are frustrated that your friend has been scammed ..


    Scammers are clever - dont beat yourself up.


    But you are making yourself look silly by the way you only half understand this stuff and are telling techies that apples are oranges ..


    Just give it up - Its daft and your arguements make no sense ..


    I for one am not paying you any more lip service
    Running with scissors since 1978
Welcome to our new Forum!

Our aim is to save you money quickly and easily. We hope you like it!

Forum Team Contact us

Live Stats

1,445Posts Today

6,973Users online

Martin's Twitter