Announcement

Collapse
No announcement yet.

Take care

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Take care

    I've had a problem with my broadband (being slow) and phoneline crackling.

    I contacteded my Broadband provider and they ran tests on the line. I was told they would run more tests and get back to me.

    We heard nothing for a week until my wife took a call from somebody saying they were looking to sort our problem.

    They said they would ring back the following day when I was home.. Nothing happened.

    This is morning we had a call from an Asian gentleman saying he was ringing to sort our problem.. Not usual we regularly talk to folks in India for banking and most things.

    He ran through a couple of things and I checked them on my PC. He then asked me to run a programm called teamviewer.
    I was starting to get suspicious and asked if this gave him access to my PC, he said no.

    He ran through various things on the PC and told me my Router had been hacked and my network was compromised.
    He ran through a process using the dos prompt and the final line..
    Said something like "Router security setup invalid.. Refund due £200."

    Alarm bells start ringing like mad.

    He he tried to get me to type my bank URL in browser but I refused. At this point the Screen goes blue and expletives appear in chat.

    Take care if you have a problem with your broadband phone line as they seemed to know who my provider was and seemed technically plausible. They talked through the number of IP addresses on my PC.
    I must have been talking to him for an hour in total so you can see they can talk the talk on technical stuff.

    Tonight I tried researching extra router security on a different site and was surprised when a chat opened and I was offered technical assistance.
    I was again asked to make payment which I declined and they left.

    I believe my network may be been compromised and that they are watching and responding to my web activity. PC and laptop now switched off.

    Cancelled all bank cards in case they had accessed this info.. And went to my branch to start the process of reinstating them. At one point while in bank this afternoon phone lines in the bank were down.. My mobile was down.. But I think it was the O2 problem. But very scary all the same.

    All advice welcomed (seriously) and take care if responding to what you think is technical help even if you reported the problem? It seems to me online activity is getting more not less dangerous

    how do I restore my network if icompromised ?
    how can I be sure "remote access" is totally removed ?

    Folks.. Be very very careful.
    Last edited by sliper; 06-12-2018, 10:38 PM.
    If you pay to watch the Premier League on TV.. you are part of the problem !

  • #2
    Thanks for this sliper. I hope one of our intelligent members is able to help (but can you trust them?!)

    It's a bloody minefield. And in these days of internet banking, with electronic access often available to your entire life-savings, this sort of thing is so much more dangerous.

    Comment


    • #3
      Sliper- this is a pretty common route taken by the rather nefarious technological thieves. One of the things they do is say they are refunding you £200 (for a fault) then mirror your screen and make it look as though they have given you £2000 by mistake. They then ask you to give them £1800 back.

      the first step is never believe anyone that says they will give you money back for a fault. Companies are covered in their Ts&Cs as lines fail. It happens. They ramp things up at this time of year as people think great, extra cash for Christmas.

      I was a complaints manager for Talk talk during their massive breach so I've seen every trick in the book. I still work in telecoms now but in the business to business where we don't see it as much.

      They often get you to download an app that allows them to take control over your pc. Never allow anything like that.

      if recommend reporting it to your ISP, contact your bank and change your online banking passwords. I wouldn't worry massively about your cards tbh.

      if you need any more advice drop me a PM and I will help where I can.

      Comment


      • #4
        Also delete team viewer asap. If you need help doing it drop me a PM with your number and I can talk you through it on the phone.

        Comment


        • #5
          Originally posted by Regardless View Post
          Thanks for this sliper. I hope one of our intelligent members is able to help (but can you trust them?!)

          It's a bloody minefield. And in these days of internet banking, with electronic access often available to your entire life-savings, this sort of thing is so much more dangerous.
          We were expecting them to call back and as far as I was concerned that was what the call was about..

          In short you can no longer be certain technical help ringing you back.. Is technical help and Isn't scammers.

          I was completely taken in for awhile because we were expecting a call back. Until the bank url request.

          He got me to download the remote access via the command prompt which meant it wasn't immediately obvious it was a download. Until it appeared in the bottom left corner. Even then I have had technical support request access to resolve a problem with a machine.
          Last edited by sliper; 06-12-2018, 10:53 PM.
          If you pay to watch the Premier League on TV.. you are part of the problem !

          Comment


          • #6
            Sounds like the 'Microsoft technical support' scammers have gone to another level - best of luck sorting that, Slips. Hopefully one of the techies will see this and have some advice.

            EDIT: Looks like Pad is on the case.
            Soup is Good Food

            Life in Sparta, Greece

            Comment


            • #7
              The biggest problem with these groups is they are often housed in the same buildings as the legitimate tech support teams. They literally email the details upstairs to their mates who work for the dodgy companies so they have names, account numbers and knowledge of the faults.

              Comment


              • #8
                Originally posted by paddysr View Post
                The biggest problem with these groups is they are often housed in the same buildings as the legitimate tech support teams. They literally email the details upstairs to their mates who work for the dodgy companies so they have names, account numbers and knowledge of the faults.
                They called us with the Microsoft Technical Support scam a couple of years ago - apart from anything else, the fact that they couldn't speak a word of Greek was a bit of a giveaway!
                Soup is Good Food

                Life in Sparta, Greece

                Comment


                • #9
                  TeamViewer is actually legitimate software, I use it to manage my Dads PC back home but it is a Remote Desktop product so depending what they setup they may still have access.

                  my partners fathers did something similar a couple of years back installing a new PC for her and ended up paying a few hundred quid to them(luckily they got it back) but on searching the new PC I found various things so decided to completely wipe it was the best option

                  first things though in the short term
                  1) uninstall teamviewer
                  2) go to settings > programs and applications (or whatever itís called), sort them by install date and uninstall anything from the last few days
                  3) scan your hard drive for files modified or created in the last 24 hours, some of them may contain info they had put on your PC
                  4) check your browser settings and see if the home pages or settings have been changed from the default
                  5) potentially ring your ISP and get them to reset your router to factory settings and then set it up from scratch again( almost sounds like the ISP is leaking data to people which could be true)

                  unless you gave them bank card or accoun information itís unlikely they will have compromised you but ring action fraud and your banks tomorrow so that if the worst does happen, youíve shown you took steps to prevent any financial loss so hopefully covered by insurers. Again like paddy said, you have my contact details so feel free to send a message if you want to talk or try some other stuff.

                  Comment


                  • #10
                    Originally posted by paddysr View Post
                    The biggest problem with these groups is they are often housed in the same buildings as the legitimate tech support teams. They literally email the details upstairs to their mates who work for the dodgy companies so they have names, account numbers and knowledge of the faults.
                    In the scenario I mentioned above my partners Dad thought heíd been in contact with Microsoft, stupidly the website heíd used had an address embedded in it and when you searched on google maps you got a house on a council estate in Brighton....never did hear if he had his collar felt after this

                    Comment


                    • #11
                      Great to see that advice jake.

                      Is there any danger that, for the few minutes that the scammers had remote access to sliper's computer, that they were somehow zipping around it in the background, gathering data?

                      If sliper finds it difficult to complete the steps you suggest, is there a chance that they have software on there that picks up his keystrokes, and therefore could allow them access to sensitive information / passwords that he's typing in?

                      Comment


                      • #12
                        Originally posted by Regardless View Post
                        Great to see that advice jake.

                        Is there any danger that, for the few minutes that the scammers had remote access to sliper's computer, that they were somehow zipping around it in the background, gathering data?

                        If sliper finds it difficult to complete the steps you suggest, is there a chance that they have software on there that picks up his keystrokes, and therefore could allow them access to sensitive information / passwords that he's typing in?

                        Cant promise anything part from what Iím told and understand as a techie but to install a keylogger they would have had to get sliper to accept and install that on his PC, so they may have but it could only have been after they got on via teamviwer and not before. Potentially they could have taken stuff off via teamviewer but again, may well heís been visible and nothing should contain passwords etc unless you have an obvious file I.e. passwords.txt on your desktop. But thatís what hopefully the checks I mentioned earlier should find if they installed or out anything else on his desktop

                        in these cases it generally seems to be low level fraud in getting a few hundred quid then running, long term there doesnít seem to be any value when there are bigger fish to fry.

                        Still seems strange that people managed to do what was probably the worlds biggest bank robbery online yet most people donít even know about it. These scammers though just care about getting the odd hundred quid out of people and then running before they are found, pretty much akin to a mugging

                        Comment


                        • #13
                          Is it possible they are putting up dummy website pages or able to throw up a chat window ?

                          Ive completely shut down and disconnected my PC and laptop. But I was searching via Google on my laptop (note the first incident involved my desktop) for info on network security and was looking at a webpage next thing a chat window opens offering technical advice.

                          first incident was with my PC and ended with blue screen of death.. So even though they weren't controlling my cursor they seemed to be able to do stuff to my desktop.

                          I've been to the Bank.. And they have stopped everything

                          I am concerned they have access to my home network via control of my router ?

                          Thanks for the advice guys.. feels like I've been fighting off muggers.

                          i had a long call with ISP (I googled their number and phoned them) and they are sending a new router but I am wondering if they actually are technical support as well. At one point the lady asked if I was prepared to pay for a router upgrade.. Not sure who or what is legit at present.

                          I had a customer discuss his scam a year or so back and he said the scammers took over everything.. His phone his internet everything.

                          not been able to login to ISP account all day but believe they are affected by the O2 problems.

                          (Anyway I have a new Brexit analogy.. "Remainers say "take down the barriers and trust the internet.. and Brexiters want to retain and improve their firewalls.")
                          Last edited by sliper; 07-12-2018, 11:08 AM.
                          If you pay to watch the Premier League on TV.. you are part of the problem !

                          Comment


                          • #14
                            Originally posted by sliper View Post
                            Is it possible they are putting up dummy website pages or able to throw up a chat window ?

                            Ive completely shut down and disconnected my PC and laptop. But I was searching via Google on my laptop (note the first incident involved my desktop) for info on network security and was looking at a webpage next thing a chat window opens offering technical advice.

                            first incident was with my PC and ended with blue screen of death.. So even though they weren't controlling my cursor they seemed to be able to do stuff to my desktop.

                            I've been to the Bank.. And they have stopped everything

                            I am concerned they have access to my home network via control of my router ?

                            Thanks for the advice guys.. feels like I've been fighting off muggers.

                            i had a long call with ISP (I googled their number and phoned them) and they are sending a new router but I am wondering if they actually are technical support as well. At one point the lady asked if I was prepared to pay for a router upgrade.. Not sure who or what is legit at present.

                            Unlikely to be able to do anything with your home network, they only really care about your PC/laptop. You can probably rebuild them both in safe mode so you don't need to let them connect to the internet, just depends how confident you are in doing that and whether you have any files on there you wouldn't want to lose. There are a host of fake websites that come up in google search purporting to help with issues so it's likely one of these where it all started. Not sure how the chat window came straight up but maybe that was from a browser window in first instance.

                            If you don't want to rebuild just yet if you can download something like Malware Bits and Bytes on someone elses PC and then take a copy on a USB stick so you can then run it on your systems you might find various stuff you can start clearing off temporarily if you need to access either PC or laptop


                            Originally posted by sliper View Post
                            (Anyway I have a new Brexit analogy.. "Remainers say "take down the barriers and trust the internet.. and Brexiters want to retain and improve their firewalls.")
                            Lets just remember who believed the Asian bloke who had wrote on the side of a bus that you had some internet issues

                            Comment


                            • #15
                              I do know that there are scammers who pose as BT Broadband technical support. Ask them to quote you their EIN (employee identification number - 9 numeric digits) . If they cant or wont, cut them off

                              Comment

                              Working...
                              X