Remote Desktop Access- Scammed for Money

Soldato
Joined
18 Oct 2002
Posts
4,655
Location
The Darkside
A guy I know contacted me today regarding how a guy from India phoned him to say his computer is full of viruses. The guy is an aged man so basics of IT is minimal. He asked him how he knew, and the guy on the phone responed by telling him he see's the infections while he browes his computer.

While on the phone, the asian guy had control of his computer like the 'remote desktop' feature and he was opening windows and so forth. My friend hung up and the other guy was still controlling his computer. Being an aged man and not thinking straight at the time, didn't turn off his router or laptop so the guy was playing around for over an hour :eek:

He phoned back and told my friend that he had sorted the computer and demanded £100+ for fixing it. He was told where to go to and hung up the phone again. A minute later he phone back and told him to look at his screen. He did, and the asian guy presented my friends house on google maps and was also presented on screen a list of places I think such as nearby banks for a wired transfer.

To me it was very threatening behaviour especially for an aged man to be told where he lived so pay up.

I have carried out the usual antivirus, spy/malware scans and all is clean. How did this guy gain control over his system when remote assistence wasn't sent etc and my friend never clicked on anything to authorise remote access. Still puzzled about how the guy gained personal information so I was wondering if the guy had gained the information from BT Broadband techical support in India and using it for his conning benefits?

Is there something he could do now or even prevent this from happening again maybe in terms of preventing remote access without authorisation etc?

He currently uses a netgear DG834G router with windows firewall and MSE for antivirus alongside Malwarebytes and spybot.
 
Soldato
Joined
7 May 2009
Posts
3,541
Location
London
Surely that can be reported :confused:

As for stopping an attack like that, never use the internet I suppose? People click stuff, sometimes unintentially, sometimes completely unaware of the consequences. You could try to implement a stricter security policy on the network, something a bit more restrictive in potential access to specific machines than just NAT on a netgear router with windows firewall. Also an updated browser helps to avoid code exploits.

It's worth remembering though that there's no more powerful security feature than common sense and careful browsing.

How he got the information, I suppose the person who suffered the attack probably used his computer for storing stuff like letters? Or perhaps storing data from online transactions? If the attacker had that level of access to his system, job done.

Would be interested to know the OS and state of features (such as account type running, UAC status, whether RD-capable features were enabled before the attack etc). I'm by no means a security expert, but from my very basic knowledge, this would be easier to pull off on, say, windows XP. Also access to an administrator account could go a long way towards the level of access you describe.

I imagine one of the more knowledgable gurus on the forum will give more useful information. Not a pleasant story though, hope things work out ok for your friend. :(
 
Soldato
Joined
30 Jul 2005
Posts
19,359
Location
Midlands
this had to be initiated from the inside, first of all the guy who was attacked was phone called, so that means the attacker had phone number. where did that come from?
being an old man he probably went to a web site and filled in some online bingo and submitted the form with his contact details.

as for the pc jacking, did you see what software was installed on the pc in ad/remove progs ? anything like dameware utils etc?

router nat + even basic windows firewall is enough to fend of even advanced hackers. but this is a trojan job. something got onto his pc and basically phoned home and opened up a doorway for some exploit to be run.

would like to know what OS was used and its status of updates.
 
Associate
Joined
9 Jun 2009
Posts
1,804
Location
London
Well I remember a few years back VNC had a hole where anyone could access the computer without the password.

Also a few years before that dameware had a hole in it.

This is always going to be a problem with the internet and experienced users, either they have unpatched software, or have manage to pick up a trogan / virus or whatever you want to call it giving the attacker complete control over the system. Once you have that it takes no time to be able to control the desktop.

The system has been compromised, backup essential files, scan the hell out of them and reinstall. That is the only way to be 100% safe.

As with this story, it seems a very weird way to scam someone. Normally once they have access to the system they just wait for some bank details, or CC transactions.

Seems far too much hassle for just £100, breaking into the system and "fixing" problems for a slim chance the user will pay up.
 
Caporegime
Joined
18 Oct 2002
Posts
33,392
Location
West Yorks
i'd be doing a backup of data and restoring back to the original manufacturers image to make 100 % sure its clean

with zero knowledge of what this thing looks like you could be taking forever searching when in fact the person on the phone told him to click a link that the elderly gentleman has now forgotten he did.

At least a reformat gives peace of mind.

Well I remember a few years back VNC had a hole where anyone could access the computer without the password.

years back ?

Those versions are still kicking around now. You can do this with VNC 3.
 
Last edited:
Soldato
OP
Joined
18 Oct 2002
Posts
4,655
Location
The Darkside
Cheers for the link, very interesting indeed. The guy is using Vista and it has the latest updates. He was certain he never clicked on a link or go to a website suggested by the caller. The caller would have had access to the computer before the call was made.

I wouldn't be surprised if he filled out information online to provide his details but then I get calls from people trying to sell you stuff and they have your details.

I am going to get a copy of Kaspersky or NOD and stick that on but before I do that, a factory restore might be a good idea.

These dodgy scammers need shot.

Cheers.
 
Associate
Joined
17 Sep 2010
Posts
1,762
I had one of these Indian guys phone me up a few months ago claiming he was from Microsoft and that I had reported problems with my Windows, he was apparently calling me back to help.
I challenged him, I said "funny, you don't sound like and American MS employee, and how are you going to help me with Linux?"
He just slammed the phone down on me. Probably the same scammers trying it on.
 
Soldato
Joined
14 Sep 2006
Posts
3,664
Location
Dorset Apple Cake
There have been many complaints from people about this new scam.

Indian person calls claiming to be from Microsoft advising that their PC has been infected. They ask you to go to a website where virus activity starts on your PC which can include remote access, trojans etc....

The Indian person claims to have fixed your PC and they have your financial details.

There is word that these Indians have managed to gain information on people from call centres etc....

More info here:

http://www.techeye.net/security/microsoft-scam-comes-to-a-phone-near-you
 
Soldato
Joined
16 Dec 2005
Posts
14,443
Location
Manchester
Social Engineering can be bloody scary sometimes. Most computer users wouldn't think twice about some things we at OcUK would have a heart attack over! :eek:

I always remind my parents not to click OK or Yes on anything they aren't expecting. Plus they are smart enough to know any random phone calls aren't likely to be legit.

There should probably be a warning every time someone boots their computer:

Do not download every shiny thing you see on the Internet. Do not agree to pop up windows offering free virus scans. Do not believe anyone who calls you out of the blue concerning your computer's security.

Does anyone know of this type of stuff is taught in schools? I know when I was in school, viruses were never even mentioned.
 
Soldato
Joined
22 Aug 2005
Posts
8,840
Location
Clydebank
Does anyone know of this type of stuff is taught in schools? I know when I was in school, viruses were never even mentioned.

It's called common sense, and critical thinking. These same people are the type that post I've found some mouldy cheese should I eat it type posts, Sadly a lot of people leave their brains at the door when they sit in front of a computer.
 
Soldato
Joined
16 Dec 2005
Posts
14,443
Location
Manchester
You can only employ common sense and critical thinking if you are aware of possible dangers. Which is why I am curious if kids are actively taught that the Internet is not as wonderful as it first seems.

Parents should also be teaching their kids this stuff too! It's too late for the adults in this world :p
 
Associate
Joined
24 Apr 2009
Posts
1,942
Location
Aberdeen, Scotland

mrk

mrk

Man of Honour
Joined
18 Oct 2002
Posts
99,995
Location
South Coast
You can only employ common sense and critical thinking if you are aware of possible dangers. Which is why I am curious if kids are actively taught that the Internet is not as wonderful as it first seems.

Parents should also be teaching their kids this stuff too! It's too late for the adults in this world :p

Making people aware doesn't matter in general, people still foul themselves. I know this from XPerience (hur hur hur) after dealing with repeat customers.
 
Soldato
Joined
4 Sep 2005
Posts
6,803
Location
UK
Some fellow rang me a few months ago (think it was an Indian accent as well) and told me that my computer was "running slow"...I said it wasn't and hung up, the call was over in only a few seconds...
 
Soldato
Joined
16 Dec 2005
Posts
14,443
Location
Manchester
Making people aware doesn't matter in general, people still foul themselves. I know this from XPerience (hur hur hur) after dealing with repeat customers.

Oh I know. I have clients who make the same bloody mistakes over and over. It's why I said telling adults is useless, they never learn! :p
 
Soldato
Joined
16 Jul 2010
Posts
5,882
I had one of these calls a while back, and I soon put them straight, telling them I build my own PCs and I KNOW there's nothing wrong with my computer, and put the phone down.

I'll have some fun with them next time I get a call. I'm going to say my PC is running linux and see what their reaction is. :)
 
Back
Top Bottom