Subj : Re: How My Grandmother Lost $18,000 (scam) To : warmfuzzy From : Ogg Date : Tue Sep 10 2024 20:40:00 Hello warmfuzzy! ** On Tuesday 10.09.24 - 17:49, warmfuzzy wrote to All: > How my Grandmother Lost $18,000 CAD > -------- > It wasn't a trojan, or spy ware, or even a physical attack. The attack used > common remote access software used to root her computer. AnyDesk and > TeamViewer were found to be installed and active on her computer. They also > used phishing to pretend that they were the police... That whole story is a sad commentary, indeed. > Things like this are happening more often. As home there is at least one > scam every two weeks, and at times we have had several in one single week. Maybe consider https://jollyrogertelephone.com/ ..and it screen the calls for you. > They somehow route their calls over VOIP (voice of Internet protocol) in > such a way that they can't easily be traced back. ... I think phone companies should take greater responsibility for allowing international calls to come through. And we should be given to ability to block numbers when desired. Bell Canada used to provide *-star numbers in their phone books to achieve exactly that. But since the phone books are nolonger a common thing, the info is gone. If you received a call that you perceived to be harassment or unwanted, you could press something like *88 or something and the last call would be blocked and reported. I think that primarily worked for landline. But now, since many people have cellpone or mobile numbers, there is no single standard for blocking or reporting. > P.S. a take-away from this lesson is that commercial software that is good > (TeamViewr and AnyDesk) can be re-purposed for evil. So on your boxes, > unless you absolutely need remote control software not to have that kind of > thing active. It may be installed, however keep it on a tight leech by > deactivating it when not using it and activating it only while in use. In the not too distant past, I've used Teamviwer to help assist a few people with their machines. Very handy. The remote client didn't even need a Teamviewer account, just a small generic download that would connect to the Teamviewer network, assign an access code, and all the client had to do was tell me over the phone what that code was. But I can see how a scammer might be able to use the same approach and convince their target to do the same thing and gain full access to the client's pc. I personally liked RDP if assisting people with Windows machines. It too had a simple mechanism that someone could use to email me the "access link" and I could then connect to their pc. But ultimately there were some reported security holes in RDP and it was wise to stop using that. Meanwhile, I discovered Tailscale, and that permits me to access my own machines very easily so that I could primarily use VNC to access and control my own remote PCs. .