I went on a call to a client’s house over the weekend. His complaint was a common one – “my computer is slow.” I went over to take a look, and as I expected, the slowness was caused by downloading and installing too many background programs. This is stuff he never uses, and doesn’t even realize he’s getting – for example, he had four tool bar add-ons in his browser. The companies putting these things out must know they are crap – why else do they sneak them in? Often, while downloading something you want, there will be a tiny checkbox somewhere, already checked, saying something like “Yes! I want the CrapTastic.com Toolbar so they can drag down my system!” (OK, not quite in those words…)
But even scarier than that – I noted that TeamViewer was installed on the system. That in itself is not an issue – TeamViewer is a very useful program it allows a tech to, with permission, connect to a computer and take control. But my customer is not tech savvy, and has no use for this unless someone had him download it to remote in.
Just as I was about to bring it up, he did – “What’s that ‘TeamViewer’ on my desktop?” I explained what it was for, and asked if anyone had been remotely connecting to his computer. “Oh, yeah, now I remember – Comcast called and had me load that.” He said Comcast had called because they detected problems with his computer and wanted to check it out. So he downloaded and installed the TeamViewer software as the “tech” asked and turned over control of his system (oy!).
Fortunately, he doesn’t do any banking from the computer. But after rummaging around a bit (and I hope he didn’t find anything!), he told my customer that he had “65 viruses” and that Comcast could remove them for him – he just needed to hand over his credit card number to get started.
That set off a warning bell for my client – he said he wasn’t going to hand over his credit card, as if he was really from Comcast, he could just bill the account. He said then he hung up and closed out TeamViewer.
I warned him in the future to never turn over control of his system to anyone he didn’t call first. Comcast does now offer services via remote control, but they will bill your Comcast account, not ask for a credit card. I don’t know if they use TeamViewer or some other tech, but in any case you should never turn your system over to someone who has called you, and you shouldn’t hand out important info like credit card numbers. As the systems themselves get better and better protected, it’s important that we – the human element – stay on guard as well for these type of attacks.
I did check his anti-virus/anti-spyware that I had installed before – it was still working fine, and the history showed no issues (yes, this is a Windows machine). And lest you think this is just done by lone wolves – take a look at this blog post about iYogi and see why you have to be on guard.