A friend and colleague posted a picture this morning and I had to steal it. It has too much educational value to not share it. (You know who you are, thank you) One of my driving hobbies is personality reading of people by their bumper stickers. I had not contemplated the potential black hat value of it. Just like any other form of social media, we share too much. There needs to be a cool name for this bumper/back glass social media… is there one yet?
It always takes me by surprise when I hear of friends and acquaintances who have permitted email contacts of phone callers to have remote access to their systems.
We spend a great deal of effort to safeguard our networks and systems. We protect against hackers, malware, etc. but then pay bad actors to log into our systems and give them a master key. Why?!?
The premise is often “Microsoft” or some other well known name has detected an issue with your system. One of the reasons that I have had hopeful scammers use on me was that there was a DNS issue on my computer that they needed to fix. They only wanted $320 (or something close to that) to log in and repair the damages. With the experience that I have, I give them a fun run around. I was surprised to learn that my wife was doing the same thing when they would call her. The best part is that she would play the dumb wife card while doing it. I wish I could do that… We would run them all over the place as they tried to walk us to where we would allow remote access only to have my wife or I tell them that we were not running Windows. My wife would claim we run CentOS, or I would pick an obscure OS of the day. Sometimes it was FORTH, other days it might be FORTRAN, perhaps it was Pascal. I would call them back and burn as much time as I could so that they could not hound on someone less skilled. I have been told that I was no longer allowed to call them. That was fun.
Bottom line, these people are trying to take multiple swings at you. The first swing is to get you to pay them for their “service” then later they would access your system and get whatever information that they could to attempt access to your bank, or other services. They could also install any number of malware packages to your machine to make it a willing slave to their needs at any time of the day.
Do not…. ever grant remote access to your machine unless you are the one initiating it, or if you are working with a known entity such as your employer’s helpdesk.