Beware of PC Remote Access Assistance Scams

Friday, March 11, 2011

Robert Siciliano


Admittedly, I don’t know EVERYTHING about computers. I know enough to break them and enough to fix them most of the time. But, occasionally I need help. 

Generally that help comes in the form of remote assistance from Dell, where I buy all my PCs.

With each PC I get the 3 year Dell warranty, so if something fails they replace or will come in remotely and fix. Just recently, my built in webcam failed.

Little bugger was working just fine, then, nothing.  So I reinstalled the software, rebooted and still no webcam. My fear was the hardware failed so I called Dell.

Dell tech support agents always request the user log into a website and punch a code, and then download a program that allows for them to come in and remotely access my PC to diagnose the issue.

Every time this occurs I watch each move they make so I’m comfortable knowing they aren’t downloading or installing anything not approved to later access my PC. That said, I trust Dell and don’t think they’d do that, but its good security to watch.

The Windsor Star reports:

“Police are warning people about a new scam to hit the area after criminals almost duped a man into handing over remote access to his computer, along with all his personal and financial information. The so-called technician started by telling the man his computer had sent an error message to Microsoft and he was calling to help him rectify the problem. The scammer told him to press 'Windows Key + R' which opens the 'Run' dialogue.”

Fortunately, the intended victim got suspicious and hung up.

In this process, if the victim moved forward, he would have inevitably downloaded a program and installed it on his PC that would have allowed the criminal the ability to come into the persons PC any time he wanted.

Any time anyone emails or calls you with a ruse that your PC needs attention, just hang up or delete the email.

And as for my webcam? Dells tech went into my device manager and uninstalled the cam and went to Dells website and got an updated version of my cams software.

Apparently, an update I did corrupted the cameras software and the version I had was conflicting. I could have figured this out and it might have taken me another 30-90 minutes to do so.

But one quick call to Dell and 10 minutes later it was done. Nice. Not all remote assistance is bad.

Robert Siciliano personal and home security specialist to Home Security Source discussing home security and identity theft on TBS Movie and a Makeover.

Possibly Related Articles:
scams Social Engineering Remote Access PC Computer
Post Rating I Like this!
Steve Golden Dear Robert,
Thx for the info. The same thing happened to my laptop today. The technician remote access my laptop to fix something, and it worked. But, i am a bit worried because how I could trust that technician. Now, I stop using online banking for temporary. What should i do? Can i trust them?
Robert Siciliano Generally, if you are doing business with a known tech, you should be fine, the next step is to uninstall whatever download you did to grant remote access. In the meantime do the basics like run anti-virus, spyware removal and check your Windows task Manager to see whats running in the background. I'm sure there are more savvy techies on the Island that have more advice.
Deep Mohan Known companies like Dell, McAfee & others use GoToAssist tool provided by Citrix Online which is safe and transparent tool, once the Technician is out of your computer or the session is closed there is no way he can get into your computer without your permission & cant retrieve any info from your computer. Moreover he is working in front of you trust me no background activity takes place.

If you still dont feel secured you can uninstall GoToAssist from your computer.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.