Remote Assistance Thriller: Dial "S" For "Scam" - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Mobile // Mobile Applications
08:51 PM

Remote Assistance Thriller: Dial "S" For "Scam"

A new scam involving remote support software recently surfaced in the United Kingdom. Before you snicker at just how gullible the victims appear to be, ask yourself whether your company's PCs are vulnerable to precisely this sort of attack.

A new scam involving remote support software recently surfaced in the United Kingdom. Before you snicker at just how gullible the victims appear to be, ask yourself whether your company's PCs are vulnerable to precisely this sort of attack.The story appeared just yesterday on a U.K. news site. So far, only a handful of victims are involved, so this story still appears to be flying under the radar on this side of the Atlantic: Computer users are being warned to be on their guard against a cold calling scam that could leave their banks details and PCs open to criminals.

Some victims of the scam have had their bank accounts emptied as a result of the con.

Which? Computing has heard from consumers across the country who have been called by scammers pretending to be from the computer software giant Microsoft or an internet service provider.

They say there's a virus on the consumers PC and take them through steps to fix the problem which ends with the consumer allowing criminals remote access to their PCs.

To add insult to injury, consumers are also asked to provide their credit card details in order to pay a fee for the repair. One reader who smelled a rat and reported the scam noted that he was asked to allow a remote assistance connection to his PC. Based on the rest of the article, this looks to be an explicit reference to Microsoft's Remote Assistance tool for Windows-based PCs.

Remote Assistance is designed so that a PC user sends a support request to a third party -- presumably a legitimate IT professional. The request is usually sent via IM or email, and it is valid for a limited period of time. Once the support provider accepts the invitation, he or she has more or less complete access to the remote system.

Don't Miss: NEW! Remote Access How-To Center

Let's set aside the question of whether the victims of this scam should have known better. There are more important points to consider here:

- Remote Assistance is typically disabled by default on Windows PCs. It would be a mistake, however, to assume that is always the case. There are plenty of good examples online that show you where to check a system's Remote Assistance configuration and to disable it if necessary.

- Companies that use Remote Assistance are far more likely to do so from within a local network than from without. It thus makes good sense to control off-network Remote Assistance connections by blocking port 3389 on your firewall.

This will also block users who want to connect to their systems using Microsoft Remote Desktop. As far as I'm concerned, that's fine -- there are far more secure and robust remote access tools available on the market, both free and commercial. If your small business does allow remote access using Remote Desktop, then it had better have the in-house IT security expertise to make this advice redundant, anyway.

- Social engineering attacks thrive on miscommunications, bad assumptions, and poor judgment. Ensure that your employees understand exactly how, where, and to whom they should direct support requests. If your company uses a third-party support provider, there should be crystal-clear, strictly defined procedures for sending support requests.

And frankly, if your provider's "procedure" for accepting support requests involves employees sending Remote Assistance invitations to some random email address, you might want to rethink your business relationship.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
11 Things IT Professionals Wish They Knew Earlier in Their Careers
Lisa Morgan, Freelance Writer,  4/6/2021
Time to Shift Your Job Search Out of Neutral
Jessica Davis, Senior Editor, Enterprise Apps,  3/31/2021
Does Identity Hinder Hybrid-Cloud and Multi-Cloud Adoption?
Joao-Pierre S. Ruth, Senior Writer,  4/1/2021
White Papers
Register for InformationWeek Newsletters
Current Issue
Successful Strategies for Digital Transformation
Download this report to learn about the latest technologies and best practices or ensuring a successful transition from outdated business transformation tactics.
Flash Poll