Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
Security United Kingdom Technology

Questions Linger After ISP Blocks TeamViewer Over Fraud Fears (sophos.com) 87

Last Wednesday, for no apparent reason, the TeamViewer remote desktop application stopped working on the network of one of the UK's largest ISPs, TalkTalk. The apparent reason, as the investigation has found, are some scammers in India who have been abusing the application to make money. An anonymous reader shares a report: It's a popular application with remote support professionals and power users alike and so support forums soon filled with complaints from perplexed users who noticed that access was possible with 4G and some TalkTalk business connections but not home broadband. By Thursday, journalists dragged the truth out of the company that it had "blocked a number of applications including TeamViewer," which led to a joint statement confirming this on TeamViewer's website: TeamViewer and TalkTalk are in extensive talks to find a comprehensive joint solution to better address this scamming issue. We now know (as some suspected at the time) that the block was connected to abuse of TeamViewer by criminals based in India who had been using it as part of a tech support scam targeting TalkTalk customers. The BBC reported on this two days before the block, including the disturbing claim that the criminals had been able to quote stolen customer account data to make scam calls sound more convincing.

Questions Linger After ISP Blocks TeamViewer Over Fraud Fears

Comments Filter:
  • partial solution (Score:4, Interesting)

    by networkBoy ( 774728 ) on Tuesday March 14, 2017 @04:04PM (#54039017) Homepage Journal

    blacklist teamviewer connections from india?

    Yes they can still use proxies, but anything to make their life more difficult... Like this:
    https://www.youtube.com/watch?... [youtube.com]

    • by SeaFox ( 739806 )

      blacklist teamviewer connections from india?

      That would totally work -- except so many companies are outsourcing their legitimate support to India as well.

      • by N!k0N ( 883435 )

        blacklist teamviewer connections from india?

        That would totally work -- except so many companies are outsourcing their legitimate support to India as well.

        Not seeing a problem here,TBH.

    • by Anonymous Coward
      It would be so much better to block India completely. The noise to ratio on technical forums would certainly be lower.
    • by Anonymous Coward

      blacklist teamviewer connections from india?

      blacklist India, period.

      Back when I looked after a fairly large network, and after a month of fruitlessly sending f.tons of emails to abuse@addresses, I basically decided one morning, fsck it, blocked all known Indian net ranges (and Chinese, Pakistani and Indonesian ones as well into the bargain), then worked on letting individual IP numbers through on a case-by-base basis. It was amazing how very few (7, ISTR) were finally allowed.

      I'm out of the IT game as a profession nowadays, but guess which country's

  • Lessons to learn (Score:5, Insightful)

    by dontbemad ( 2683011 ) on Tuesday March 14, 2017 @04:05PM (#54039023)
    As much flak as American ISPs get for their noncompetitive and morally bereft behavior, we do need to be reminded that things could generally be much worse. There is nothing wrong with pressuring large businesses (especially those with government-sanctioned monopolies) to change their shameful ways, but I do occasionally breathe a sigh of relief that, at least for the moment, our biggest concerns (outside of government spying) are speed, price, and general availability of service.

    It seems almost commonplace for websites or services to get blocked at an ISP level in the UK, and that fact alone seems more frightening than any increase in price that Comcast could throw at me.
    • by cyber-vandal ( 148830 ) on Tuesday March 14, 2017 @04:27PM (#54039175) Homepage

      It's really easy to change ISP in the U.K. You're not trapped like you are in the US.

      • That would be fine if the U.K. government didnt often talk about mandating that all ISP's do censorship.

        Its got its own wikipedia article [wikipedia.org]
      • by Anonymous Coward

        You know, that's a really, really, really stupid idea? That's how you end up with cable-tv. If you let the various providers block whatever they want at their discretion, you'll inevitably find yourself in the situation where you can't use ISP #1 because they block X, and you can't use ISP #2 because they block Y, and ISP #3 because they are blocking Z, so you either can't do what you want, or have to have three god damned subscriptions.

        This whole "if they are not providing what you want, switch" bullshit h

    • by jonwil ( 467024 )

      With Net Neutrality gone under Trump there is nothing to stop US ISPs from unilaterally blocking whatever they dont like (remember when Comcast got busted for their attempts to mess with BitTorrent traffic?)

      • by Khyber ( 864651 )

        There is plenty. Example, I pay to utilize a program. If my ISP blocks access to that program, they're performing tortious interference of contract between me and the other company, and I can sue the hell out of them for it.

        • At which point the ISP brings up the contract you signed which says they can block any packets they feel like blocking, and you lose your lawsuit.

          • by Khyber ( 864651 )

            Uh, yea, unless you've been paying attention, most ISPs are not offering contract-based plans. Charter/Spectrum? Hah, they don't carry enough paperwork to hide the legalese. In fact they're advertising over the radios right now "No contract." So, yea, your whole idea's pretty fucked.

            • Uh, yea, unless you've been paying attention, most ISPs are not offering contract-based plans.

              You confuse a ___-year commitment contract with contract in general.

              I guarantee you signed a contract with your ISP, even if it does not include a length of service commitment on your part. In that contract, you agreed to pay them $X for internet service. If there was no contract, they could not send you a bill.

              In that contract is a clause saying they get to block whatever they feel like blocking.

              • by Khyber ( 864651 )

                The ONLY paperwork I signed was specifically for the modem and service and billing. Nothing on that paperwork included any legalese. Not a single bit of fine print. I still hold the copy of the service receipt.

                So if they block or throttle, it's their ass in court. Nothing of that sort is listed as a term and condition on any piece of paper I signed.

  • by GrumpySteen ( 1250194 ) on Tuesday March 14, 2017 @04:10PM (#54039057)

    The internet is always used by internet scammers. If you completely block the internet, it will eliminate all those scams!

  • by Anonymous Coward

    My neighbor keeps being taken advantage of by scammers in India and Eastern Europe. TeamViewer seems to be the tool of choice. I finally talked her into putting Linux on there (she doesn't really know what that means) and blackholed all DNS requests for every website I could find that is even remotely related to remote access. Many won't work on Linux but I'd rather not find out. Firefox is set to block add-ons. Life is much better now and she has no problem with her shiny new Linux system.

    I wish there

    • by ruir ( 2709173 )
      Extra points for not telling her it is Linux and putting a skin, hell, probably you do not need that, put a background image saying "Windows 10".
      It would be pretty interesting hearing the conversations that she has with potential scammers, and them guiding her to install executables and going through the system menus.
  • block facebook? (Score:4, Insightful)

    by Causemos ( 165477 ) on Tuesday March 14, 2017 @04:21PM (#54039129)

    Facebook is probably used for more fraud than TeamViewer.

  • The real reason (Score:2, Insightful)

    ...because they're too lazy to investigate and block the phone numbers that the scammers are using.
  • I answered in a very simple-minded voice, and told "Paul," after he explained that they're tracking all sorts of malicious traffic coming from my computer that I liked it that way. When he tried to confirm that statement, I told him I liked to share. By that point I was far enough off of his script that he gave up and hung up the phone.

    I think next time I'm going to sound all cagey and worried that people were finding out about the kinds of malicious scripts I've been writing.

  • This is time number#2 that folks reported random logins into PCs running TeamViewer. Reddit has more details as not phone scammers but another round 2 of PCs getting logged into with malware being loaded and logged off!

    A flame war with asshats system administrators denying it because there is no proof in a company statement. But to me evidence says otherwise if reports keep coming back. I have stopped using it and recommend others to stay away. Crappy and odd it's only TeamViewer that has that issue

    • It's not only teamviewer. They used to use logmein too, until they stopped free accounts. There's another tool that starts w/ an S (splashtop?) idk but my mother in law just got hit w/ that one... Payed 250 to hand over the keys to her machine and then turn off her AV and firewalls have them download the free version of Norton from Comcast which interestingly didn't detect their malware, and installed malware to keep it from being turned on for anything but on demand scans. Luckily MWB found it. I'm in

  • yes scammers like team viewer but they also use other vnc apps like cracked versions of go to assets and so on. but you can go blaming the app for its misuse. its like blocking edge because scammers make fake pop ups.
  • sigh... [slashdot.org]
  • by ytene ( 4376651 ) on Wednesday March 15, 2017 @12:29AM (#54041549)
    I use a different UK telco/ISP as my service provider but I have seen exactly the same problem as those reported in the OP and in the linked article. The thing is, the issue isn't Teamviewer per se, or even that the ISP chose to unilaterally [and without consultation or warning] block the technology on their portion of the network]. These are symptoms and consequences of the real problem.

    The fundamental issue here is that the ISP in question chose to outsource a portion of its Customer Service function to a deprived area of India - an area where they could hire trained staff to work for a fraction of UK wages [about 20-25%] and thereby increase their profits by a corresponding amount. There are zero benefits to the customer from having a call centre in India - the only ones who get to benefit are the Directors, Senior Management and shareholders of the company in question.

    Up until March 2016 I received 2-3 such scam calls per week. Then one day one of the callers made a mistake and quoted a company-internal reference number from my telephone [landline] service provider. The quoted data was unique to me, only printed on my paper statement and unrelated to any other details about me. Armed with this [and a couple of related facts I managed to tease out of the caller] I got in touch with my telco's Fraud Prevention department and had a long discussion with one of their investigators. I asked that the person concerned cross-check their call database records from their call centre to see how many times my UK number was called, and on what occasions, and from which of their operators. I had enough information to persuade them that the attempted fraud calls were originating on their equipment - and suggested to the person that my telco's own call centre infrastructure was being used by a criminal group to perpetrate fraud against UK customers.

    At first I received bluster and pushback, at which point I suggested that in the event my telco did not take the matter seriously, I would complain to my Member of Parliament, the UK telecoms Regulator and the press.

    March 2016. Have not received a SINGLE fraudulent call since.

    The issue isn't TeamViewer. The issue is that TalkTalk have put their profits before safe business practices. Clearly they don't protect their client data, they don't screen their employees effectively and - if they are anything like my Telco - they don't even know when their own call centres are being used to perpetrate boiler-room fraud.

    I just wish that I could find someone in UK law enforcement willing to take this sort of thing seriously and start to see the large corporations prosecuted when their negligence endangers the safety of their clients. Unfortunately, until there are some serious fines handed down, or preferably until a couple of directors are jailed for breach of duty, negligence or malfeasance, this isn't going to change.

We can defeat gravity. The problem is the paperwork involved.

Working...