Categories
End User internet online safety security

The return of the “virus on your Microsoft PC” scam #speedytechies @TeamViewer

The “you have a virus on your Microsoft PC” scam is back. I thought they had locked up the people responsible and this was dead. Like everything related to the internet crime – spam, botnets they always find a way back.

I got home from work on Friday and took a call from Anna of http://speedytechies.com/. They apparently have thousands of staff servicing thousands of customers every day despite the fact that the website is only around 3 months old. Pretty impressive business growth.

Either that or Anna is lying and she doesn’t work for speedytechies. She sounded as if she was from India or maybe the Philippines – that general part of the world anyway.

http://speedytechies.com/ is owned by a small business based at a residential address in Houston Texas. You can easily find out lots of info about the business and its owner by shelling out a few dollars to an online resource that does this kind of thing. Not worth it because the chances are the scammer has nothing to do with this guy. Slightly suspicious that the website is only 3 months old though.

Anna wanted me to go to www.teamviewer.com so that she could take over my laptop to check out the virus. www.teamviewer.com looks like a legit site though it would be interesting to audit their list of paying customers to get a trail back to the scammers.

Anna gave me a phone number to call back if I had a problem: 18007137734. The line with Anna was not great so it might be wrong and don’t know where it terminates as I’ve not tried ringing it. Her line quality kept disappearing so she was probably using Skype or some similar OTT service.

I guess it would be possible to trace where Anna was calling from and compile a list of times that her ilk had tried the scam. It isn’t easy though for a punter and it would take a concerted effort from a number of stakeholders. It would be easier if the whole world was VoIP but it isn’t. Also the level of individual harm that will probably accrue from a single incident is not worth the effort it would take. This would have to be coordinated on a wide scale to build up a body of evidence for cross border efforts/cooperation to kick in.

That’s all for now. Ciao.

Categories
End User internet security social networking

Facebook messages bringing a link to a website with a virus – look out

Just seen a wall post on Facebook from a friend warning of a virus being sent out from his account.  Next minute I got a Direct Message from him with a link in it. Fortunately I had just seen his warning and was able to delete it. 

This is going to be a problem I can see. I wonder what can be done about it?

Categories
Business internet

Swine flu already affecting ISP industry in UK

I was looking forward to writing today’s blog post because I had a meeting lined up with Stephen Carter, UK Government  Minister for Communications.  It was, I’m sure, going to provide me with rich pickings with which to fuel the blog.

Unfortunately this was cancelled at the last minute because the Minister was called into an “urgent cross-Government meeting” to discuss the impending swine flu pandemic.

The meeting was between several members of the ISPA council and Stephen Carter and was arranged for us to put forward an industry view on the Digital Britain Report. These meeting take a long time to organise and with the limited amount of time left now before the Report is due to be completed we will probably have to provide an input in writing.

Strikes me we have enough problems with viruses in this in this industry without introducing another one to slow up our networks:-)

Categories
End User security

Virus Attack

As everyone who has caught a cold (manflu?) in the run up to Christmas knows, viruses are no respecters of holidays. This is what happened at one customer site yesterday.

The symptoms appeared gradually. Someone could not log into their PC when they came in to work. Then others had the problem. If you were already logged in you were ok. There was nothing obvious that was wrong.

The customer’s own IT person was overseas on holiday so they called in the cavalry. The Timico IT support team set to work immediately and started to analyse what was going on in the customer’s network. The company had two sites and one PC at the remote site was seen to be generating an inordinate amount of network traffic.

In fact what it was doing was conducting an alphabet attack on the company’s Active Directory server. It was trying to log on as an user on the network. Each time it did so three times unsuccessfully for each user account the server locked that account so a genuine user was then unable to log in.

This is of course good news from a security perspective although highly inconvenient from the customer’s point of view as it was very disruptive. The remote site was disconnected and the rogue PC isolated. The attacks stopped.

The virus protection on each machine was updated and a full scan run on each PC in the customer’s network. It is not always possible to tell how a virus enters your network. This customer had external virus scanning on email. It probably came from a website that someone had visited. Their desktop antivirus was in need of updating.

It does reinforce the message that the fight against virus and malware needs to be conducted on multiple fronts. All’s well that ends well and the cavalry rode off into the sunset for a well deserved New Year’s Eve Party. See you in 2009 pardners…

Categories
End User security

Virus Problems?

One of our big PWAN customers had a virus problem over the weekend. For those of you who don’t know a Private Wide Area Network is basically a secure corporate network run over public networks such as ADSL and leased lines.

It took the customer most of the weekend to identify the source of the problem which came from a rogue PC at one site. What Timico was able to do was to shut off access to that site from all the others. This allowed the other sites to contiunue functioning and prevented the virus from spreading.

The virus was eventually identified as one that had not been covered in the customer’s security software virus definition package.

It did take some time to fix but all’s well that ends well. There is a lesson to be learnt here though. This was quite a big customer with almost 100 sites in their network but they would almost certainly have benefitted from a network security audit. It could have saved them several man days worth of effort over the weekend and probably kept the IT manager’s hair from going grey.