PG Music Home Forums General Discussion Off-Topic Spammers now using obituaries to get control of your computer

While I and family were stationed in Germany we would get frequent visits from encyclopedia sales people, usually British college students trying to earn some spending money.

I became so familiar with the sales pitch that I would recognize their errors and omissions. It became our regular weekend entertainment listening to them pushing Encyclopedia Britannica.

I would interrupt by asking: "Aren't you supposed to spread a big folded banner of educational benefits to our children on the carpet about now?"

They would throw their hands up in frustration, chuckle, then enjoy a cold beer with us.

I don't do business with the door-to-door students selling magazines. I did at one time because I figured they were just trying to pay for school. I know the magazines they sell are more expensive, but I figured I'd help.

Then I found that many of them aren't going to school at all. And finally, I get my few magazines on my iPad now.

If what I think is a legitimate telemarketer calling (and it is hard to make that judgement in the first few seconds) I simply say "I have a strict policy not to respond to unsolicited calls, please take me off your list." Then I hang up even if they are still talking.

I know the caller is just trying to make a living, and probably hates the job as much as I hate the call. And since time is money to a salesperson, getting me off the phone quickly helps them out. I'm not buying anyway.

The telemarketing company is a problem, but the employee might have taken the job in desperation, not able to find anything else.

If I think it's a cracker, (grandpa is that you?) I'll just hang up. If I need a question or two to determine if it's real or not, as soon as I figure it's false I hang up with no explanation.

I have the attitude, that every unsolicited call from a stranger is an attempt to take money from me, whether a legitimate sales call or a thief - unless they prove otherwise.

Notes

rharv, I (finally) take your point about router security, and no, I failed to check that. It is buried behind the PC in a cramped cabinet and is difficult to see. (I've handled the hardware, and don't recall whether there IS a router, or just a modem.) I'll make a point to visit soon and see.

Eddie, early in my journey I learned how to change file dates. It's not difficult.

Team Viewer requires a password with changes every session, UNLESS it is configured to remain the same. This is useful if, as I did, one wishes to access one's own computer(s) remotely. It's also the first thing I'd do if I was a bad guy. (As a PC tech, I, with the customers' knowledge, would install Team Viewer for future access. I considered using the static access code in case someone got hinky about paying, but never did. I'm strictly a white hat kinda guy.)

Also take the router off the default IP. It's a step that can be defeated with an IPCONFIG command, but if I was hacking into a router and saw that the user knew how to change the default IP from 192.168.x.x I would assume they also know how to change the default password and move along to the next one.

Good idea, Eddie. It's a priority. Thanks.

Which is why, if you are seriously concerned about your network security, I recommend NOT using the router supplied by your ISP provider.
If you think the guy with 12 setups on his list for the day is going to come to your home, set up your internet, and then take the time to truly secure it I think you are fooling yourself. He's going to plug it in, show you it works and go to the next one.

Even if he does set up a password, it is likely going to be a standard password that he and others will know.

In my current position I can't risk that. When I switched my ISP, the installer was a little surprised when I told him he couldn't use their router, and even tried to talk me into WHY I should use their router (so they could fix it remotely if anything goes wrong!)
..OK so you're saying I SHOULD allow you and others to remote into my router!? I don't think so. If they want to cut me off at the modem (I'm required to use theirs) OK, but they are not getting into my network any further than that.

As for Eddie's recurring question on how to turn the internet on/off;
Once in the router simply turn off DHCP or change the DNS to point to a machine that does not return the requested website.
If I went this far being 'the bad guy' I'd go ahead and have that machine return a website that displayed a page saying something like 'Ha Ha we turned off your internet. Now pay us'

If you can control DNS you can control a lot. The router is the first place your computer checks for DNS settings.
You can route a system(s) anywhere you want once you control it.
Later, to turn it on just return it to DHCP or set the DNS to the 8.8.8.8 Google DNS and everything suddenly starts working.
No file system date changes required on the local machine by the way. Stored in router.
How this is accomplished for various routers will vary, but most people are running the local cable service provider's hardware= good chance of success on method used, whether it be telnet or whatever.

If you don't know for sure that your router password has been secured, it may be worth having someone look into it. It is not the same as setting a password for people to connect to your wifi/network (which a lot of people ignore also), it is the user/password to actually access the router itself. While you are in there make sure your hardware firewall is enabled. This is sometimes missed also.

Now the boring part;
I say I am the head of a web department. Most people assume that means we build websites. This is true.
However we also are a hosting and MSP provider which involves literally running part of the internet. We have a large block of IPs we control, 3 DNS/SOA servers, hundreds of websites ranging from mom&pop to multimillion dollar corporations running on many Web Servers, as well as the SQL servers that support them.
We are also responsible for large corporate private networks, some that span many states. So I have been granted access to some pretty serious stuff and have quite a bit of responsibility in this regard. I take my personal network security so seriously because of the access I have to these systems. If I was ever compromised it could potentially become a pretty serious breach.

I was concerned yesterday that I had lost the password to the router; I remembered it today, and did my quarterly audit. This is more than most people would ever need to worry about, but is yet another practice to help keep things secure.

Thanks, guys.

Wow Rharv, I knew you were an IT pro but I didn't know you're involved in all that. Good to know.

Here's something that just popped up in my inbox. The ringleader of the IRS phone scam just got 14 years in the big house. Of course as usual, that's reactive. Being proactive is the problem with government. Just like the latest admission that the OPM hack actually involves over 22M current and former government workers, most with security clearances. NOW they'll work to secure those databases. Great. What's that about a barn?

That is extremely serious and it just amazes me that this could happen but that's civil service for you. Government simply can't handle this stuff because of complacency. I think (hope) the true security agencies are ok but all the other agencies like OPM? No way. Nobody gets fired because of all the work rules protecting everybody.

Bob

rharv, one thing to make clear is the difference between your own router (which is TRULY a router in the sense that it connects your network to the ISPs network) and the box you get from the ISP (more accurately named a network connection device). That word "router" gets tossed around a lot. YOUR router in your home, that Dlink, or Netgear, or Linksys, or Cisco, or Belkin... is the one you can secure by changing the password from admin/admin, or admin/password, or password/password, or no username/password.... and take it off 192.168.x.1. Granted using the IPCONFIG command you can see the gateway that the network is using, but they'd need to be inside your network to see it. True that there are a lot of hacker toolkits that you can set to brute force hack into home routers, but the original topic we are talking about is someone calling on the phone with a BS story about your computer sending viruses, not someone in a van parked outside your home trying to hack into your router. And honestly, when someone calls you, a random phone number, claiming to see your computer sending virus infected data packets (to where, they don't say) you need to be some special kind of gullible to fall for it. We are pretty much all rather smart people here. That is on the scale of believing that someone you don't know on the other side of the world picks YOUR name at random from every city in the USA to bestow their millions on.

We've pretty much buried this one.

Kinda; they offered me a wireless router. I said no thanks. Not all modems include the wireless router. Mine would have been an extra monthly charge. So A I chose to use my own.
Calling was the easy part. You asked how they could turn it off and on. Router access would make it easy. No matter which device in your network provides this service, make sure it is not vulnerable.
/rant over

FWIW, in your home, that modem IS a router (99.99% of the time). It has to be unless your computer is the device authenticating to the ISP for the basic connection.

As for "turning off the internet", that can just as easily be done with a DDoS (Distributed Denial of Service) attack. Use a bot-net to flood the thing with so many appropriatly mal-formed packets (E.G. a continuous stream of SYN packets but never responding to the SYN-ACK packet the router would respond with) it has no reserve capacity to do anything. Turn it back on by stopping the DDoS...

Easy and effective.

Buy yourselves a call blocker, or, a phone with a good call blocking facility. We havn't received any spam calls for months, and better still, they'll block a series of numbers that the spammers like to use.
I've had some fun with the theiving ****s in the past, like pretending to be Scotland yard, Bill Gates personal manager, Buckhingham palace press office etc...
World's your oyster if you're bored