• filter:
  • Page :
  • 1
  • Text Only
  • Search this Topic »
rated:
Recently i got a call claiming to be from HP service and my system has malware and data being siphoned. They can help me.
I ignored the call at first but i got the call second day too. They called me on my main phone and also identified my laptop model, which raised some alarm bells .

The laptop they identified has standard windows defender. 

Now , i am getting calls from some other people regarding our properties which i never got earlier. Not sure if they are related or not but making me alert.

Whats the best way to protect your identity

- personal data on Laptop, which may have already been compromised  
- Monitor any suspicious  activity with our family info
- protect and proof it from data leaks from laptop, or android phones?


I am suspicious about my  phone as well.

Member Summary
Most Recent Posts
So if there are 4B users, I'm one of only 40? Maybe .005% (that's ~ 200K people in the world). App Ops shows 100K downlo... (more)

scripta (Oct. 24, 2016 @ 11:45a) |

You have to agree that neither I nor you are close to the average smart phone user. Not one single "normal" user I kn... (more)

drodge (Oct. 24, 2016 @ 3:27p) |

I am

And I agree with you.  Most people don't root their phones.  Of those that do only a small percentage will lock the... (more)

minidrag (Oct. 25, 2016 @ 5:45a) |

Staff Summary
Thanks for visiting FatWallet.com. Join for free to remove this ad.

rated:
do not accept these calls. Do not respond in any way. Just hang up

Now, how is your computer protected? And what are your surfing habits?

rated:
Thanks Ellory.

I use Windows defender.

rated:
What ellory said. Don't ever respond to these calls. Follow these steps to secure your PC:

http://krebsonsecurity.com/tools-for-a-safer-pc/

how much social media presence do you have? Wash it off as much as possible.

Again, NEVER EVER respond to these calls. If you suspect they might be legit, get their #, google it and/or CALL BACK.

rated:
My answer when "John" from Microsoft calls about problems with Windows, is that I just installed double pane glass, but I had issues with the screen protector. After a good amount of time when they finally ask about my computer, I say oh I do not own a computer, I live in the woods without electricity.

rated:
ZenNUTS said:   Follow these steps to secure your PC:
http://krebsonsecurity.com/tools-for-a-safer-pc/

OP, there are also several other helpful articles on your topic on Krebs' website, so do take a look around at his archive.

Krebs' site has been down some of the past week because it was hit by one of the biggest malicious internet attacks ever recorded
("according to Akamai, it was nearly double the size of the largest attack they’d seen previously, and was among the biggest assaults the Internet has ever witnessed", quoted from:  https://web.archive.org/web/20160922021000/http://krebsonsecurity.com/2016/09/krebsonsecurity-hit-with-record-ddos/), 
and Akamai had to stop protecting his site because it was so expensive for them to try to fight the attack (they had been giving him their services pro bono).

Brian Krebs' Twitter feed (https://twitter.com/briankrebs?lang=en ) says that his website is coming back online now and gradually will be accessible to everyone -- however, even now I can't open it on my computer --
so if the OP tried to click on that link and only saw a blank screen, give it a little time and try again later. 

If the OP can't see the normal link and is in a hurry, you can also search for the article(s) on a copy of Brian's site at the WaybackMachine:  https://web.archive.org/web/20160922124922/http://krebsonsecurity.com/ 

rated:
Is your property ownership public record? Is your phone number public record? That would be the simplest way for literally anyone to get your info.

One of the best ways to prevent data from being siphoned from a computer is to install a software-based firewall, like ZoneAlarm. But you need to meticulously configure it and really know how to use it.

rated:
Did you, or did you not, go online to the site they provided and give them remote access to the laptop? That's the usual MO for these guys. FWIW, the initial contact (the phone call) usually has absolutely zero to do with your computer or being hacked. They get the info they used to make the call from other sources and then ask you to either give them remote access or ask you to download their "cleaner tool". Either one will result in a full compromise of the system.

rated:
drodge said:   Did you, or did you not, go online to the site they provided and give them remote access to the laptop? That's the usual MO for these guys. FWIW, the initial contact (the phone call) usually has absolutely zero to do with your computer or being hacked. They get the info they used to make the call from other sources and then ask you to either give them remote access or ask you to download their "cleaner tool". Either one will result in a full compromise of the system.
  Nope, I didn't give access or download anything they said. 

rated:
Then likely had nothing to do with the computer. Windows Defender is fine for the computer. I work with malware professionally, and it's at least as good ad the paid options and better in many cases. As far as data leakage goes, it's a loosing battle. If you're concerned about that, stop using a smart phone or computer immediately. Most, yes WELL over 50%, of apps leak some kind of data in the clear. Most people would be completely floored by what goes over the network. Honetsly, loss of privacy is a price we all pay for all the free stuff and neat conveniences we all enjoy. That genie is out of the bottle, and I can't see it changing any time soon. I use Credit Karma and a free service through my bank to monitor credit activity. Personally, I don't think services like LIfeLock are remotely reliable.

rated:
drodge said:   Honetsly, loss of privacy is a price we all pay for all the free stuff and neat conveniences we all enjoy.No, we don't all pay that price. You can use an Application Firewall (like ZoneAlarm, AppArmor and DroidWall) to stop most, if not all data leakage.

The only applications that should be allowed to connect are those that were made to connect (browser, email, ftp, ssh, etc), and those should not be leaking any data (except the browser leaks some data by design and other tools exist to manipulate that data).

rated:
I'm sorry, but I do malware analysis and look at network traffic all day long. If you think an application firewall is stopping data leakage you know nothing about how things actually work. Most apps are sending TONS of data in the get requests. You block those, and the application doesn't work, period. You can easily see account names, passwords, system information, all kinds of data being exfilled from the system. It's much worse on phones, but desktop apps are bad too. You can block everything if you want, but then you're right back to having no services.

rated:
Don't be sorry, I look at network traffic too. I did say most, and I do know how things work. An application firewall can block all requests using per-application rules. I'm not sure why you think a GET request is special -- it's not special as far as ZoneAlarm is concerned. With the exceptions of the ones I mentioned (browser, email, ftp, ssh, etc), I don't have a single application on my desktop or phone that requires a connection for full functionality.

rated:
scripta said:    With the exceptions of the ones I mentioned (browser, email, ftp, ssh, etc), I don't have a single application on my desktop or phone that requires a connection for full functionality.
 

  But...  the browser is where so much data goes to unexpected places.  I'm pretty sure that's one of the apps that drodge was referring to.

rated:
minidrag said:   scripta said:    With the exceptions of the ones I mentioned (browser, email, ftp, ssh, etc), I don't have a single application on my desktop or phone that requires a connection for full functionality.But...  the browser is where so much data goes to unexpected places.  I'm pretty sure that's one of the apps that drodge was referring to.I control and minimize those with Adblock, BetterPrivacy, CookieCuller, NoScript, RefControl, RequestPolicy.
I think drodge is talking about web-based apps like Office360, but I'm not sure.

rated:
I'm mostly referring to phone apps, but win10 apps work basically the same way. Almost every one requires internet access at the time of installation. Even if you sideload an .apk it will still require network access to install. More and more, apps also require network connectivity to function after installation, even ones that really shouldn't. During the initial install, most apps vomit system information back to the developer. There are two main ways that programs exfil data, either as packaged data wrapped up into a file or in the http requests. The vast majority use WebView to make standard get requests back to the server. They simply append all the pertinent data right in that standard get request. Using Wireshark you can see all of the data in the clear. Once installed, some apps switch to packaging up the data and sending it as regular TCP traffic. It's still very common for that data to be unencrypted. Lots of them just continue to use get requests to pass data in the clear. You can look yourself and see OS versions and build numbers, enumeration of all installed apps, user names and passwords (even ones for apps other than the one sending the data), system settings, location data, wifi network names and passwords, the list goes on forever. Unless someone specifically calls out the developer the leakage almost never gets fixed. If you use any one of those apps, you can't block these calls or the app doesn't work. More granular permission controls in Android have helped very little. Most people simply click on "allow" and roll on blissfully ignorant and happy that the app works. People are stressed about super-cookies and tracking, while their apps are freely sending their identity information, along with the phone's serial number, phone number, IMEI and MAC. Makes it pretty easy to identify people that way.

rated:
For grins, check out one of the 1000 flashlight apps on the play store. A FLASHLIGHT, surely it doesn't require network connectivity to install. Surely they don't need special permissions or access to anything else on the phone to run. You push a button and the LED turns on or off. Fire up wirelshark, install one and prepare to be amazed. More likely than not you'll see a torrent of information being uploaded to someone, somewhere and most people would never have a clue. You need to constantly look at the developer and ask what their motivation is and how they are making money. Are they trustworthy? What's their history? There are certainly a few people out there who enjoy making a free product and don't abuse their power. They are in the very slim minority at this point. It seems to be just too tempting to include data mining capabilities and sell that info to third parties. That's not to pick on freeware either. Plenty of paid apps are just as bad. Popular apps light Facebook, Instagram, etc. get tons of people looking closely a them every day so they largely stay on the right side of things and pay a steep PR price when they don't. The same can't be said for the millions of other apps out there. Most people have no idea how to check, if they even know they should be concerned. We're to a point where people just blindly accept the risk and don't ask questions.

rated:
drodge said:   For grins, check out one of the 1000 flashlight apps on the play store. A FLASHLIGHT, surely it doesn't require network connectivity to install. Surely they don't need special permissions or access to anything else on the phone to run. You push a button and the LED turns on or off. Fire up wirelshark, install one and prepare to be amazed. More likely than not you'll see a torrent of information being uploaded to someone, somewhere and most people would never have a clue. You need to constantly look at the developer and ask what their motivation is and how they are making money. Are they trustworthy? What's their history? There are certainly a few people out there who enjoy making a free product and don't abuse their power. They are in the very slim minority at this point. It seems to be just too tempting to include data mining capabilities and sell that info to third parties. That's not to pick on freeware either. Plenty of paid apps are just as bad. Popular apps light Facebook, Instagram, etc. get tons of people looking closely a them every day so they largely stay on the right side of things and pay a steep PR price when they don't. The same can't be said for the millions of other apps out there. Most people have no idea how to check, if they even know they should be concerned. We're to a point where people just blindly accept the risk and don't ask questions.

Even if you can check, just about every app wants those permissions these days.  Basically, finding apps that don't do that are like finding a needle in a haystack.

rated:
On the phone I use App Ops to remove unneeded default permissions and disable auto startup, and DroidWall as an application firewall. The free apps like FLASHLIGHT that I've tried so far work just fine without network access. I also don't install too much crapware on my phone.

As for Windows 10, I'd never install it myself, but I got one pre-installed on a new laptop. Still not a problem -- disable all telemetry, disable windows update, disable unneeded services, close unneeded ports, install ZoneAlarm, and it's good to go. Many installers these days attempt to phone home, but every application I've ever used works offline, so I just block network access with ZoneAlarm.

rated:
riznick said:   
drodge said:   For grins, check out one of the 1000 flashlight apps on the play store. A FLASHLIGHT, surely it doesn't require network connectivity to install. Surely they don't need special permissions or access to anything else on the phone to run. You push a button and the LED turns on or off. Fire up wirelshark, install one and prepare to be amazed. More likely than not you'll see a torrent of information being uploaded to someone, somewhere and most people would never have a clue. You need to constantly look at the developer and ask what their motivation is and how they are making money. Are they trustworthy? What's their history? There are certainly a few people out there who enjoy making a free product and don't abuse their power. They are in the very slim minority at this point. It seems to be just too tempting to include data mining capabilities and sell that info to third parties. That's not to pick on freeware either. Plenty of paid apps are just as bad. Popular apps light Facebook, Instagram, etc. get tons of people looking closely a them every day so they largely stay on the right side of things and pay a steep PR price when they don't. The same can't be said for the millions of other apps out there. Most people have no idea how to check, if they even know they should be concerned. We're to a point where people just blindly accept the risk and don't ask questions.

Even if you can check, just about every app wants those permissions these days.  Basically, finding apps that don't do that are like finding a needle in a haystack.

  exactly.  The number of apps that don't require network access is shrinking every day, and at a pretty fast pace.  There is too much revenue stream for developers to ignore.  

rated:
Could you give me an example or two of popular offline (not web-based) applications that don't function at all without internet access? Excluding DRM'd games (too many require steam or windows games key verification, but work fine offline after the key is verified).

rated:
What do you mean by "offline application"? I just looked in the Android play store and the checked the Top Free Apps section. All 20 of the top 20 require network access. I have never use Artisto, but the permissions include:

download files without notification
receive data from Internet
view network connections
full network access
prevent device from sleeping

rated:
You are confusing permissions that the application requests with permission that the application actually requires to function. Just because it asks for something, doesn't mean it requires it. As I explained above, permissions may be removed using something like App Ops. Additionally, all internet access may be blocked by a software firewall like DroidWall. The requested permissions is a long-known problem in the app world -- if I recall correctly, some of the older app development tools enabled all permissions by default, and lazy developers never tweaked these settings.

By "offline application" I mean anything that is not an "online application". An online application is something that stores user data online only with no way to store user data locally. For example, I believe Office365 is an online application (I've never used it, but that's my understanding). Google Docs may be too. Google Photos starts as an online application, but it actually does not require internet access as you can store all your photos locally without sync. Google Maps was an online application until they added offline maps and later offline navigation.

rated:
I may be wrong here, but I think scripta is saying that IF you root your phone and IF you install protection apps and IF you pay attention to everything you install, you can avoid a lot of unneeded data flow.

I think drodge is saying that very few people are aware of any of that and even less actually try to do anything about it.

rated:
What I'm saying is that the average person has ZERO clue what, if anything, the app is actually doing. Google maps is a great example, you can use it in offline mode. Great, how do you get the maps loaded? That requires internet access and actively connecting to the Google server. What data is passed during that connection? Unless you actively monitor the network connection, there is absolutely no way to tell what is going on. The vast overwhelming majority of apps require network connectivity at some point for some reason. They may function in a vacuum, but not the way that they are intended or the way most users expect.

The user agreements and permissions for 99.9% of apps are so vague that they cover their butts to do almost anything. It usually says something like "requires network access" and "we collect data to use for either ourselves or other third parties as we deem necessary". Very seldom does the developer explicitly say exactly what is collected, why and how it's used. Some good developers do, but it's pretty rare. With Android specifically, more than 65% of apps in the market are ad supported. Many of those apps farm out the ad portion of the app to a third party and simply provide an API for the ad company to serve the ads. This is almost NEVER a one-way ad push, but allows the third party to piggyback on the app permissions for the main app and collect other data from the phone. In broad terms, that's almost necessary. How can they push ads if they don't know your screen resolution? Maybe they need to know the android version or what browser you're using. Those are perfectly reasonable when you're getting a free app. But what limits are placed on the data collected? How many apps specifically say they need access to your contact list? And why? Even apps that don't say they are ad supported are often mining the heck out of your data. Why not? The developer can collect the info and sell it to an aggregator. It's almost free money if they choose to do it. I'm ultimately saying that I look at app traffic all day every day, and if the average user had a clue what data is being collected and where it's going they would be VERY surprised. I can't say they would actually care, because most users are happy to give away everything as longs as their latest fad game works. For those concerned about security, however, there are few real protections for those who are not very tech savvy.

rated:
minidrag said:   I may be wrong here, but I think scripta is saying that IF you root your phone and IF you install protection apps and IF you pay attention to everything you install, you can avoid a lot of unneeded data flow.

I think drodge is saying that very few people are aware of any of that and even less actually try to do anything about it.

You are right! My only disagreement was with this statement:
drodge said:   Honetsly, loss of privacy is a price we all pay for all the free stuff and neat conveniences we all enjoy.
and I think I've shown that with proper skills and tools we don't have to pay that price.

rated:
I can't disagree that you can lock things down by taking away network access. However, you have to agree that you are in the .000001% of users. Most people don't begin to have the technical skills or understanding to modify their devices the way that you do. Almost no one uses their apps the way that you do. Sure, you can neuter everything, but you lose a lot of the conveniences when you do that. Study after study shows that very few people care about security or privacy enough to alter their habits. If you ask people right now whether they are willing to give an app full access to everything on their phone in exchange for enhanced convenience or added features, the majority of average users are going to be perfectly fine with that.


I disagree that you don't have to pay a price. Very few apps work the way people expect once you lock them down.

rated:
drodge said:   I disagree that you don't have to pay a price. Very few apps work the way people expect once you lock them down.I disagree that very few apps work the way they're supposed to. That's why I asked for examples. Maybe I don't use that many apps, but what I do use I've locked down, and have not noticed any issues with functionality. Most apps don't require the permissions they ask for, and offline apps work just fine offline.
drodge said:   you have to agree that you are in the .000001% of usersSo if there are 4B users, I'm one of only 40? Maybe .005% (that's ~ 200K people in the world). App Ops shows 100K downloads, DroidWall shows 1M.

rated:
You have to agree that neither I nor you are close to the average smart phone user. Not one single "normal" user I know is blocking network connections or looking at packets.


I stand by the fact that for many apps removing network access fundamentally changes the way they work. You gave maps as an example. Yes, it can be used in offline mode. That also removes many of the features that people depend on, like map updates, traffic, real time routing and detours, and tie-in with other Google apps. There is no way you can argue it's the same product without network access. By definition, Google products are intended to be interconnected and used online, their very business model depends on it. You mentioned office 365. Certainly the online capabilities are fundamental to the entire concept of the product. You mentioned photo apps. Again, some work when offline, but you lose the entire portion of the apps dedicated to offline storage and synchronization. That's the entire premise of many of them. I'm not trying to be pedantic, but modern apps are fundamentally designed to have an online component that adds value (at least in the developer's eyes) to the product. Sure you can disable those, but you can't claim they are the same if you do. People simply aren't going to accept losing the extra features in exchange for added privacy guarantees. At some point, the vast majority of products are going to touch the internet. When they do, there is very little the average user can do to determine what is being transmitted to other parties.

I doubt anyone is reading any of this at this point, so i'll leave it here. We'll just have to disagree on what is normal user behavior.

rated:
drodge said:   
I doubt anyone is reading any of this at this point, so i'll leave it here. We'll just have to disagree on what is normal user behavior.
 

  I am

And I agree with you.  Most people don't root their phones.  Of those that do only a small percentage will lock them down as thoroughly as Scripta mentions.  Scripta - App Ops and Droidwall require a rooted phone.  I guarantee you that a decent percentage of the people that downloaded them didn't realize that and never installed them after the download.  But of those that did install either (or both) only a very small percent will use them correctly.  Most will get annoyed with the extra work involved or will realize that their apps don't work as well so will allow them access.

There will always be some people that care more about privacy than most.  There will always be some that are more technically inclined than most.  But those two, even if they were together (which isn't the case), are still a small minority.

I'm not in security, like drodge, but I've been in the PC field for almost 30 years.  I deal with end users daily and with tech support sites helping users all over the world.  Your caution and your ability to actually do something about that caution is very, very rare.

  • Quick Reply:  Have something quick to contribute? Just reply below and you're done! hide Quick Reply
     
    Click here for full-featured reply.


Disclaimer: By providing links to other sites, FatWallet.com does not guarantee, approve or endorse the information or products available at these sites, nor does a link indicate any association with or endorsement by the linked site to FatWallet.com.

Thanks for visiting FatWallet.com. Join for free to remove this ad.

While FatWallet makes every effort to post correct information, offers are subject to change without notice.
Some exclusions may apply based upon merchant policies.
© 1999-2016