Fresh hell for TalkTalk customers: TeamView trap unleashed
Top management's attention snagged
TalkTalk customers are getting caught up in the TeamViewer remote-control PC seizure storm.
Customers of the ISP with TeamViewer accounts say they are being hit by opportunists trying to seize control of their PCs.
Faced with this fresh assault on their long-suffering customers’ privacy, TalkTalk’s board will discuss the matter at a meeting this week.
It is not clear – yet – what action the firm can or will take to protect customers from this new assault.
However, customer Mercedes Valentino, who says she has been targeted by apparent TalkTalk scammers, told The Reg that the board must take a lead on warning customers.
“The moment [TalkTalk] gets information like this they should put it on the website immediately and email customers to say there’s an issue, that TeamViewer has a problem and other customer are affected," she said.
“TalkTalk should put their hands up and lead the way.”
Valentino told The Reg she’d that she received an unsolicited phone call last week from an individual who appeared to have an Indian accent and purported to represent TalkTalk. She said the caller offered to help "fix the problems" she was encountering with her home computer.
Valentino was running the software when the individual called from an 0345 number. The person said he could help solve any problems she was having with her computer and wanted to use TeamViewer.
Valentino said she said “no” to his use of TeamViewer, but said that he took over control of her PC regardless.
“I insisted [he] talk me through it but he insisted on remotely accessing the PC. I said 'You don’t have to' and the next thing I knew, he [had] control of the PC. I saw the mouse moving across the screen, so I shut it down. He said: ‘Why are you locking me out?’”
Valentino installed TeamViewer at the request of a TalkTalk customer service representative who was attempting to fix problems with her PC in late 2015.
Valentino called the 0345 number the following day to see if it was a rogue call and claims that an individual, possibly the same one, again claiming to represent TalkTalk asked for her post code and her house number as part of "security checks" but said that she refused and put the phone down. The Reg called the 0345 number and heard call-waiting message asking us what services we used with TalkTalk and to enter our TalkTalk customer number. It sounded legitimate. But the ISP has since denied the 0345 number she was contacted on was one of its own.
TalkTalk suffered a serious breach last year that saw customers' personal information, including names and addresses and bank details lifted by hackers.
They also obtained records of service calls.
Customers have since received calls from individuals claiming to represent TalkTalk trying to gain access to their PCs.
Valentino wasn’t caught out that time and, indeed – already in possession of an exdirectory phone number – and said she had taken the added precaution of getting a new number after the breach.
According to Valentino, very few people know her new number, although it is known to TalkTalk. It would appear that the scammers are catching up to her based on the fact she has a TeamViewer account.
There has been a sudden surge in TeamViewer customers saying their PCs have been hijacked and bank accounts accessed, with some of them saying money has been stolen.
TeamViewer has denied its systems have been breached, blaming customers for using weak passwords or re-using passwords.
In February we reported how one scammer persuaded a TalkTalk customer to download TeamViewer, which was then used to try and transfer money.
This, however, is believed to be the first time a scammer has breached a TalkTalk customer’s existing TeamViewer account.
A representative of TeamViewer confirmed this was not an isolated incident. He told The Reg his company knew of other cases where users of TeamViewer software who are also customers of TalkTalk had been attacked. TeamViewer has blocked those account IDs, the TeamViewer spokesperson told us.
The spokesperson told TalkTalk customers in the same situation as Valentino to report the incident to TeamViewer’s support team and submit their log files for analysis.
TalkTalk, meanwhile, has promised Valentino personally that the matter will be discussed at a meeting of the board this week.
Speaking to The Reg, a TalkTalk spokesperson confirmed the board meeting would take place: “They will discuss the case at the board,” the spokesperson said, adding the firm is aware that TeamViewer is installed on the PCs of its customers. ®
Sponsored: Becoming a Pragmatic Security Leader