Question About Scammers and Remote Access to Computers

Rayzen

New Member
I am using Windows 10 Home Edition on a Lenovo laptop.

Today, my Epson printer would not connect to my laptop via wi-fi, and after trying a lot of things (updating the printer drivers, turning the computer and printer off and back on, updating printer firmware, etc.), I gave up trying to fix it myself, and decided to try tech support at Epson. I got a pop-up window that asked me what my problem was, so I described it to the supposed tech rep. who was helping me.

In order to make things go faster, he asked me for my cell phone number so we could talk over the phone and, in that way, save a lot of time, rather than typing back & forth. That sounded reasonable and I can't think of any harm in giving out my cell number, so I sent him the number, he called me, and we began to go through a lengthy process of questions and answers regarding my printer and its problem.

All seemed legit up to that point. But then he asked if I would allow him remote access to my computer, so he could run checks on my printer, as well as my router, to see if there were any problems. That gave me some hesitation, as I am understandably reluctant to have someone snooping around on my computer, but I figured that I would be able to see everything that he was doing in real time, and I would have the ability to immediately cut him off, if he began to go places that were not relevant to my problem, so I agreed, although now a bit nervously.

He did, indeed, go to all the places where it would seem logical to go, if he were truly trying to solve the problem. In fact, that whole process took quite a while, as he appeared to be running tests which showed up on the screen. He took the time to explain what the tests were doing and what the results meant. Finally, after quite a while, he ran a test on my router which indicated that my router is infected and has a trojan. He explained that my computer was not infected and that my internet setup is fine, but that my home network between the router and the printer is the part that is infected. He then told me that he is a printer tech, not a tech who is skilled in solving home network problems, so he would have to go talk to his supervisor in order to ask the supervisor just what he should do next. I said, 'ok,' and he was gone for a short time, maybe two minutes at the most.

However, that made me nervous, because he said that it would take a while for him to go talk to his supervisor and then come back to the phone. I began to fear that, if he were a hacker, he could use the excuse of leaving to talk to his supervisor in order to give him time to then thoroughly scan my computer and download things. I told him that I wasn't happy with the idea of leaving my computer connected to him for such a long time. He then said that he understood my concern, but assured me that he is a legit tech rep, giving my his employee id. Here's is where a big red flag popped up.

When I asked him if I could then call Epson and give them his employee ID, for verification, he gave me a rather weak reason for just continuing on with what we were doing. Now my concern level was getting very high. The guy spoke with a very thick Indian accent, and when I asked him for his name, he said, "Mike Coleman," lol! I immediately cut the remote connection and terminated the phone call.

Okay, now for my question: Is it possible for a hacker to search through your computer while connected via the remote control app, and download your sensitive information, even though you cannot see any evidence of such activity (e.g., the cursor moving around on your screen)? I am now left with the fear that he has actually had access to my files, even though I didn't see any evidence of that.

After signing off, I have changed my bank password and user name, I ran Malwarebytes, Avast, Advanced System Care, and SUPERantispyware, as well changing my router password. So far, nothing seems to be amiss with my computer, but I am now kinda spooked, anyway.

Second question: What things might I do that I haven't already done, in order to further beef up my security at this point? Any recommendations?

By the way, I also went to Google and typed in "Epson Printer scam," and sure enough, got this return: Internet Crime Complaint Center (IC3) | Tech Support Fraud, which is an FBI fraud alert.
 
Last edited:

Neemobeer

Cloud Security Engineer
Staff member
A comment to the back story: If you visited the Epson website and initiated support it was likely legitimate.

Questions:
Is it possible for a hacker to search through your computer while connected via the remote control app...

Answer:
Depends on the remote support app, but in many cases absolutely possible. These remote support apps are IT support tools and can do file transfers to/from, run commands on your system, gather system information etc

Evidence: Unless the remote tool creates logs or you have advanced logging enabled on your system you may not see any evidence

Question:
What things might I do that I haven't already done, in order to further beef up my security at this point? Any recommendations?
For a home network additional control may be overkill or unmanageable if you don't have the skill set. I would recommend security awareness training. There should be some free trainings or books. Honestly the best defense is knowing how to recognize the true signs of phishing and social engineering.

Comments about "Epson Printer scam": If there is a thing <insert literally anything> there is likely a scammer out there trying to trick someone. The fact that there are Epson printer scams does not directly suggest your call was a scam. Many big companies over remote support and many big companies have call centers in India, and yes it is fairly common for them to have fake American names. This is so the customers can remember their names vs long unfamiliar Indian names.
 
Top