Looking for advice for security from hackers

[Confuzzled]

Hello,

I'm relatively new here.  I recently reported some info about a tech support scam in which the scammers were trying to get into my bank account.  It's been a couple months since it happened and I've gotten 21 calls from several different people and phone numbers, all trying the same scam.  As if I would change my mind and give them access.  I've increased my security but I still have concerns.  The scammers got nothing from me, and I lost nothing, so for one they might be trying something more devious to get back at me for wasting 3 days of their time.  

When they call they like to stress that they know my name and address, no doubt from records taken from a company I did business with.  I don't think they have any other info.  They might have had credit card info, but those accounts have been closed.  I think if they had that info they would have used it and they didn't.  For every site I log into I use a unique ID and password.  On top of that, my passwords are much tougher now .  I've had no email account problems either.  My C drive is 95% empty.  All my data is on external drives which I disconnected before I began talking to the company I did business with in the spring because I was suspicious from the start.  I wasn't afraid of losing anything at any time.  I only let the scammers do so much, then when I was sure they had lied about work that was done back in the spring, I shut the computer off.  That sure surprised them.  Even if they download Windows folders from my C drive, there was nothing there for them to find.  They sounded sadder and sadder the next day when they actually tried several more times to talk me into logging into my bank account.

I have several questions:

1. Even though they have no access to my computer, could they be monitoring my online activity somehow?  Watching for my IP address maybe?

2. If I had a different IP address, would that make me more invisible to them?  They wouldn't know what to look for, right?

3. Are there still ways for them to hack into my system secretly?  Except for the IP address, it looks like a different computer.

4. Can they hack my phone somehow?  It's not a smart phone.  It only cost me $10 so it's pretty dumb.  

5. Even when I couldn't use the computer, I could still get online using my TV which is connected to the net.  Can they hack that or even detect that I have it?

I've had the feeling they're watching for another chance.  Yesterday I looked at phone numbers recorded on my phone and looked up numbers I didn't recognize.  I found that I'd gotten many calls from them.  Several numbers are listed as belonging to known scammers.  I guess my cheap phone didn't ring or alert me in any way.  I think they are good at manipulating the phones because when I called the company I'd done business with, I later found out it had no record of my 15 minute call.  Later, I was on the phone for 4 hrs with the scammer and my phone did not record that.

I might think I'm just being paranoid if it wasn't for all the calls I found that I'd missed.  Maybe I'm on a circulating list of targets which could explain why I'm getting calls from different people with different phone numbers.  But not 'all' the phone numbers or people are different.  One guy has called me 9 times.  I answered once but he just hung up when I didn't cooperate.  His multiple calls are all only 17-18 seconds long.  Can he do something to the phone in that time, and how?  Maybe he's trying to annoy me by hanging up before I can answer?  Except the joke is on him because my phone isn't ringing.

I've reported the incident to several authorities and online scam tracking sites.  Nevertheless, I'd like to hear some opinions from people here who are more familiar with this stuff.

Thank you.

[David H. Lipman]

1. Even though they have no access to my computer, could they be monitoring my online activity somehow?  Watching for my IP address maybe?

No.  They would have to plant software or a device like "Carnivore" to access your activity.

2. If I had a different IP address, would that make me more invisible to them?  They wouldn't know what to look for, right?

Most individuals on the internet do NOT have static WAN IP addresses.  The ISP assigns their Router or modem+Router in a "lease" on an address and that addrss can change.  simply turning off all internet equipment for X Hours may cause a new IP Lease assignment.

3. Are there still ways for them to hack into my system secretly?  Except for the IP address, it looks like a different computer.

The old saying goes...  If there is a will there is a way.  However there is always a cost.  That cost has to be overcome by the outcome.  Average Joes are not "high profile" targets and they do not have a high enough value on them to make it worth the effort.  For some entity to look at you as a target, you would have to have a high profile and a strong presence either in the real world or on the internet.

4. Can they hack my phone somehow?  It's not a smart phone.  It only cost me $10 so it's pretty dumb.  

Anything can be hacked.  There have been some Discovery Channel shows that have demonstrated various "hacks" of everyday objects.  When you say "hack your phone" what do you mean ?  Data on it ? Your phone conversations ?

5. Even when I couldn't use the computer, I could still get online using my TV which is connected to the net.  Can they hack that or even detect that I have it?

Smart TVs are hackable.  There have been some notifications about the Video Cameras being used to spy on those just watching TV without the TV owner's knowledge.

 

[exile360]

Based on the information you provided, it does sound like they only have your phone number and are just trying to pressure/scam you into giving them money if they can.  You can search online on how to add yourself to the national 'Do not call' registry, assuming you live in the United States, and that can help to keep companies which you've not initiated contact with from contacting you and while it may do little to dissuade these particular scammers, it should offer some recourse if anyone new tries to contact you.  Also, if you do answer you should ask them to add your number to their 'do not call list', requesting that they not contact you again.  If they flat our refuse or if they agree to do so but continue calling you then you may then report them to the authorities via the same 'do not call' registry/service (an official government organization).

The site for the national do not call registry may be found here and the page where you report violations is here.  More info on the do not call registry and how it works can be found here as well as here.  Both pages are official .gov sites and provide details and instructions on how you may register and use the service.

As for your IP address, PC and TV; no, they should not have any way of tracking your IP address or activities or remotely accessing your system as long as you have disabled/removed whatever means they initially connected to your system with if you ever actually allowed them to remote into your system to 'help' you.  I'm assuming it was something like 'AMMYY' or some other similar remote desktop/remote access utility and if so, make certain you've removed them from your system just to be safe.  You can take it a step further if you so choose by also disabling the built in Remote Desktop feature in Windows if you do not use it, though it shouldn't be necessary in all likelihood.

You can also help to ensure the security of your network, including your PC and TV by making sure that the firewall functionality built into your router or wireless modem is enabled, that you have the latest firmware for your device and that you have set a strong network password using the strongest encryption capability (assuming it's wireless) available on the device (WPA-2 encryption is recommended if available).  Some good guides on configuring various routers/networking hardware, including how to create a strong password, can be found here (and there are many other resources on the web should you not find your router/modem on the list, including the manufacturer's support site for your device).

[Confuzzled]

Thank you for your answers Mr. Lipman,

Follow up questions to your answers:

1 & 2. I have seen YouTube videos where someone will be communicating with a scammer on their computer and they call up a program that lets them see the IP address of the computer they're talking to, then other software tells them the location of the IP address.  I was just thinking there might be software that could monitor internet traffic with my ISP and tell whether or not my IP address shows up.

I read a little about changing the IP address of my computer or router, and I heard that if the router stays off long enough the IP changes automatically.  I also read serious sounding warnings about all the other things that can change which can stop communication between the computer and router.  It wasn't clear if the 2 would find each other automatically, or would I need a service call from my ISP so they could set them up again?  It involved many things I never saw before and when I looked into it, I'd soon get a persistent window with blank spots for names and passwords assigned to me by my ISP.  They gave me nothing like that so now I'm reluctant to turn the router off for a long time.

3.  In the last 2 months I've gotten 37 calls from more and more people and phone numbers.  It seems to be worth someone's time.  22 of those are from known scammers and another 5 want me to call the company that transferred me to the scammers the first time.  They still ask me to let them have access to my bank account.

4. When I say hack, I mean it in the negative sense, stealing numbers, erasing SIM card, calling friends, cancelling utilities including phone service, etc.

I think they have a way to monitor if my phone is still a valid number, or something.  I get many calls which last only 17 seconds, the phone doesn't ring but it registers a missed call.  They must be getting some kind of signal back letting them know the phone number is good.

Here is a list of incoming calls, the phone numbers, names of people or companies, and which are known scammers.  (TLC = TechLiveConnect.com,  PTS = PremiumTechSupport.com):
(names came from http://www.whitepages.com/phone/)
phone                      # calls                                 person/company        
605-722-6636          1                                  Curtis C Engel, seems to be monitoring my phone
916-791-7219          1                                  William Barnes, seems to be monitoring my phone
402-935-7733          1                                  Tchaa A Assih, seems to be monitoring my phone
877-958-7560     5 requests to call this #    TLC, PTS
855-852-7658          7                                  TLC
415-690-2195          6                                  'Shane Watson', known scammer  TLC  
44-19-2548-7347    1                                   known scammer
44-20-7387-3893    1                                   known scammer
515-238-6713         1                                   serious scammer
408-610-4900         13                                 known scammer, seems to be monitoring my phone

5.  I've heard about cameras being hacked.  I don't have one.  But could they interrupt my net reception through the TV as they might with the computer?  They go through the same router.

Thank you.

======================

Mr. Exile360,

I've been on the 'Do Not Call List' for 8 years.  The websites speak only of telemarketers.  These are not telemarketers.  These scammers want to rob my bank account.  I've reported all names and numbers to the FTC identity theft department.

On Oct. 6 I reformatted my system and have a different version of windows running now.  However, I still suspect something isn't right.  When I was setting up my account, if I used a certain login name and password, the computer would appear dead or locked up for as much as 10 minutes.  Forcing a restart made it act normal but if left alone, it would gradually speed up and respond to commands normally.  During the 10 minutes, I could not turn on task manager, turn it off,  or do anything else to monitor what it was doing. By default, my net connection is disabled, as is WiFi which I never use, but I have no idea what's happening even though my icon says no net connection.
I always seem to get into trouble when changing user accounts.

One thing that makes me wonder about being hacked is that I ALWAYS log out of every site I go to, even email.  However, now and then when I check my account 'recent activity' I see dates when it says I was logged in and had not logged out, but I'm sure I wasn't online on some of those dates.  And the cities would not be where either myself nor my ISP are located.  That has happened several times since my reformat on Oct. 6, but not lately as I'm beefing up security much more.  In any case, I haven't had any problems with any email account.  I thought I was starting clean after the reformat but now I wonder.

In the past, techs have left software in place after helping fix something on the computer.  I remove everything that looks extraneous.  
The remote desktop control feature in Windows is disabled.

When my router for computer and TV were installed, nobody said anything about firewalls or setting them up to communicate with names and passwords. I am hardwired all over.  Most things in your last paragraph I would have to speak to my service provider about, I just don't know about that.

Thank you for your answer.

 

[David H. Lipman]

I am Dave or David.  No need to be formal.

1 & 2:

The videos you saw may not show the whole picture.  They may have already reached the point where Remote Access / Remote Control software was installed on the computer in question.  once that is running on the ( I'll use the term Victim ) Victim's PC, they are inside that person's enclave and have access to whatever the Victim has access to.  The fact that you mention a victim is online with a scammer ( I'll use the term Malicious Actor ) means they are past the point of just a Cold Call.

An IP Address is synonymous to a ( traditional ) telephone number.  The Domain Naming System ( DNS ) is synonymous to a Phone Book.  Based upon a traditional phone number's ¹Area Code and Prefix, you can know a general location of the Telephone.  Likewise there is the concept of GeoIP.  That is the locality the Internet service Provider ( ISP ) may have a Point of Presence.

"  I also read serious sounding warnings about all the other things that can change which can stop communication between the computer and router. "

Misinformation or non-applicable information that may have no relevance at all.  There may be nich situations where a new IP Lease may cause and issue but that usually is a situation where they are running a service to be accessed from the POV of the Internet.

3:

Malicious Actors share ( well really sell ) information on victims.  A list of Potential Victims is passed around and used and re-used.  It is like when you donate to one charity you will soon receive Junk Mail for other charities.

4:

"When I say hack, I mean it in the negative sense, stealing numbers, erasing SIM card, calling friends, cancelling utilities including phone service, etc. "

Much of that requires what is called the Insider Threat.  That is someone who may have physical access and is already inside one's personal enclave.  Smart Phones create a Faux Insider Threat but it is still a threat.  An example would be the allure of a Free utility like "Smilies" which may have zero monetary cost but have a privacy cost such as GPS racking.  Installing unvetted applications on any system becomes a faux Insider Threat.  It's not a "person" that is within the enclave, its an agent of a person in the form of an application.  That is the nature of a trojan.

Lets' take a look at Phone Conversations.

If I have a landline I am protected by eavesdropping laws.  Both parties of the conversation can NOT record the conversation with out the other party being made privy to that.  It could be a simple "this call is being recorded...", the fact that is it a Voice Mail, or a 1Khz tone is generated every 30 secs and audible to both parties.  However that goes out the door to some degree when you use a phone that travels over Radio Waves.  There are two kinds of devices.  One is the Cell Phone or Smart Phone.  The other is a residential or business wireless telephone.  In the second example you have a telephone that is over the Plain Old Telephone System ( POTS ) or Voice Over IP ( VoIP ) and the handset uses Radio to transmit the conversation between a base unit and the wireless handset.  In those cases you are transmitting and thus anyone can intercept your calls over over the Radio Waves.  The way to thwart that is by using Encrypted Communications.  Then a third party can listen in and record the conversation but the encryption renders the intercepted conversation useless.

In my previous reply I noted the cost must be justified by the the outcome.  When one is a High Profile Target then the costs may be justified.  An example is a person can be in a car or van near your premises and use the fact that all computers, Cell/Smart Phones generate Radio Noise or use Radio Waves.  IFF you are such a target then it cold simply be someone trying to hack WiFi or a much more expensive methodology that takes advantage of the fact that Electronics generate Radio Frequency Noise where data may be modulated in that noise.

 

---

1.  Cell phones have changed that paradigm as someone may have obtained the cell phone in Ohio and have a 216 Area Code but actually live and use the cell phone in Monterey California.

Edited December 16, 2016 by David H. Lipman

[Confuzzled]

Thanks Dave, everything you said seems to be saying I appear to be safe (or should I qulaify that by saying 'relatively safe.')
You're right about the TouTube videos, they were specifically made to show the 'bad guys' being caught in the act.  
I've heard that these guys can call a person and make the receiving phone display any number and location they want.  An employee of my bank once thought she got a call from the FBI because of that.  She said her phone displayed the FBI logo and number.
I do believe my phone number is being circulated, but I wonder what they are up to by regularly checking if the number/phone is working?  Fortunately I don't get many calls.  If someone wants to reach me they can leave a voicemail (I actually prefer that.)  Anybody else will hopefully get tired of my phone being turned off all the time now.  Other than getting a new number, there's nothing I can do.  
My cheapie phone has no apps like you mentioned, so it is apparently safe.  TV too if I understand right.

The computer is the weak link, despite never using WiFi.  Speaking of communications being intercepted, we hear that email is not as secure as we might think.  How easy is it to intercept that?  The first thing I thought of when my computer was slow to start was that there might be a keylogger hidden in it and it was transmitting its files.  Without Task Manager I couldn't tell if there was network activity.  I tried running a keylogger detector about a month ago and it messed up a few things.  I kept the log it made, but I don't understand it. 

The computer is not the same as before the reformat.  Nobody has had remote control and I'm beefing up security in as many ways as I can think of so maybe I'm just seeing normal differences.  I haven't found any hard evidence of anything on or off the computer, but an article said the 'bad guys' may wait years, accumulating enough info, before they steal someone's identity.  I know they're watching so I'm trying to be proactive since the alternative is unthinkable.

[David H. Lipman]

There are no absolutes.  Security is always qualified and is asymptotic in that you will always get close to being 100% safe by the actions you take or may not take but you will never reach 100%.  They will make you more safe.

You have described CallerID Spoofing.  That is using VoIP technology, a malicious actor can generate a CallerID display text that masquerades their intentions. This could be a simple name of a person or town or more egregious, masquerading as a Federal agency such as State Gov't, the US IRS or ever Law Enforcement.  Most often they are frauds like Rachel from Card Services offering a discounted Credit Card rate or to change your home energy supplier.  Even automobile warranty extension.  When you call the number back you may get "The number you have called has been disconnected or is no longer in service...".  you may find entering the phone number into a Google search may be used to obtain "helpful" information.  There are services such as 800Notes that may supply good data such as as this example:  8887271127

Depending on what services you subscribe to, you may wish to take advantage of Call Blocking, Anonymous Rejection and Simultaneous Ring.

I do not believe CallerID is capable of logos.  Only ASCII text.  However some services such as FiOS Voice can display the CallerID on the TV display as the call comes in.  The service provider may augment that display but I have not heard of that being done.

NOTE:  I often state... Paranoia is just another word for a heightened state of Situational awareness.

 

Edited December 17, 2016 by David H. Lipman
Edited for content, clarity, spelling and grammar

[Confuzzled]

I don't have all the facts about what this lady saw.  I don't know what kind of display or phone it was.  She was foreign and the way she described what she saw coupled with my possible misunderstanding of her description resulted in my choice of words above.

I think I'm going to go prepare a couple other questions for later submission.  Thanks again.

[PaulAllen]

Could you not just change your phone number and go x directory? As from what I have learnt from looking at this type of crime and I'm new at all this so do correct me if I am wrong Dave/exile360  theses scammers pass/sell peoples (the targets) details around so it won't go away you may get gaps between the malicious calls but your name and phone number and other details will be on a few scammers lists.

There are some nice videos on you tube at the defcon conference that show how to steal data, clone phones intercept calls, text messages ect it may put your mind at rest a bit as it isn't that easy as 1,2,3, hence why they use the social engineering technique which is fairly low tech but effective. 

 

 

[Confuzzled]

Thanks Paul,

I am considering changing my number. I've already changed many other things. The most confusing was getting email double verification codes from the same number these guys have been calling me from since early October. That's a separate question.

 

 

[David H. Lipman]

7 hours ago, PaulAllen said:

...I have learnt from looking at this type of crime and I'm new at all this so do correct me if I am wrong Dave/exile360  theses scammers pass/sell peoples (the targets) details around so it won't go away you may get gaps between the malicious calls but your name and phone number and other details will be on a few scammers lists.

Yes.  I guess you can call it a "sucker list".  That is a list of those people who respond.  If I have a list that has 5,000 people's meta data it may be too much.  However If I had a list of people's meta data for the more receptive to a scam and it only contained 1,000 people, that list would be better and thus have a value to obtaining it.

You will see that sometimes you get a seemingly innocuous spam email.  If you reply to it in any fashion then you are perceived as being receptacle to some fraud scheme.

They do this with those phone calls that don't leave a message or when you pick up the phone the other end is silent.  These test the phone number to see if it is "live" and if it is, it may be recorded as a number that would be receptive to a fraud call.

Anyone who compiles these kinds of lists will sell it in Hack Forums and on the Dark Web.

These are just malicious extensions of what you will also see with Charitable Donations and with Mass Marketing and Advertising.

 

Edited January 23, 2017 by David H. Lipman
Edited for content, clarity, spelling and grammar

[Confuzzled]

I agree with you Dave.  I now check the number on my phone before answering or just let it ring.  If it's someone checking to see if it is a working number they get no reply.  If it is from a friend, they'll leave a message.  Unfortunately I can't make the phone look totally unused because when I don't answer, the service still offers to take a message.  The problem with simply changing the number is that I've had this number a long time and if I change it, I can't update all records.  Fortunately the number of calls has lessened.  They tend to come early in the month, sometimes in rapid succession as if being dialed by a computer.  Maybe not answering is working.

[PaulAllen]

Thanks for the info Dave. 

Hope you get rid of them confuzzled. You can also use them as a source of fun I kept them on the phone for 2 hours once lol It would have made a great you tube he was so angry after 2 hours and in the final stage I started to insult him he got everyone working with him to come listen and in the end they started to laugh sadly they never called me again I enjoyed the finally but 2 hours was very hard going.

Good luck with it all

[Confuzzled]

Hi Paul,

I did better than that.  They called for 3 days trying to get me to log into my bank account.  That gave me time to check out what they were telling me.  During the actual scam attempt, I had them on the phone and computer for 4 consecutive hours as they transferred my call to the UK and back.  They tried to do something very fast at one point but I shut the computer off and they got nothing.  All my data was on disconnected external drives before I even picked up the phone.  They were incredulous when they called back.  The next day when they called yet again, they knew they had nothing and sounded very tired and sad.  It was mostly entertainment for me.  No real damage was done.  It's hard to believe they still call and think I changed my mind and will now let them into my bank account.  This was my first experience, yet I saw many flaws in their methods, the guy seemed like an amateur.

[PaulAllen]

4 hours that's good going I am impressed. Lets hope they leave you alone