Tuesday, 13 January 2015

Beware of remote computer access scams

Bait and switch

One of my customers had a problem with a new HP wireless printer that he bought. That story aside, he went to HP for support and was redirected to Techvedic, which initially claimed to be certified support for HP. The tech at Techvedic offered to fix his computer remotely. My customer agreed, and this is where all the trouble started...

Step One: They take your money

The tech offered my customer “Unlimited One Year Support Access @ $199.99” which claims the following...
"This plan protects your digital investment (computer, software, peripheral, router, etc.), irrespective of brand make or model and warranty status, against hardware and software issues. The featured services include: Setup and installation of computer, peripheral and router, Repair and maintenance of computer, peripheral and router, Software and driver diagnostic update and upgrade, PC health-check-up and removal of viruses and malware, Optimization of computer and resources, All in all, this has been designed to meet all your technical needs at one-flat-rate."
My customer agreed to all of this and Techvedic happily charged his bank card before they continued.

Step Two: They take control of your computer

Giving initial instructions to my customer, the tech installed remote access software branded as Techvedic's remote support connection. This software starts on every boot of the machine, and once you're connected to the internet, it grants Techvedic's people unlimited remote access to all of the information in your computer. A while after the Techvedic software was installed my customer could no longer browse the internet, however file transfers and remote access were still working, and this is how the techs left his computer configured!
My customer called them on the phone again, and the techs promised that they would call him back about this, but they never did. My customer called them back to try and resolve the situation, but they wouldn't, so in turn my customer had to contact his bank and have the fraudulent charge removed, and his account numbers and bank cards changed, etc. My customer called me and I told him to leave the computer off until I arrived.

My initial inspection

When I powered up my customer's laptop, this software was loaded on boot-up and immediately connected to the internet after the WiFi connected to the customer's router. Once connected, the software immediately activated the connection for remote techs to log into the computer, without any ability to approve/disapprove their access or to monitor what they were up to in the background. I immediately hit the Quit button but some related processes were still running in the background which I had to manually terminate. After termination, I was able to successfully remove the Techvedic remote software from the computer, however I still could not browse the internet, so I had to dig deeper...

Step Three: Redirecting all internet traffic

Upon deeper investigation I discovered that Techvedic had force-installed DNS redirects into my customer's computer, which redirected all of his internet traffic through two manually-programmed DNS servers at IPs 216.146.35.240 and 216.146.36.240. I back-traced these servers to Dynamic Network Services in Manchester NH. Manually removing the set DNS servers was not enough, I had to perform more scans to remove the forced-DNS settings from being automatically re-added to Windows' Hosts file!
To top this off, further investigation revealed to me that Techvedic also reprogrammed my customer's WiFi router, manually setting the DNS servers in the router to the above IP addresses, and they did this in my customer's DSL modem as well! Being that the DNS redirect was programmed in three places it was impossible for my customer to totally remove the redirects with the usual scanning methods, so in turn I had to manually reset both the router and the modem to factory defaults and reprogram them from scratch with new passwords, etc!

Finishing up with success!

I of course explained to my customer that said DNS redirects and remote software allowed Techvedic access to everything in his computer whenever it was on, but disallowed him access to the internet so that he could not find any resolution to these issues. After I had removed Techvedic's software, reverted and reprogrammed all of their settings, I was able to once again surf freely on the web and print to my customer's new wireless printer!

Another unwary victim

A woman from New York State called me in reference to this very article, she was another victim of the Techvedic scam. Her story is almost the same; she had problems with her printer, so she went to Dell's web site to look for a support phone number. She called the number and thought that she was speaking to Dell Support the entire time until she got to the end of the support session and found that she was dealing with Techvedic. The process was nearly identical to what I described previously, however they also talked her into paying for a re-installation of Office 2010 on top of the initial $199 Techvedic service charge! Fortunately, MasterCard detected Techvedic's fraudulent charges, and this poor woman was forced to get all new cards with new numbers!
Since this woman is outside of my service area (nearly 4 hours away) the best I could suggest to her was for her to find a trustworthy, local computer repair person in her area; to have them come, read this article, and to check her modem and router to see if Techvedic had reprogrammed them with their own DNS's IP addresses... and of course to thoroughly scan her computer for spyware and remote login software, etc. I also suggested that she report this to the local police department, and she could even consider reporting it to local papers or TV stations... this would let others know in her area in case these are location-specific scam attacks.

See Techvedic's retribution against this article...

  • 07-14-2013: Sources revealed that Techvedic is allegedly attempting to improve their online reputation using content schemes and new domains, to push consumer discussion boards out of the high rankings in search engines, and to post negative comments against any sites that talk truthfully about their business... and this article was made a primary target.
  • 07-15-2013: Hacking attempts against this article and my business web site were confirmed by IP traces to come from Delhi, India and Dadar (Mumbai), India... Techvedic offices reside in both locations.
  • 07-23-2013: Alex Smith (a.k.a Anurag Sharma) contacted me concerning this article via email, supposedly from California when in fact the email came via Bharti Airtel Limited, India.
  • 07-25-2013: Alex Smith (a.k.a. Anurag Sharma) from Techvedic threatended HubPages with a lawsuit concerning this article and the fact that I had Techvedic's logo linked as its image. In turn, HubPages requested that I remove the image and I complied.
  • 07-27-2013: Anthony Godly of Bloomer Digital, UK, contacted me via email through BT-Central-Plus. He explained that Techvedic hired their company to post disparaging remarks about my computer business on Yahoo Answers, PissedConsumer, Scambook, and other sites. Anthony offered to remove all negative posted remarks for a fee, and I declined the offer.
  • 10-23-2013: Techvedic and similar scammers (using random/fake company names and claiming to be affiliates of Microsoft or Dell, HP, etc) are still continually cold-calling residents throughout our area and attempting to extort money from them... unfortunately some unwary people are still falling for these scams, and I've also noticed that they tend to target the elderly. More facts and fraudulent phone calls have been submitted to U.S. Federal investigators (per their requests)! Also, it appears that Techvedic is still trying to have this article removed from Hubpages, they are trying to employ other hubbers here to post negative comments on this article and have it removed... apparently it's still causing Techvedic to lose money as well as potential victims, hooray!

Tech Support Scammers Ordered to Pay Up

A U.S. District Court recently ordered the operators of several international tech support scams to pay more than $5.1 million for convincing people that their computers were riddled with viruses and then charging for bogus support services. The operations were mostly based in India and targeted English-speaking consumers in the United States and several other countries.

Do you think that Techvedic is a scam?

Have I supplied you with enough information to prove my case?

  • Yes
  • No
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic
http://dellea.hubpages.com/hub/Beware-of-Techvedic

No comments:

Post a Comment