Questions Linger After ISP Blocks TeamViewer Over Fraud Fears

Last Wednesday, for no apparent reason, the TeamViewer remote desktop application stopped working on the network of one of the UK's largest ISPs, TalkTalk. The apparent reason, as the investigation has found, are some scammers in India who have been abusing the application to make money. An anonymous reader shares a report: It's a popular application with remote support professionals and power users alike and so support forums soon filled with complaints from perplexed users who noticed that access was possible with 4G and some TalkTalk business connections but not home broadband. By Thursday, journalists dragged the truth out of the company that it had "blocked a number of applications including TeamViewer," which led to a joint statement confirming this on TeamViewer's website: TeamViewer and TalkTalk are in extensive talks to find a comprehensive joint solution to better address this scamming issue. We now know (as some suspected at the time) that the block was connected to abuse of TeamViewer by criminals based in India who had been using it as part of a tech support scam targeting TalkTalk customers. The BBC reported on this two days before the block, including the disturbing claim that the criminals had been able to quote stolen customer account data to make scam calls sound more convincing.

Lessons to learn

[dontbemad]

As much flak as American ISPs get for their noncompetitive and morally bereft behavior, we do need to be reminded that things could generally be much worse. There is nothing wrong with pressuring large businesses (especially those with government-sanctioned monopolies) to change their shameful ways, but I do occasionally breathe a sigh of relief that, at least for the moment, our biggest concerns (outside of government spying) are speed, price, and general availability of service.

It seems almost commonplace for websites or services to get blocked at an ISP level in the UK, and that fact alone seems more frightening than any increase in price that Comcast could throw at me.

Re: Lessons to learn

[cyber-vandal]

It's really easy to change ISP in the U.K. You're not trapped like you are in the US.

Re: Lessons to learn

[dontbemad]

You aren't wrong, but it can be a little more complicated than that. You ability to get different service is largely dependent on where you live. Since the country is so big, different corners and different population centers can have wildly varying experiences with ISPs.

For instance, I live in the center of Atlanta, GA. We don't have the best selection down here (although, my apartment community is scheduled to get Google Fiber in the next couple months, so...), but there certainly is a "selection". It may be 2-3 choices, and none of them may be great, but there are signs that people are waking up to the need for more pressure on their local legislators to overturn laws and rules that forbid competition.

This is a slight tangent, but a huge amount of the "need" for NetNeutrality wouldn't exist if ISPs could actually be competed with. Startups and municipalities are, more often than not, hamstrung out of the gate by state legislature that all but outright forbids competition against large Telcos from a smaller, more local source. Instead of adding more laws to the books, I am more in favor of getting those anti-compete laws out of here, and allowing for enterprising city councilmen and business owners to create solutions that fit the needs of their communities.

Anyway, bringing this back on point: Yes, we do generally have a harder time "switching", as it were, but it isn't quite as bleak as some foreigners make it out to be sometimes.

block facebook?

[Causemos]

Facebook is probably used for more fraud than TeamViewer.

Re: partial solution

The ISP blocking connections is a good thing in this case. If TeamViewer is not going to deal with the scamming problem, take it to the next level and sever the connection. Force TeamViewer to come up with a solution.

The real reason

[slashmydots]

...because they're too lazy to investigate and block the phone numbers that the scammers are using.

You need to get a clue.

[thesupraman]

FFS you moron.

'These scams are extensive, they all use phone calls, both cellular and land line, Blocking peoples access to the phone system is the only way to get the phone companies to sit the fuck up and listen and do something about it'

'These scams are extensive, they all target Windows users, Making the home use of Windows illegal is the only way to get Microsoft to sit the fuck up and listen and do something about it'

Probably over your head, but getting the idea?

Teamviewer is NOT the problem here - the problem appears to be that the ISP has had account data stolen, that is then being used to scam their members - and they are reacting by blaming one of the tools being used, almost certainly to cloud their own responsibility.

Yes, these scams are common and ugly. The ISP however could EASILY be blocking IP ranges of teamviewer, not just all access - ESPECIALLY as in this case it appears the scammers have data the ISP has lost.....

Re: partial solution

[vux984]

If TeamViewer is not going to deal with the scamming problem, take it to the next level and sever the connection.

faceplam.

The only reason they are using Teamviewer is that it works pretty good. The scammers could switch tomorrow to another remote support tool. Or a VNC based tool with a preconfigured reverse connection; hosted from anywhere, connecting to anywhere... they could even keep calling it teamviewer... they're scammers so honesty isn't a pre-req.

Teamviewer is not a 'hacking tool' and it is not a 'scamming tool' any more than a 'telephone' is a scamming tool. Or the TalkTalk ISP itself is. Blocking teamviewer because people are using it as part of the scam would be almost as idiotic as blocking these customers from reaching their banks. "Well if their bank isn't going to deal with the scamming problem, we'll just stop letting people connect to their banks online.. "

Better still TalkTalk should cut off the customers TalkTalk internet access -- that's where the real problem is anyway. Since TalkTalk apparently lost a bunch of customer data / records allowing the scammers to sound a lot more convincingly like they are calling from talktalk. Whoops.

I'm curious what you think Teamviewer should do about the problem. Or Microsoft. Or apple (because they aren't immune from a scam like this...) or even your grandma you stuck on linux mint or is the fact that your grandma can get scammed by someone pretending to work for TalkTalk while running linux mint somehow Torvalds fault?

Teamviewer (and VNC) run on all three platforms, and as long as the scammer doesn't say he's calling from "Windows" but instead is calling from their (Actual) ISP TalkTalk...

Driven By Corporate Greed

[ytene]

I use a different UK telco/ISP as my service provider but I have seen exactly the same problem as those reported in the OP and in the linked article. The thing is, the issue isn't Teamviewer per se, or even that the ISP chose to unilaterally [and without consultation or warning] block the technology on their portion of the network]. These are symptoms and consequences of the real problem.

The fundamental issue here is that the ISP in question chose to outsource a portion of its Customer Service function to a deprived area of India - an area where they could hire trained staff to work for a fraction of UK wages [about 20-25%] and thereby increase their profits by a corresponding amount. There are zero benefits to the customer from having a call centre in India - the only ones who get to benefit are the Directors, Senior Management and shareholders of the company in question.

Up until March 2016 I received 2-3 such scam calls per week. Then one day one of the callers made a mistake and quoted a company-internal reference number from my telephone [landline] service provider. The quoted data was unique to me, only printed on my paper statement and unrelated to any other details about me. Armed with this [and a couple of related facts I managed to tease out of the caller] I got in touch with my telco's Fraud Prevention department and had a long discussion with one of their investigators. I asked that the person concerned cross-check their call database records from their call centre to see how many times my UK number was called, and on what occasions, and from which of their operators. I had enough information to persuade them that the attempted fraud calls were originating on their equipment - and suggested to the person that my telco's own call centre infrastructure was being used by a criminal group to perpetrate fraud against UK customers.

At first I received bluster and pushback, at which point I suggested that in the event my telco did not take the matter seriously, I would complain to my Member of Parliament, the UK telecoms Regulator and the press.

March 2016. Have not received a SINGLE fraudulent call since.

The issue isn't TeamViewer. The issue is that TalkTalk have put their profits before safe business practices. Clearly they don't protect their client data, they don't screen their employees effectively and - if they are anything like my Telco - they don't even know when their own call centres are being used to perpetrate boiler-room fraud.

I just wish that I could find someone in UK law enforcement willing to take this sort of thing seriously and start to see the large corporations prosecuted when their negligence endangers the safety of their clients. Unfortunately, until there are some serious fines handed down, or preferably until a couple of directors are jailed for breach of duty, negligence or malfeasance, this isn't going to change.