Sky InsuranceEM Tuning
Results 1 to 21 of 21
  1. #1
    Crazyfool's Avatar
    Lead boot

    Status
    Offline
    Join Date
    Feb 2007
    Location
    South East
    Posts
    498

    E-Pro Solutions...Who are they?

    My wife has received a call from these guys Contact Information and stupidly allowed them remote access to our computer.

    Apparently our machine has been sending out unlawful messages (or something like this) and the government has requested that this company sorts it out. I think she has been had, but now apart from wiping my machine and rebuilding it from scratch I am not sure what to do. I guess the first thing is to contact the bank!

    Unless someone thinks this is legit!
    (59) 2.0T A4 S-Line Avant (B8) Lava Grey
    (N) 2.6 V6 Audi Convertible Europa Blue
    Gone: (02) 1.8T A4 sport saloon (B6) Denim Blue

  2. # ADS
    ADS
    Join Date
    Always
    Location
    Global
    Posts
    Many
     
  3. #2
    FactionOne's Avatar
    Administrator

    Status
    Offline
    Join Date
    May 2004
    Location
    Preston
    Posts
    3,052
    Ring your bank straight away, and level the machine. This is one of the nastier dodgy scams doing the rounds at the moment.

    Rob.
    Boot full of dog. Back seat full of lenses.

  4. #3
    Crazyfool's Avatar
    Lead boot

    Status
    Offline
    Join Date
    Feb 2007
    Location
    South East
    Posts
    498
    Just got off the phone to the wife. The call is from India; they have completed a check of the computer and downloaded spyware onto the machine. They have advised that the machine is now clean, but in order to maintain it they want 90 up front for a 'life time service'!! Buggers
    (59) 2.0T A4 S-Line Avant (B8) Lava Grey
    (N) 2.6 V6 Audi Convertible Europa Blue
    Gone: (02) 1.8T A4 sport saloon (B6) Denim Blue

  5. #4
    DaveA3's Avatar
    Audi A-Trizzle!

    Status
    Offline
    Join Date
    Feb 2010
    Location
    Milton Keynes
    Posts
    2,378
    send them a nice virus. restart your router etc. u could also ask ur ISP for a new IP

    Audi A3 1.8T Sport (AGU) - 2000
    Engine: Carbonio CAI/Jetex JR Hybrid Induction, Forge 007p DV, Forge TIP, Longlife S/S Custom Exhaust system, R-Tech Stage 1 Remap, Creation Motorsport Boost Pipe Kit.
    Exterior and Chassis: 18" Cades Tyrus, Euro Wipers, low on JOM Coilovers, Eibach Front & Rear ARB's, Black Angel Eye Headlights, 6000K HID's, S3 Brakes.
    For Sale PM ME - £2500 Mods Inc

  6. #5
    FactionOne's Avatar
    Administrator

    Status
    Offline
    Join Date
    May 2004
    Location
    Preston
    Posts
    3,052
    OK, I'll spare you the technical nonsense unless you're really interested, but although it's clearly well-meaning, none of the above will help.

    Again, levelling the machine is step 1. Don't use Windows restore or any other ****, stick the disc in, delete the partition in setup and start again (of course back-up irreplaceable data first (non-executable files only)).

    If you want a step 2; ring the bank and get new cards/details - if:

    a) You've got card/account details saved locally on the machine
    b) You've typed any card/account details since the phone call (a key-logger is a likely component of whatever they've installed)
    c) You'd prefer peace of mind - even if the bank opt to do nothing, get it on file, so if the **** hits the fan later - it's their fault.

    But again, don't worry about your router or the DHCP-assigned IP address you're almost certainly using, and get the software off the machine.

    Rob.
    Boot full of dog. Back seat full of lenses.

  7. #6
    Crazyfool's Avatar
    Lead boot

    Status
    Offline
    Join Date
    Feb 2007
    Location
    South East
    Posts
    498
    I have disconnected the computer from the internet and contacted my bank earlier today. The annoying thing is that I put the Win7 disc somewhere safe and now haven't got a clue where it is. What's really annoying is that my wide works in IT. I know I shouldn't generalise because there are various specialisms, but

    I guess it I will be using the net via my iPhone until I can find this damn disc.
    (59) 2.0T A4 S-Line Avant (B8) Lava Grey
    (N) 2.6 V6 Audi Convertible Europa Blue
    Gone: (02) 1.8T A4 sport saloon (B6) Denim Blue

  8. #7
    DaveA3's Avatar
    Audi A-Trizzle!

    Status
    Offline
    Join Date
    Feb 2010
    Location
    Milton Keynes
    Posts
    2,378
    Quote Originally Posted by FactionOne View Post
    OK, I'll spare you the technical nonsense unless you're really interested, but although it's clearly well-meaning, none of the above will help.

    Again, levelling the machine is step 1. Don't use Windows restore or any other ****, stick the disc in, delete the partition in setup and start again (of course back-up irreplaceable data first (non-executable files only)).

    If you want a step 2; ring the bank and get new cards/details - if:

    a) You've got card/account details saved locally on the machine
    b) You've typed any card/account details since the phone call (a key-logger is a likely component of whatever they've installed)
    c) You'd prefer peace of mind - even if the bank opt to do nothing, get it on file, so if the **** hits the fan later - it's their fault.

    But again, don't worry about your router or the DHCP-assigned IP address you're almost certainly using, and get the software off the machine.

    Rob.
    whats to stop them connecting again though? obviously now he has turned the net off but they could just reconnect and do it all again. Changing IP would prevent that as long as its not in the same range hence the call to the ISP. I dunno what software they used to connect but its easily configured to not even ask permission to connect as im sure u know mate.

    granted a fresh install would be the best option anyway which would nuke any software scripts etc in order for the above to take place

    Audi A3 1.8T Sport (AGU) - 2000
    Engine: Carbonio CAI/Jetex JR Hybrid Induction, Forge 007p DV, Forge TIP, Longlife S/S Custom Exhaust system, R-Tech Stage 1 Remap, Creation Motorsport Boost Pipe Kit.
    Exterior and Chassis: 18" Cades Tyrus, Euro Wipers, low on JOM Coilovers, Eibach Front & Rear ARB's, Black Angel Eye Headlights, 6000K HID's, S3 Brakes.
    For Sale PM ME - £2500 Mods Inc

  9. #8
    FactionOne's Avatar
    Administrator

    Status
    Offline
    Join Date
    May 2004
    Location
    Preston
    Posts
    3,052
    Quote Originally Posted by DaveA3 View Post
    whats to stop them connecting again though? obviously now he has turned the net off but they could just reconnect and do it all again. Changing IP would prevent that as long as its not in the same range hence the call to the ISP. I dunno what software they used to connect but its easily configured to not even ask permission to connect as im sure u know mate.

    granted a fresh install would be the best option anyway which would nuke any software scripts etc in order for the above to take place
    First of all, I'd be prepared to stake all the cash in my pocket that the connection isn't initiated inbound; it's just too much of a headache to get through a Network Address Translation layer when it's far easier and more reliable to get someone to hit an URL which will download a component to initiate remote access from the client side - that negates the need for any NAT traversal as the first packet outbound will have the MAC address of the adapter on the LAN at the other end (this is exactly the same way TeamViewer, Skype and later versions of MSN work). It makes sense to do it that way because whatever the remote-access session is used to install will be making outbound connections to send your bank details / the offset of your wheels / your mrs' vital statistics (/whatever data they want to collect).

    That being the case, changing your IP won't do a blind bit of good because when whatever malware they've installed is able to reconnect to the net, the folks who put it there will get a packet with your internet IP and the MAC of the machine they're interested in.

    So, wiping the machine from the partition upwards will remove the malware; meaning there'll be nothing there making outbound connections, let alone sending data - and of course it won't matter whether you're using the same IP address or not given that there'll be nothing in the machine to handshake a connection.

    As regards phoning your ISP for a new IP address, that's only ever really any use if you've got a static IP address - but folks using them will generally know that because a) they'll know they're paying for one (or more), b) they'll generally want one for a reason, and c) they'll be awfully upset about the prospect of changing it (because of (b)). If you're using an IP address which is assigned by Dynamic Host Configuration Protocol, getting a new IP is as easy as turning your machine/router off long enough for either a) the lease on your IP to expire, making it likely to be re-issued, b) peak demand to mean that leases on currently-unused IPs are ignored and the address is reassigned due to a shortage in the pool. If you rang your 'mainstream' ISP and asked the banana bin on the phone to give you a new IP they'd probably have no concept you're on about, and I'd doubt you'd ever get through to someone with enough access (and inclination) to find your DHCP lease and release it.

    So... IP has very little effect on the problem; and the ONLY real course of action is to level the machine. Now, by my reckoning you need to come and hold this mahoosive quatrro gearbox for Byzan A4 because I've been writing ^that^

    All the best,

    Rob.
    Boot full of dog. Back seat full of lenses.

  10. #9
    NHN
    NHN's Avatar
    Modmetractor

    Status
    Offline
    Join Date
    Jan 2008
    Location
    Coding Something
    Posts
    26,716
    I concur with Rob, all of the above, no other way forward, 1st port of call would be banks & any online systems that saved login info even if encrypted, change passwords immediately just as precaution.

    OEM RETROFITS - CRUISE CONTROL - SAT NAV - BLUETOOTH - AMI - HEADLIGHT SYSTEMS

    PARKING SYSTEMS - DIAGNOSTICS - FAULT FINDING - BODYWORK - PAINTWORK

  11. #10
    Crazyfool's Avatar
    Lead boot

    Status
    Offline
    Join Date
    Feb 2007
    Location
    South East
    Posts
    498
    I got in touch with the bank who has advised me that I should download their protection software. The other lucky thing is that my password is the same, but there is also a requirement for a random numbering system which changes everytime I logon.
    (59) 2.0T A4 S-Line Avant (B8) Lava Grey
    (N) 2.6 V6 Audi Convertible Europa Blue
    Gone: (02) 1.8T A4 sport saloon (B6) Denim Blue

  12. #11
    NHN
    NHN's Avatar
    Modmetractor

    Status
    Offline
    Join Date
    Jan 2008
    Location
    Coding Something
    Posts
    26,716
    Yes but tbh the random system say like HSBC uses is ****e, its not as random as they like to think, neither is Lloyds & if you mean rapport, well I dont use it, maybe others can advise.

    NatWest's 'Rapport' software - should I install it? - MoneySavingExpert.com Forums

    OEM RETROFITS - CRUISE CONTROL - SAT NAV - BLUETOOTH - AMI - HEADLIGHT SYSTEMS

    PARKING SYSTEMS - DIAGNOSTICS - FAULT FINDING - BODYWORK - PAINTWORK

  13. #12
    DaveA3's Avatar
    Audi A-Trizzle!

    Status
    Offline
    Join Date
    Feb 2010
    Location
    Milton Keynes
    Posts
    2,378
    Rob

    thats why ur the boss. i didnt think about that to be honest. Just assumed it would be some sort of inbound attack.

    Audi A3 1.8T Sport (AGU) - 2000
    Engine: Carbonio CAI/Jetex JR Hybrid Induction, Forge 007p DV, Forge TIP, Longlife S/S Custom Exhaust system, R-Tech Stage 1 Remap, Creation Motorsport Boost Pipe Kit.
    Exterior and Chassis: 18" Cades Tyrus, Euro Wipers, low on JOM Coilovers, Eibach Front & Rear ARB's, Black Angel Eye Headlights, 6000K HID's, S3 Brakes.
    For Sale PM ME - £2500 Mods Inc

  14. #13
    FactionOne's Avatar
    Administrator

    Status
    Offline
    Join Date
    May 2004
    Location
    Preston
    Posts
    3,052
    (FAIRLY IMPORTANT) BUMP:

    Well, I've just had the call myself...

    Landline rang, loads of zeros on the caller display; I answered, and a far eastern accent started to talk about Microsoft, my computer having a virus, and them needing to fix it. It was almost nonsense, and as soon as I asked questions it became apparent the caller wasn't making sense of a word I was saying.

    That was until I said "Are you suggesting you need to gain access to my computer to remove a virus from it? <pause> In that case I need to call the Police" - and the caller hung up.

    Be on your guard folks, they're probably not all as sloppy as that; and they're DEFINITELY still out there...

    Rob.
    Boot full of dog. Back seat full of lenses.

  15. #14
    jojo's Avatar
    S3 Drift King!

    Status
    Offline
    Join Date
    Sep 2003
    Location
    Solihull, Midlands
    Posts
    24,833
    I would have said, ok, you've been on the phone long enough for the police to track where you are, goodluck, mwuhahahahaha!


    99' Audi S3(APY) - Brilliant Black Click>>>Going Sideways vid!
    You've got to have a laugh!



  16. #15
    mikeyg's Avatar
    4th Gear

    Status
    Offline
    Join Date
    Jan 2011
    Location
    Milton Keynes
    Posts
    835
    I doubt the phone call would have even got to that with me,if anyone phones me at home from a company i dont recognise i normally just hang up, or sometimes leave them on the phone talking and just put the phone on the side and see how long they will continue to talk to themselves for.

  17. #16
    Crazyfool's Avatar
    Lead boot

    Status
    Offline
    Join Date
    Feb 2007
    Location
    South East
    Posts
    498
    I'm starting to get annoyed now. I still can't find my Windows 7 disc, so still doing everything via my iPhone. When I get a chance, I will pull our office apart to see if I can find it. Such a pain.

    HSBC recommended downloading Rapport, but I won't be installing it.
    (59) 2.0T A4 S-Line Avant (B8) Lava Grey
    (N) 2.6 V6 Audi Convertible Europa Blue
    Gone: (02) 1.8T A4 sport saloon (B6) Denim Blue

  18. #17
    DaveA3's Avatar
    Audi A-Trizzle!

    Status
    Offline
    Join Date
    Feb 2010
    Location
    Milton Keynes
    Posts
    2,378
    cheers rob better tell the parents..

    thought it would be a one off thing

    Audi A3 1.8T Sport (AGU) - 2000
    Engine: Carbonio CAI/Jetex JR Hybrid Induction, Forge 007p DV, Forge TIP, Longlife S/S Custom Exhaust system, R-Tech Stage 1 Remap, Creation Motorsport Boost Pipe Kit.
    Exterior and Chassis: 18" Cades Tyrus, Euro Wipers, low on JOM Coilovers, Eibach Front & Rear ARB's, Black Angel Eye Headlights, 6000K HID's, S3 Brakes.
    For Sale PM ME - £2500 Mods Inc

  19. #18
    Gti Jazz Blue's Avatar
    6th Gear

    Status
    Offline
    Join Date
    Feb 2007
    Location
    Hampshire
    Posts
    1,654
    I've spread the word to the olds and my collegues.

    Paul
    2011 (MY12) Skoda Octavia II FL VRS Manual Hatch 2.0Tsi in Race Blue.
    Gone not forgotten -
    2005 Black A3 (8P1) S-Line 2.0TDi DSG. Eibach Pro Springs, Koni FSD shocks and a few bling bits inside.
    Revo 99 GTi Turbo, too much to list mod wise.
    92 Golf Gti Mark 2 16V.

    VCDS HEX-USB+CAN

  20. #19
    scbduke's Avatar
    Neutral

    Status
    Offline
    Join Date
    Aug 2005
    Location
    Oxfordshire,England
    Posts
    55
    I've had a couple of similar calls in the past along the lines of "We've noticed that your windows system is running slowly .........." to which I reply "Could be a bit difficult as we're a Macintosh only household"
    When they continue to rattle on I've either just hung up or asked them if they know the difference between a Windows system and a MAC - that normally ends the call. And yes, every time I've had a call it's come from India.
    Silver 2007 A4 2.0T FSI S-Line SE v2
    RNS-E, Auto lights/wipers, Auto dimming rear view mirror, 18" S4 Alloys, rear parking sensors, Bluetooth, GSM phone prep, 6 CD autochanger, Black Optic pack, Electric/heated front seats

  21. #20
    Crazyfool's Avatar
    Lead boot

    Status
    Offline
    Join Date
    Feb 2007
    Location
    South East
    Posts
    498
    Quote Originally Posted by DaveA3 View Post
    cheers rob better tell the parents..

    thought it would be a one off thing
    Definately not. My father has had a couple of calls and a friend said he was caught hook, line and sinker
    (59) 2.0T A4 S-Line Avant (B8) Lava Grey
    (N) 2.6 V6 Audi Convertible Europa Blue
    Gone: (02) 1.8T A4 sport saloon (B6) Denim Blue

  22. #21
    FactionOne's Avatar
    Administrator

    Status
    Offline
    Join Date
    May 2004
    Location
    Preston
    Posts
    3,052
    Quote Originally Posted by Crazyfool View Post
    I'm starting to get annoyed now. I still can't find my Windows 7 disc, so still doing everything via my iPhone. When I get a chance, I will pull our office apart to see if I can find it. Such a pain.

    HSBC recommended downloading Rapport, but I won't be installing it.
    Rapport's not all that bad in fairness. I eventually installed it, its main component is a browser plugin which apparently prevents you getting scammed by url masking / iframes etc; I'm not sure how much defence it is against keyloggers and the like; but it at least ensure you're only opening sockets to where you intend to when using banking/ecommerce.

    There's a toggle for it too (I think it puts it in a programs group on the start menu), so you can 'unload' it if you're worried about overall privacy, and just use it when you do your banking/commerce - I figured it's probably better to be able to answer "yes" if you're ever in the unlucky position that someone from HSBC is asking "so had you installed the rapport security software we recommened before that cheeky scamp cleared out your bank account*?" (* = /overdraft!).

    Rob.
    Boot full of dog. Back seat full of lenses.

 

 

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
Single Sign On provided by vBSSO

Garage Plus, Vendor Tools vBulletin Plugins by Drive Thru Online, Inc.

Content Relevant URLs by vBSEO