# Teamviewer scam



## DukedeYoung (May 5, 2012)

Hi guys, recently I've been trying to get ahold of Alienware tech support to fix a problem I've been having with my computer. Apparently scammers hacked into the Alienware servers and got my phone number, and called me. As the scammer knew my problem and was asking me the status of my computer, saying he was from the company. I allowed him to run "Join Remote Control Session" on the Teamviewer site as it was similar to the site that Alienware uses. He directed me to the Teamviewer site through an ip-address looking site address (I still have it but do not want to post it on here.)

He did not download anything, but was trying to get me to buy a warranty so he could fix the issue I've been having. I refused, then called Dell and informed them of the scammer. They ran a couple of virus scanners for me, and I'm now running my installed Avast and new Malwarebytes. Nothing seems to be infected, but I'm afraid that the scammer can still see my computer because he used a different site than the official Teamviewer site. 

I feel incredibly stupid (and am stupid) and have learned my lesson the hard way. =/ Please help!


----------



## aareleb (Nov 20, 2011)

I would make sure Teamviewer is NOT running on your computer then. Teamviewer is a program that will allow some one full control of your computer. They can do all most anything and see everything you are doing
I have used it to fix computer issues on family computers.


Aareleb


----------



## Oliwa (Nov 9, 2011)

That's really bad. 
I am sure the hacker put a Trojan on your computer which allow the hacker to remote control your computer. Suggest you clean your computer immediately.


----------



## DukedeYoung (May 5, 2012)

I cleaned my computer out with any virus protection I could get my hands on. It isn't running on my computer, as far as I'm aware at least. I found out the "ip looking site" is actually the ip address for the hosting servers that TeamViewer uses in Germany, so I suppose it isn't as dangerous as I thought it was? He didn't download anything to my computer (again, as far as I'm aware) and everything seems to be fine... 

Does anyone have any recommendations?


----------



## JMH3143 (Jun 18, 2012)

*Did you actually download TeamViewer?
If so did you delete it?

Have you run a Full Scan with Malwarebytes?
Results at the end?*


----------



## Glaswegian (Sep 16, 2005)

Hi

Have you checked in Add/Remove Programs to see if Teamviewer or any other unknown programme has been installed? If not then you are probably OK.

Continue running scans on a regular basis - use online scanners as well. No single programme will catch everything.

Have a look here for general security suggestions and tips

http://www.techsupportforum.com/forums/f112/pc-safety-and-security-what-do-i-need-525915.html


If you are still concerned then we can check over your system - follow the steps outlined here

NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

*Do not post your logs back in this thread - follow the guidance in the above link!*

If you have problems with any of the steps, simply move on to the next one and make a note of the problem in your reply.

Please note that the Security Forum is always busy, so I would ask for your patience while waiting for a reply - it may take a few days.


----------



## DukedeYoung (May 5, 2012)

Thanks guys! I appreciate the replies. No, I didn't actually download Teamviewer, just ran the application that was supplied on the site that WASN'T the client for Teamviewer. It was "Join Remote Control Session"

I will follow all of the steps provided, thank you. I did not see any new programs myself, and Dell checked over all of the programs in add/remove to make sure nothing suspicious was there. Malwarebytes came back with nothing suspicious, as did Spybot Search and Destroy.


----------



## epshatto (Dec 23, 2010)

You should also try to see if anything is running in the background on your PC, using port 3389.

To do that, you should open Command Prompt and use the command *netstat -an*

Suspect you won't find anything, but look for an IP address using port 3389 just to make sure.

If you have a firewall you should also review logs for anything suspicious.

Possibility exists you could have a trojan acting as a backdoor to your system. I consider it unlikely but in the interests of being thorough...


----------



## liamm (Jan 6, 2012)

Oliwa said:


> That's really bad.
> I am sure the hacker put a Trojan on your computer which allow the hacker to remote control your computer. Suggest you clean your computer immediately.


It isn't that easy. As a computer science student, I advise you not to believe everything you see in movies.

Easyest thing to do to prevent hackers controlling your pc, is to check your firewall, and make sure there isn't a single application you don't know on the trust list . The firewall is pretty good, so don't worry. Also, delete all your browser variables, and make sure you don't have account details in obvious places. Although the OS won't allow a program to go haywire with the computer, it may very well read your hard drive, although it takes time, but it's still a risk.


----------



## JMH3143 (Jun 18, 2012)

*DukedeYoung,

Re the "scare" you have had.

IMO - I'ts too late after "the stable door is shut & the horse has bolted"
Education / knowledge is the best way to learn to avoid the "nasties"....

Prevention always preferable to cure.

The obvious one of course is the responsibilty of the person clicking the mouse.
Exercise that responsibility - Resist temptation!

If ever in doubt seek further help at a trusted Forum such as this.*


----------

