Go Back  FlyerTalk Forums > Travel&Dining > Travel Technology
Reload this Page >

Phished using www.dwservice.net

Phished using www.dwservice.net

Old Apr 21, 2021, 7:43 am
  #1  
Original Poster
 
Join Date: Jul 2005
Posts: 1,063
Phished using www.dwservice.net

Mr. jsnydcsa Snr. (80+ years old) just got phished. Fell for the full scam. Listened to scammer on phone who had him download DWService software via www.dwservice.net

Though Mr. jsnydcsa Snr. wasn't exactly sure what happened (I am...), he says scammer shared into Mr. jsnydcsa Snr's Windows PC, had him log into Amazon account and purportedly "view" orders and other information (likely credit card numbers, only last few digits viewable). Mr. jsnydcsa Snr. got worried and confused when scammer started talking about more credit card specificity and other things and hung up on the scammer. We've locked down AMZN account and alerted credit card companies (no out of the ordinary activity on any). We've also deleted the .exe file Mr. jsnydcsa Snr. downloaded from www.dwservice.net.

Mr. jsnydcsa Snr. cannot "find" DWService software using Windows uninstall to uninstall the software. I attempted to talk him through it. But, he's too overwhelmed by all of it b/c of this incident ("I feel so stupid....") and just general computer illiteracy.

For now, computer is shut down. Told him its likely garbage now that we cannot be sure what the scammer did, installed or viewed while "sharing." The DWService software web site appears benign (which is the point, I guess) and it may be that the legit software ("in" Estonia...) is being used by scammers. I just want to know the level of "infection" of Mr. jsnydcsa Snr.'s PC and, if possible, how to remedy.

Any thoughts? I'm hundreds of miles away from Mr. jsnydcsa Snr.'s PC and remoting in is not possible.

This is why I have Jamesons in the full sized "Parental Help Desk" size.
jsnydcsa is offline  
Old Apr 21, 2021, 8:37 am
  #2  
 
Join Date: Sep 2013
Location: DAL
Posts: 1,368
Run Malaware Bytes to detect the spyware
gfunkdave likes this.
TGarza is offline  
Old Apr 21, 2021, 8:48 am
  #3  
Original Poster
 
Join Date: Jul 2005
Posts: 1,063
Originally Posted by TGarza
Run Malaware Bytes to detect the spyware
Tx. Tho I suspect Snr. will have trouble downloading, installing and ultimately using the software. Even getting him to find and use basic drop down menus is a nightmare.
jsnydcsa is offline  
Old Apr 21, 2021, 9:35 am
  #4  
 
Join Date: Jul 2013
Location: DAY/CMH
Programs: UA MileagePlus
Posts: 2,474
Windows will prevent the installation of malware IF Senior's account doesn't have administrator rights. If it does, you should definitely run a full scan and change his account to a user one as soon as you can.

This presumes that Windows User Account Control is enabled, as it always should be. In the early days of UAC, I received advice from several tech support desks to disable it. :-(
ajGoes is offline  
Old Apr 21, 2021, 9:39 am
  #5  
FlyerTalk Evangelist
 
Join Date: Apr 2009
Location: where lions are led by donkeys...
Programs: Lifetime Gold, Global Entry, Hertz PC, and my wallet
Posts: 20,273
No neighbours near Snr with kids/them that can drive the computer talking to you?
jsnydcsa, ajGoes and Loren Pechtel like this.
Silver Fox is offline  
Old Apr 21, 2021, 10:26 am
  #6  
Original Poster
 
Join Date: Jul 2005
Posts: 1,063
Originally Posted by Silver Fox
No neighbours near Snr with kids/them that can drive the computer talking to you?
That's a good idea. Thanks.
jsnydcsa is offline  
Old Apr 21, 2021, 9:05 pm
  #7  
 
Join Date: Jul 2002
Posts: 3,584
Or you could possibly do Zoom with Senior if he has a phone that would accommodate that. He could let you look at the screen and walk him through things.
xooz is offline  
Old Apr 22, 2021, 4:25 am
  #8  
 
Join Date: Jan 2015
Posts: 2,853
Originally Posted by xooz
Or you could possibly do Zoom with Senior if he has a phone that would accommodate that. He could let you look at the screen and walk him through things.
I would probably go with a neighbourhood kid. While the computer might remain functional they need to be prepared to do a clean install depending on how badly they were compromised... there's also likely a need to have several anti-malware scans to be run.
StuckInYYZ is offline  
Old Apr 22, 2021, 5:31 am
  #9  
 
Join Date: Nov 2006
Location: Detroit; Formerly Dubai
Posts: 3,649
I switched my then aging (now deceased) father-in-law to a Chrome Box in his elder years because they were easier to wipe and less likely to get malware.
TGarza likes this.
Dubai Stu is offline  
Old Apr 22, 2021, 11:07 am
  #10  
Original Poster
 
Join Date: Jul 2005
Posts: 1,063
As part of a larger "revamp" of Snr (and his wife's) tech that was brought up by this whole (ongoing) episode, we're going to outfit both of them with new Windows laptops. Currently, they have the compromised desktop computer (which remains shut down) and a barely functioning Windows laptop. Plan is that they each have their "own" computers. Laptops preferred b/c, touch wood, they are pretty mobile and travel a bit. Also bought a docking station so that either can dock up to the current desktop's dual monitors, printer/scanner/fax, keyboard and mouse.

The considered going with iPads (didn't like the screen based keyboard/cover-keyboard options), Macs (too expensive) and Chromebooks (whole new OS/user interface to deal with). They've used WIN PCs since as long as I can recall now. Old habits die hard.

As for the compromised desktop. It remains off. I'm going to (eventually, next couple of months) personally work on it myself as part of the switchover to the aforementioned laptops. I'll handle the malware scan, etc. We have a person who could assist the parents (see below). But, I don't feel comfortable asking that person to handle such a delicate task.

I appreciate the Zoom chat solution. But, trust me, its just easier for me to eventually be in front of the machine for all of the potential problems, issues, etc. A learning tip from all of this is I'm going to load onto the laptops a secure screen sharing type program so that I can perform tasks remotely.

Another learning tip is that I'm going to given them lower-level user access that specifically prevents software downloads. I should've done that from the beginning. My bad.

Finally, they've lined up a local to assist. In particular, I'm going to have her assist when the parents return home with their laptops and docking station to help them get back on to their home WiFi and to help setup and understand the docking station. I feel more comfortable with her assisting on these things.

In the "good news" department. Snr continues to report no strange email traffic or AMZN usage nor other activity (e.g. with bank accounts/credit cards).

Thankfully. Notwithstanding Snr.'s "trust" in someone on the phone, he and wife don't do online banking (yep, check's in the mail) or even online account access/online e-mailed statements (they have folder after folder of each months paper statements). So, there's not even a lot of financial/personal "online" accounts that the scammer could even attempt to access (free credit report requests for Snr and wife are pending). Also, by pure chance, about 1 month ago, Snr. had done a full backup of the compromised desktop. He says, he could "live" with everything since 1 month ago being totally lost if we just decided to trash the desktop. After 24+ hours of Snr. processing it all, it's more about the very hurt pride of having this happen than the actual damage (or potential therefor). Frankly, I'm more worried about the malware potential than the possibility of compromised accounts.

I appreciate everyone weighing in with excellent ideas. Though this is a traveler's forum and, in particular, a forum for travel technology, this forum has NEVER let me down on tech issues unrelated to travel. I could go to a dozen different web sites and never find a solution but this forum never disappoints.
ajGoes, pseudoswede and Silver Fox like this.
jsnydcsa is offline  
Old Apr 22, 2021, 3:31 pm
  #11  
 
Join Date: Nov 2006
Programs: Seniors Bus Pass
Posts: 5,526
I can recommend TeamViewer. It is on the laptops of a few senior friends that I provide support and guidance to and it allows me to look at and control their machine. There is a free version for non-commercial use.

Get someone to download to their machine for you, or do it yourself with the machines you are giving them. You can set them up so that they have to let you in (which I use with my friends) or that you can always enter - which will probably be ok with your folks.
ajGoes and Loren Pechtel like this.
antichef is online now  
Old Apr 22, 2021, 3:35 pm
  #12  
 
Join Date: Jul 2008
Location: YYZ
Programs: Hilton Diamond Mariott Plat UA Silver Aeroplan E25K SAS Gold NEXUS
Posts: 1,305
Install a remote agent on his computer so you can remotely control (small risk the remote agent will be compromised at some point). TeamViewer is suitable, or you can use one of the managed service provider tools but they are expensive for individual use ($89/month for you, free for the people you're trying to help - there's one from Atera or Synchro that's easy to use).

Logmein has options as well but believe they're more expensive. I think teamviewer is the cheapest one though I don't look into the individual cases like this often.
atsak is offline  
Old Apr 22, 2021, 3:38 pm
  #13  
 
Join Date: Jul 2013
Location: DAY/CMH
Programs: UA MileagePlus
Posts: 2,474
Originally Posted by jsnydcsa
Another learning tip is that I'm going to given them lower-level user access that specifically prevents software downloads. I should've done that from the beginning. My bad.
Be prepared to enter the administrator password whenever Senior needs to install something, including software and operating system updates. It can be inconvenient but much less so than the potential alternatives.
ajGoes is offline  
Old Apr 22, 2021, 4:02 pm
  #14  
A FlyerTalk Posting Legend
 
Join Date: Sep 2009
Location: Minneapolis: DL DM charter 2.3MM
Programs: A3*Gold, SPG Plat, HyattDiamond, MarriottPP, LHW exAccess, ICI, Raffles Amb, NW PE MM, TWA Gold MM
Posts: 100,162
Originally Posted by ajGoes
Be prepared to enter the administrator password whenever Senior needs to install something, including software and operating system updates. It can be inconvenient but much less so than the potential alternatives.
Some software updates require administrator passwords.

BTW, what's Logmein?
MSPeconomist is offline  
Old Apr 22, 2021, 5:01 pm
  #15  
Suspended
 
Join Date: Jul 2001
Location: Watchlisted by the prejudiced, en route to purgatory
Programs: Just Say No to Fleecing and Blacklisting
Posts: 102,103
Originally Posted by MSPeconomist
Some software updates require administrator passwords.

BTW, what's Logmein?
Logmein was a software solution to remotely access and control computers that used to be popular with some of us on FT. It's still around for the same purpose:

https://www.logmein.com/home2/v3#/

They sort of fleeced some of their customers who paid for their apps on mobile devices, so they became less popular because of that too.
ajGoes likes this.
GUWonder is offline  

Thread Tools
Search this Thread

Contact Us - Manage Preferences - Archive - Advertising - Cookie Policy - Privacy Statement - Terms of Service -

This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.