Here's a certified FRESH one!

thecomputerguy said:
"Those" people are out there, they are my clients, and somehow, they have all the money.
Click to expand...
One of my long time clients is a cardiologist in a specialized field. In addition to running a busy practice he often speaks at international conferences. When it comes to using a computer, if there's not an icon on the desktop for the handful of sites he visits he's lost.
 
thecomputerguy said:
"Those" people are out there, they are my clients, and somehow, they have all the money.
Click to expand...

I think you've missed my point, and that is that someone who is in the exact position you described should never, never, never, in 2022 be doing just precisely what she did. There is no excuse for it from a home user, let alone a business user. Plowing past multiple red flags and allowing ANYONE remote access to your computer when you did not initiate the contact is insanity. This is not news.

Regardless of whether they're you're clients (and I have some too), there is no reason to excuse this level of stupidity. All I can hope is that this will be a once burned (and I'm sure educated by you afterward) twice shy situation.

I just cannot believe anyone using company-issued hardware would not have had to go through basic security training, probably once every few years, and could ignore all the things this person ignored. How does that happen?
 
britechguy said:
I think you've missed my point, and that is that someone who is in the exact position you described should never, never, never, in 2022 be doing just precisely what she did. There is no excuse for it from a home user, let alone a business user. Plowing past multiple red flags and allowing ANYONE remote access to your computer when you did not initiate the contact is insanity. This is not news.

Regardless of whether they're you're clients (and I have some too), there is no reason to excuse this level of stupidity. All I can hope is that this will be a once burned (and I'm sure educated by you afterward) twice shy situation.

I just cannot believe anyone using company-issued hardware would not have had to go through basic security training, probably once every few years, and could ignore all the things this person ignored. How does that happen?
Click to expand...
I don't have a single client that can afford any kind of computer training yet alone security training for the employees. You just don't see that in companies with less than 50 PCs
 
timeshifter said:
I see where you’re coming from. It’s interesting to figure what has been done and undo it. Satisfying. But at the end of the day I’m going to still nuke it to be 100% sure to protect myself and my client.
Click to expand...
Glad to hear it, if you want to dig into the system and figure it out more power to you.

But stuff like this simply never goes back into service. I pull the drive, snag data, and nuke it. If the client is configured in M365 properly, I don't even bother with a backup... just nuke it and let onedrive put the data back when the user signs in.

The rest, is just more time that I cannot bill.
 
Sky-Knight said:
Glad to hear it, if you want to dig into the system and figure it out more power to you.

But stuff like this simply never goes back into service. I pull the drive, snag data, and nuke it. If the client is configured in M365 properly, I don't even bother with a backup... just nuke it and let onedrive put the data back when the user signs in.

The rest, is just more time that I cannot bill.
Click to expand...
This. Too many techs want to figure out what happened and that really doesn't pay the bills. I don't even try to figure it out. I just do what is needed to secure the data and then nuke the system because a zero overwrite nuke isn't going to come back because I missed something. Assuming the data itself isn't compromised but my efforts are better spent spinning up a new system and thoroughly scanning the data for issues than trying to find and rip out whatever backdoors are in the system. Screenconnect is the only thing found so far. I would bet there's other stuff else why need the deceptive fake Windows Update curtain to hide what the Wizard of Oz is really doing?
 
Last edited:
thecomputerguy said:
Hmmm ... There is no entry in Add/Remove programs, just the folders in the AppData folder I tried where the ID used us the ID in the service that I've stopped and it says no instance could be found ... even after I reverted my re-naming of the AppData Folder and starting the service again.


I think I'm at the point where I either just disable the service and delete the folders and call it good, or N&P it and set it back up again from scratch which I personally don't really want to do.
Click to expand...
Just FYI, Screenconnect has 2 different install methods, for 'Access' and for 'Support'.
The former will show up in add/remove, the latter is a ClickOnce application and doesn't.
 
Wow... what a doozie.

I assume you provide SMB for the client. I have zero idea why they wouldn't call you in the first place, maybe it's an employee of the company that just doesn't know any better.

Personal email on a company laptop.



I mean, there are some folks who really aren't very smart when it comes to a computer. Ice that cake with folks who just don't exhibit much common sense either. But a lot of times, companies really don't do any training in this arena. Not even something so simple as taking half an hour to think of and produce a "best practices" for computer usage. There's a lot of low hanging fruit there that would eliminate a good deal of these types of situations. Hand out a copy to every new employee, email them a copy to their COMPANY email, and hang a few copies in various places / each room in the office.

If people see it enough, there's a slightly better chance they'll remember and adhere to it.
 
brandonkick said:
Wow... what a doozie.

I assume you provide SMB for the client. I have zero idea why they wouldn't call you in the first place, maybe it's an employee of the company that just doesn't know any better.

Personal email on a company laptop.



I mean, there are some folks who really aren't very smart when it comes to a computer. Ice that cake with folks who just don't exhibit much common sense either. But a lot of times, companies really don't do any training in this arena. Not even something so simple as taking half an hour to think of and produce a "best practices" for computer usage. There's a lot of low hanging fruit there that would eliminate a good deal of these types of situations. Hand out a copy to every new employee, email them a copy to their COMPANY email, and hang a few copies in various places / each room in the office.

If people see it enough, there's a slightly better chance they'll remember and adhere to it.
Click to expand...

They wont read it.

I have a template saved in my Gmail account that I send to people for when clients email me asking if spam which is clearly spam is spam. It's about a page with pictures and full phishing descriptions of How, Why, What for, How to detect, and how to prevent, what happens if infected.

The tone of the template is written in a very matter of fact, and almost in a dick'ish tone which was my intent. My intent was to convey a clear message, which is clearly a template, so that they could refer to it as needed and to convey that I am not your personal spam filter so stop emailing me asking stupid questions like this and use your damn brain.

The ending of the template says that I will be unable to respond to these types of requests in the future.

People still see something, forward it to me with the body just saying .. SPAM?

I will send an individual the same template 2 times before I stop responding altogether.

You give people too much credit.

I actually have templates for a lot of things including for when clients haven't enabled 2FA for the email accounts. It comes off as a sales pitch in a way, but I've actually had clients whose emails were hacked and then they blamed me for not proactively protecting them, then explaining and showing them my MULTIPLE past emails telling them they NEED 2FA on their system with a BIG FAT SMILE and they declined because they didn't want to pay me 3 hours of labor to set it up. They were like ... "OH, Well you should have hounded us more about it!"

Yep still definitely my fault. I guess grown adults just need to be treated like children sometimes.
 
Last edited:
No... they won't.

I gave up long ago, I'd rather spend two seconds responding confirming it's spam, then copy / paste a template. That not only takes more time, but negates an opportunity for direct customer interaction. The latter of which is the best way to retain clients.
 
thecomputerguy said:
I guess grown adults just need to be treated like children sometimes.
Click to expand...

Indeed they do, and that means two things:

1. Getting spanked when you do something you shouldn't (and you all know that's a metaphor).
2. Suffering natural consequences.

But what it doesn't mean is that I, or anyone else, should be spoonfeeding them constantly.

The old saw, "A lack of planning on your part does not constitute an emergency on mine," sometimes applies.
 
Sky-Knight said:
direct customer interaction. The latter of which is the best way to retain clients.
Click to expand...

Amen to that. It's even the best way to get future clients. I've often had people returning for something later when I've spent a couple of minutes on the phone with them at a given point in time and determined that they didn't need me then. The kind of "word of mouth" recommendations that gets is worth its weight in gold (platinum, maybe).
 
The part that annoys me? The "good" guys look just like the bad ones...

Is the following an advert from my competition looking for a client? Or... is it another scam?

From: Event <do_not_reply@on24event.com>
Sent: Monday, August 15, 2022 9:08 AM
To: Ana Terrones <support@keepe*****.com>
Subject: Reminder - Starting or Enhancing Your Cybersecurity Program

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

A friendly reminder that Starting or Enhancing Your Cybersecurity Program begins in two days.
LIVE WEBCAST DATE: August 17, 2022
LIVE WEBCAST TIME: 10:00 AM MDT
Use the link below to enter the webcast up to 15 minutes before the start.
WEBCAST LINK: https://event.on24.com/wcc/r/388298...E1F8D?mode=login&email=support@keepe*****.com
EMAIL: support@keepe*****.com
Thank you and enjoy the webcast!


Outlook/iCal

Google Calendar
Click to expand...

Everyone needs constant training in this space, every single one of us. "Use your brain" isn't an acceptable directive when that's exactly why this crap works! Both for legitimate, and illegitimate purposes.
 
Sky-Knight said:
Is the following an advert from my competition looking for a client? Or... is it another scam?
Click to expand...

Who knows (at least on quick examination), but it's instantly spam if it arrived in my inbox unsolicited. And it should be marked as such so that filters have this data point.

Spam, compared to scam, is an easy ID. Unsolicited anything from any entity with which I do not already do business is spam.
 
britechguy said:
Who knows (at least on quick examination), but it's instantly spam if it arrived in my inbox unsolicited. And it should be marked as such so that filters have this data point.

Spam, compared to scam, is an easy ID. Unsolicited anything from any entity with which I do not already do business is spam.
Click to expand...

And yet that spam is the only medium shops like mine have left to find new clients. It's utterly stupid. Heck this forum sells information packages that teach people how to do it.
 
You must log in or register to reply here.

Similar threads

britechguy
How do you advise executors (or those under their direction) with regard to computers of decedents?
Replies
3
Views
406
Blues
Blues
thecomputerguy
Never a dull moment. (story time)
Replies
18
Views
769
britechguy
britechguy
timeshifter
Confused about calendars
Replies
12
Views
769
timeshifter
timeshifter
thecomputerguy
Client keeps contacting me over his identity theft...
Replies
11
Views
944
britechguy
britechguy
thecomputerguy
New clients MFA is all out of whack and not sure how to fix it.
2 3
Replies
50
Views
3K
HCHTech
HCHTech
Back
Top