I got a frantic phone call from someone in the family today, claiming their telco was on the other phone warning about a remote attack. He’d got them to run a netstat to confirm multiple people were trying to hack them, but that installing TeamViewer and some other software would be able to fix it.
The blood rushed to my head, and in a moment that perhaps either scared or surprised my coworkers, I shouted to immediately hang up on the “provider” and turn off the router.
We were very lucky that they’d given it some thought and thought the software install step was a red flag before proceeding. Or it could have ended much worse.
This person spent their lives working on highly technical systems and only just semi-retired. The fact even someone like that can come that close to being scammed is nothing short of terrifying.
My industry has failed in its duty of care and is responsible for this. We told people they could use their computers for online banking, secure communication, the works. And it can all be undone with the privacy equivilent of an analogue loophole. How do we fix this?