Has TeamViewer been hacked? Is this software worth the risk?
Security and convenience are always two things that are at odds with one another. You could improve the security of your home by adding an extra four locks to your front door, but that wouldn’t make it terribly convenient whenever a visitor or the postman stopped by. The same thing applies in computing of course. Do you encrypt your laptop, meaning you have to enter a passphrase every time you turn it on (often in addition to your regular Windows password) or do you simply rely on the security mechanisms that Windows comes with? By and large this comes down to just how sensitive the data is on your PC. While you might not care so much if a thief steals your holiday photos, you might be less pleased if they suddenly manage to empty your bank account. Keeping in mind that many of us use online banking now, having someone take full control over your PC could mean them taking full control of your financial information too.
Who would give control of their PC over to a stranger though? Unless you were unlucky enough to lose your laptop, most of us wouldn’t just hand over the keyboard and mouse to an unknown third party. Physically sitting at a desk isn’t the only way to get control over a PC however, one such way is to install remote control software, software like TeamViewer.
What is TeamViewer and exactly what does it do? TeamViewer lets another user take remote control of your PC through your local network or across the internet. Of course, there are lots of legitimate reasons why you might want to do this. We use similar software (Goto Assist) here at TWT HQ to help our customers who have technical problems we cannot troubleshoot via e-mail. You also might need a file, or to run a program on your home PC while you’re out on the road.
While software like TeamViewer can be extremely convenient, it also poses a significant security risk. Around the start of the month, several websites started running stories of how TeamViewer users around the world have had their computers compromised. The reported attacks resulting in the loss of money from Paypal or bank accounts or the installing of ransomware, software that locks your computer and files until a ransom is paid to the attackers.
TeamViewer were quick to deny that there had been any hack. Claiming the malicious activity was down to password re-use and general bad security practises. This is despite many users claiming they were hacked despite strong passwords and two factor authentication.
If you use TeamViewer or other similar software, there are some common-sense things you can do to keep yourself more secure.
Turn off TeamViewer or any other software when you don’t need it – If you’re not planning on needing remote access to your PC today, then turn off TeamViewer! Better still, turn the PC off entirely, even the most sophisticated hacker can’t remotely hack a PC that isn’t powered on.
Restrict access – TeamViewer lets you restrict access to your PC to certain IP (internet protocol) addresses, though this requires some advanced understanding of IP addresses and how the internet works. If you only use TeamViewer to connect to PCs in the same building, turn off external access altogether by selecting “LAN Connections Only” in the configuration window.
Use two-factor authentication – Two factor authentication is a way of strengthening the security of your logins. Rather than just using a password, you use a password and a security code. This security code changes each time you need to log in. You may have used a similar system with your bank, where you use a little code generator. With TeamViewer, this code generator is an app on your mobile phone, rather than a separate physical device.
Don’t use unattended mode if possible – Unattended mode in TeamViewer allows you to log onto your PC as long as it’s switched on. You don’t need to grant permission for someone to connect. Obviously this mode is a much bigger security risk. Perhaps you have family members living at home while you’re out on the road? If so, instead of using unattended mode, give them a call first and tell them how to accept your connection.
Never grant access to an unknown third party! – This one really sounds like a no-brainer, but people still fall for it. If you get a cold call claiming to be from Microsoft, or your ISP, or a technical support department, then simply hang up the phone. This particular scam has been going on for several years now. Usually the fraudster will try to convince you that there are viruses on your PC and that they can clean them up for you, if you allow them to connect through TeamViewer, Goto Assist or Ammyy (three programs that basically serve the same purpose). Don’t be duped by this, Microsoft, your ISP or any other reputable company will never cold-call you like this and request access to your PC.
Think carefully about using TeamViewer (or similar software) at all – Why do you need remote access to your PC? If there are certain documents you need, consider storing them in your OneDrive or your Dropbox. Files stored in the cloud like this are more vulnerable to hackers, but by taking sensible security precautions (like the ones listed above) you can minimise the risk and of course, losing a few files is far more preferable to losing control of your whole PC.
That concludes our newsletter for June. On behalf of the team here at TWT, I’d like to say thank you to all our readers, new and old for your continued support. The TWT Newsletter will return on the 10th July 2016 for more tips, tricks and techniques to help you get the best out of your PC, be it Windows Vista, Windows 7, Windows 8 or Windows 10. We hope that you found this newsletter informative and useful. If you did not then please let us know why, you can contact us by visiting this page. If you have enjoyed this newsletter, feel free to pass it on to all your friends and family, or better still encourage them to sign up for their own copy. Until next month, keep checking Top-Windows-Tutorials.com and enjoy happy, safe and stress-free computing!