Monthly Archives: July 2016

Fake TalkTalk Frequently Asked Questions

I use TalkTalk for broadband and landline – though I never signed up with TalkTalk, I signed up with a smaller provider that was taken over – and recently I have been plagued with calls from people claiming to be from TalkTalk, but who in fact have malicious intent. If I am busy I just put the phone down, but sometimes I chat with them for a while, to discover more about what they are trying to do.

Rather than write a long general piece about this problem, I thought the best approach would be a Q&A with answers to the best of my knowledge.

Why so many fake TalkTalk calls?

I have two landline numbers, and until recently only the non-TalkTalk number ever got called by scammers. This makes me think that the flood of TalkTalk calls is related to data stolen from the company, perhaps in October 215 or perhaps in subsequent attacks. Some victims report that scammers know their name and account number; in my case I don’t have any evidence for that. On a couple of occasions I have asked the caller to state my account number but they have given me a random number. However I do think that my telephone number is on a list of valid TalkTalk numbers that is circulating among these criminal companies.

How do I know if it is really TalkTalk?

My advice is to assume that is it not TalkTalk. If you think TalkTalk really wants to get in touch with you, put the phone down and call TalkTalk customer service, either from another number or after waiting 15 minutes to make sure that the person who called you has really terminated the call.

How does the caller know my Computer License ID?

A common part of these scripts is that the caller will show that he knows your “computer license ID” by guiding you to show it on your screen and then reading it to you. They do this by getting to you open a command window and type assoc:

image

The way this works is simple. The number you see next to .ZFSendToTarget is not a license ID. The abbreviation stands for Class ID and it is part of the plumbing of Windows, the same on every Windows PC.

What about all the malware errors and warnings on my PC?

This is a core part of the fake TalkTalk (and fake Microsoft) script. Our server has picked up warning messages from your computer, they say, and they show you a list of them.

The way this works is that the scammer guides you to open a Windows utility called Event Viewer, usually via the Run dialog (type eventvwr). Then they get you to filter it to show “Administrative events” which filters the log to show only errors and warnings.

Now, you have to agree that the number of errors and warnings Windows manages to generate is remarkable. My PC has over 9,000:

image

However, these messages are not generated by malware, nor are they broadcast to the world (or to TalkTalk servers). They are simply log entries generated by the operating system. If you have time on your hands, you can look up the reason for each one and even fix many of them; but in most cases they are just noise. Real malware, needless to say, does not make helpful logs of its activity but keeps quiet about it.

What does Fake TalkTalk really want to do?

Once your fake TalkTalk caller has persuaded you that something is wrong with your PC or router or internet connection, the next step is invariably to get remote access to your PC. They do this by guiding you to a website such as Ammyy or Logmein Rescue, and initiate a support session. These are legitimate services used by support engineers, but unfortunately if you allow someone untrustworthy to log onto your PC bad things will happen. Despite what the caller may tell you, these sessions are not just for messaging but enable the scammer to see your computer screen and even take over mouse and keyboard input.

Windows will generally warn you before you allow a remote session to start. You have to pass a dialog that says something like “Do you want to allow this app to make changes to your PC?” or similar. This warning is there for a reason! For sure say No if fake TalkTalk is on the line.

Note though that this remote control software is not in itself malware. Therefore you will see that the software that is trying to run is from a legitimate company. Unfortunately that will not protect you when someone who means you harm is at the other end of the connection.

OK, so Fake TalkTalk has a remote connection. What next?

Despite my interest in the goals of these scammers, I have never gone so far as to allow them to connect. There are ways to do this relatively safely, with an isolated virtual machine, but I have not gone that far. However I have seen reports from victims.

There is no single fake TalkTalk, but many organisations out there who do this impersonating. So the goals of these various organisations (and they are generally organisations rather than individuals) will vary.

A known scam is that the scammer will tell you a refund is due because of your slow internet connection. They show you that the sum has been paid, via a fake site, but oh dear, it is more than is due! For example, you are due £200 but have been paid £1200. Oops. Would you mind repaying the £1000 or I will be fired? So you send off £1000 but it turns out you were not paid any money at all.

Other possibilities are that your PC becomes part of a bot network, to be rented out to criminals for various purposes; or that the “engineer” finds such severe “problems” with your PC that you have to purchase their expensive anti-malware software or service; or your PC may be used to send out spam; or a small piece of software is installed that captures your keystrokes so your passwords will be sent to the scammer; or the scammer will search your documents for information they can use for identity theft.

Many possibilities, so for sure it is better not to let these scammers, or anyone you do not trust, to connect to your PC.

Who are the organisations behind Fake TalkTalk?

When I am called by TalkTalk impersonators, I notice several things. One is that the call quality is often poor, thanks to use of a cheap voice over IP connection from a far-off country. Second, I can hear many other calls taking place in the background, showing that these are not just individuals but organisations of some size. In fact, a common pattern is that three people are involved, one who initiates the call, a supervisor who makes the remote connection, and a third “engineer” who takes over once the connection is made.

One thing you can be sure of is that the are not in the UK. In fact, all the calls I have had seem to originate from outside Europe. This means of course that they are outside the scope of our regulators and difficult for police or fraud investigators to track down.

If you ask one of these callers where they are calling from, they often say they are in London. You can have some fun by asking questions like “what is the weather like in London?” or “what is the nearest tube station?”, they probably have no idea.

What is being done about this problem?

Good question. I have reported all my calls to TalkTalk, as well as using “Report abuse” forms on LogMeIn with the PIN numbers used by the criminals. On one occasion I had a scammer’s Google email address given to me; there is no way I can find to report this to Google which perhaps shows the limits of how much the company cares about our security.

I am not optimistic then that much of substance is being done or can be done. Addressing the problem at source means visiting the country where the scam is based and working with local law enforcement; even if that worked, other organisations in other countries soon pop up.

That means, for the moment, that education and warning is essential, imperfect though it is. TalkTalk, it seems to me, could do much better. Have they contacted all their customers will information and warnings? I don’t believe so. It is worried, perhaps, more about its reputation than the security of its customers.

Mo-Fi headphones from Blue: distinctive design delivers excellent sound

I attend several trade shows during the year, and at one of these Blue was showing off its microphones and headphones. These are the world’s best headphones, said one of the representatives. I expressed some scepticism and she promised to send me a pair to try.

image

The Mo-Fi, which sells for around £249 or $349, is an unusual set of wired headphones in that it includes its own amplifier, powered by a rechargeable 1020mAh battery. It takes 3-4 hours to charge, which gives you around 12 hours of play, though if the battery runs out it is not fatal as you can also use the headphones in passive mode.

The amplifier can also be used in “On+” mode which boosts the bass slightly. Despite this feature, these headphones are designed for those who like a natural sound rather than one which exaggerates the sonics for instant appeal but later fatigue.

First impressions

When you unpack the Mo-Fi headphones from their solid cuboid box you immediately get an impression of a well-built and high quality product. This is an over the ear design with a metal frame and what I would describe as a modernist, industrial look; opinions on this will vary but personally I am more interested in the sound and the comfort. If you are looking for a svelte and elegant headset though, these will not be for you.

image

In order to achieve a good fit whatever the size of your head, Blue has put hinges on the earcups so you can tilt them inwards, reducing their distance from the headband. You can also adjust the tension on the headband to get a looser or tighter grip according to taste. I find the comfort OK though not the best; the problem is that the solidity of the design means greater weight (455g) so you notice them a bit more than a lighter and softer set. That said, I can wear them for an hour or two without strain.

Blue supply two cables, a short 1.2 meter cable for iPad and iPhone which includes volume, pause and microphone, and a 3 meter cable for other sources. There is also an adaptor for headphone amplifiers with a 1/4” jack socket, and another for aeroplane seats with the old dual jack sockets. Finally, you get a well made soft case with a carry strap.

image

There is no mention of Android phones in the short manual, but the iPhone cable works fine for microphone and pause/play. The in-cable volume controls only with Apple devices though, because of annoyingly different hardware standards.

Sound quality

The philosophy behind the Mo-Fi seems to be that most of use compromise our listening experience by using headphones or headsets that do not do justice to the music. In part this is because of inferior headphone amplifiers in many mobile devices, which the Mo-Fi’s built-in amplifier mitigates though cannot fix completely (since it is not bypassed).

I tried the Mo-Fi on a variety of devices, including Android phones, an iPad, and an audiophile headphone amplifier (Graham Slee Solo). I compared them to several other headphones and headsets, using music including classical, jazz, rock and pop. I listened to the Mo-Fi mostly with its amplifier on, but not in the on+ position.

The good news: the sound is excellent. It is clean, precise, extended in frequency response, and generally neutral in tone though with slightly recessed high frequencies.

What is the effect of the built-in amplifier? It depends. Using the external headphone amplifier, the built-in amplifier does little more than increase the volume. You can get the same result by turning up the volume in passive mode. On a phone though, the effect is more marked, and you can hear improvement in quality as well as volume. That is what you would expect.

However, while the Mo-Fi sounds good with a phone, I was surprised how much much the sound improved when using the Graham Slee amplifier. Since a Solo costs more than the Mo-Fi, perhaps that is not surprising, but it does illustrate that unfortunately there are still compromises when using a smartphone for music.

What kind of sound do you get from the Mo-FI? Since it is neutral and clean, the Mo-Fi sounds good with all kinds of music, though they are not bright, to the extent that you should avoid them if you like a bright sound. The bass I found particularly tuneful, for example on My Funny Valentine by Miles Davis, which is a rare quality. Listening to the magical Four Seasons by the Academy of St Martin in the Fields I found the Mo-Fi smooth and engaging but not quite as clear or sweet as on high-end Sennheiser headphones.

Playing By Your Side by Sade, which has deep bass that is difficult to reproduce, the Mo-Fi coped well with all the bass energy, though losing the cymbals on this track sounded slightly muted.

Death of a Bachelor by Panic! at the Disco is always an interesting track to play, thanks to its ridiculous bass extension. The Sennheiser HD 600 (about the same price as the Mo-Fi though an open back design) sounds too polite on this track, failing to reproduce the bass thunder, but in compensation sounds tuneful and clean. The Mo-Fi makes more effort to reproduce the bass but on this very demanding track it does tend to blur (a rare failing with these cans) making the tune harder to follow.

On a modern recording of Beethoven’s 5th Symphony (San Francisco Symphony Orchestra conducted by Michael Tilson Thomas), the Mo-Fi does a fine job reproducing the scale and drama of the opening movement, no trace of blurring here. It is a big sound though again slightly let down by the treble.

No, these are not the best headphones in the world, but they do deliver outstanding quality at what, in audiophile terms, is a moderate cost.

If your preferences veer towards realistic bass and a big, articulate sound you will like the Mo-Fi. If you prefer a sweet, detailed treble with lots of air and space, these might not be for you.

There is one annoyance. One is that the amplifier switch is slightly crackly on my Mo-Fi. I worry that it might get worse over time.

Blue quotes a “15Hz-20kHz” frequency response for both the amplifier and the drivers, but without any indication of how much frequency drops off at the extremes so these figures are meaningless. Impedance is 42 ohms.

Summary

The sound quality is great, but the downside is that the Mo-Fi is relatively heavy and bulky and so some that will be a considerable disadvantage, especially as it does affect the wearing comfort. I can wear the HD 600 all day, whereas after a couple of hours I wanted to remove the Mo-Fi (it might become more comfortable as it wears). The closed back design means you get good sound isolation, which is good or bad depending on how much you want to be able to hear external sounds while listening to music.

If that doesn’t put you off, the Mo-Fi is well worth a listen. It’s well made, thoughtfully packaged, and sounds better than most of its competition.