A company had a problem with their bank’s remote deposit software. They called technical support, and the bank’s software support person announced, “First, I need to connect to your computer to see what is going on.” Fortunately, the company’s team member told the bank’s technical support person, “It is against company policy to permit any third parties to connect to our computers.”
The tech support representative at the bank pressed, “I cannot help you if you do not let me into your computer.”
The team member said, “Yes, you can. I can read you anything displayed on the screen, and I can type or click where you say. But we cannot permit anyone to connect remotely. What do you need me to read to you?”
The technician said, “Uh… Ok. What does the error message say?”
The team member replied, “The routing number field is not long enough.”
The technician said, “Ok, that is easy to fix.” And continued to help resolve the problem and all was fine.
Never, ever, permit anyone to remote into your computer.
Once you permit any third party to access your computer, your company’s security is only as good as their security. And you have no idea how good their security is.
Your internal IT team, or outsourced managed service provider, can already take control of your systems without asking you. They will not need to ask your permission. So, if you ever receive a call saying, “This is tech support, you don’t recognize me because I’m the new guy. I need your help to fix your computer. Please go to this website so I can take control of your system to resolve a technical glitch before it crashes your system,” then blow a whistle into the phone as loud as you can. That’s a bad guy using a social engineering ploy in an attempt to trick you into allowing them access into your system.
When in doubt, go back to the only reasonable answer: “No. You will not get access to this computer or any other computer at our organization.” Report this immediately and warn everyone else.
Please forward this to everyone you know or care about, so they know: Never permit anyone, even third party technical support, to access your computer remotely.