2

Earlier today, my partner responded to a phishing attempt (I believe) that suggested he call a number to get his computer scanned for viruses. He called the number, and allowed them access to "scan" his computer. He doesn't store anything on his computer. He has no email, no documents, nothing. I was concerned because I don't know whether my wireless network (which my partner and I both use) could allow a hacker into my computer, which DOES have email, passwords, etc. on it. I contacted my ISP provided (AT&T), and they say, unequivocally, that my computer could not have been accessed. I'd like to know if this is true. Thank you.

Vicky
  • 21
  • 1
  • 3
  • Does his computer have permissions to access your computer? Is your wireless network encrypted? Using PSK or enterprise? – timuzhti Nov 23 '15 at 05:24
  • I don't think he has permissions to access mine. I was only using WPA level security. I'm not tech savvy enough to know much more than that. He doesn't want anything on his computer - no email, nothing....just wants to web surf. But I have set it all up for him, and have downloaded things for him through my email. Hopefully there's nothing directly linked. His computer required an email address for set up, and we used my email for that; not sure if that opened any doors or not. – Vicky Nov 23 '15 at 06:50

3 Answers3

5

A calculated attacker can certainly leverage his access to the network in order to gain access to your computer, however I'm getting the vibe that this guy/gal isn't skilled enough to do that. Anyone with a decent amount of skill wouldn't be sending out phishing e-mails telling you to call him/her unless they're specifically targeting you.

In any case, it's important that you rid the computer of malware infection as soon as possible. Perhaps you can install antivirus software or pay a local computer shop to take care of it for you. Reinstalling the operating system is ideal in this situation and will rectify the issue 99.9% of the time. Just make sure to backup all of your files.

Good luck!

Hello
  • 163
  • 5
  • Thank you Impelled.....I will do it! I'm thinking you're right - that if they were targeting anyone specifically, it wouldn't be someone with zero information on their computer. Thank you so much. – Vicky Nov 23 '15 at 05:57
0

So, from what you've said of your setup, you're probably using WPA or WPA2 in PSK mode. Your partner's computer is definitely compromised, and has the key to your WiFi, so if he connected to the WiFi before you did, the attacker could look at your login packet and essentially MITM your connection and drop in a piece of malware via drive-by download.

This is, however, unlikely, as typical phishing attacks simply collects any login data and maybe drop a piece of non-propagating malware (to capture any more information it can and phone home regularly). It would be prudent to scan your computer anyway, using more than one security product. Spybot - Search and Destroy, Malwarebytes Anti-Malware and HitmanPro are common options. Use them in addition to your regular AV. If you find anything, I'd recommend a full wipe (including boot sector) + restore from backup.

If you don't have backups, you should decide how much your data is worth to you compared to a small chance of persistent malware. Same for your partner. It would also be a good idea to change your WiFi password.

timuzhti
  • 957
  • 12
  • 19
0

Yes, your computer could have been accessed; you're in the same scenario as a public wi-fi (e.g. a coffee shop).

Ultimately it depends on what's running in your computer, what operating system you're on and how protected you are overall. For example, assuming you run Windows, if you have configured your computer to be in a "Home network" (see this link) then an attacker could browse your shared folders if there is any enabled. If you don't have a firewall, or have one but it's not activated when you are in your home network, then the chances of a compromise are higher.

Furthermore, if your home router was configured with default credentials or if you never changed the router administrative password (not the wi-fi password), then it's possible the attacker has taken control of the router and could do things ranging from ad injection to DNS hijacking to, ultimately, man-in-the-middle attacks.

I strongly recommend you do the following in this order:

  1. disconnect your partner's computer from the network
  2. change the wi-fi password
  3. change the home router admin password
  4. set your home network to be untrusted (see the above link)
  5. update your computer's antivirus/firewall and enable them (scan your entire computer first)
  6. windows re-installed on your partner's computer

A further step might be change all his web passwords (e-mail, etc.) and if possible "log off from other sessions" (an example for gmail is here)

lorenzog
  • 1,931
  • 11
  • 18