Telephone support scams are not new. The basic process is a phone call offering to fix computer problems that are slowing down Windows computers. Since the majority of users have Windows, and the majority of users are dissatisfied with their computer speed, its a statistically fair bet. But of course it is almost certainly a scam seeking credit card details.
Now AVAST has noted that it is being used within the scam. Adam Riley, head of 3rd party suppliers, has reported customers “receiving phone calls from ‘Avast customer service’ reps who need to take control of their computer to resolve some issue and who, for a fee, wish to charge them for this privilege.” It’s a scam. “Stay alert,” he says, “and never give access to your computer (remotely or in person) to someone you do not trust.”
That advice is relevant to everyone – but perhaps now particularly relevant to AVAST’s own customers. The new AVAST! 7 anti-malware product includes a RAT. Friendly RATs are remote access tools; unfriendly RATs are remote access trojans. AVAST’s RAT is its remote assistance tool.
“We wanted to make it easier for AVAST! users to help each other,” said Vince Steckler, CEO of AVAST Software. “Our data shows that two thirds of new avast! users come because a friend recommended us – and this helping process continues after the initial installation.”
The association of RATs with malware seems incongruous in relation to an anti-malware company. But not all RATs are bad. Luis Corrons, technical director at PandaLabs explained that in general, a RAT “is a tool that could be useful for some kind of ‘friends tech support’,” especially when the software in question does not have its own technical support service. “Windows itself does come with a remote desktop feature,” he added. There is potential here, then, for friends to use AVAST! to help each other, even when the anti-malware product isn’t the prime motivation.
AVAST claims it is easy to use. An ‘Allow Remote Control’ button generates a unique code which is sent to the AVAST! ‘helper-friend’, enabling the recipient to have remote access to the requesting computer. All traffic is routed through the AVAST servers, bypasses potentially blocking firewalls, and can be ended at any time by the initiating person.
But AVAST Software is aware of the security concerns some users may have. “People want to be able to get or give help, but they want to make sure they are not creating a security risk at the same time,” said Steckler. “This is why Remote Assistance can only be triggered by the person wanting help, and each code is limited to a single session.”