Recently someone has gained an access to my credit card (via my personal cabinet at bank's website) and transferred about $370 to unknown destination. While the bank's support team refuses to investigate this issue, I see in browser's history that supposedly me visited the bank's website (at around 01:40 am). Though I don't know how they could bypass 2FA via SMS - it needed both for logging on and for transferring the funds.
So I started to investigate this issue by myself, and I found in TeamViewer log some entries about "new connections from 127.0.0.1": [The link has been removed as per the community guidelines.]
Is that means that someone has really gained an access to my PC via Teamviewer (protected by Google Auth and unique password to my account and to my PC)?
Hi @Rabinovitch ,
I am sorry to hear what happened to you.
Please make sure to change the TeamViewer password for incoming connections both for the random password and your password for unattended access.
If you would like to change the random password manually you can hover with the mouse over the password field and a circle-arrow appears. Click the arrow and choose Create new random password.
The personal password is a password defined by you. If you enter a password, you will be able to use that password anytime in place of the randomly generated temporary password to access this computer (unattended access).
Under Extras --> Options --> Security--> Under Personal password (for unattended access) --> Password --> Type in your password --> Confirm password Repeat your chosen password to confirm it --> click OK
The password you are choosing will never be visible to you or anybody else. Instead of the password you will see black dots.
You can remove the password by deleting the black dots.
Hope this will help you.
Thanks and stay safe,