Can you get hacked if you reveal your computer name to someone else?

[Randel1980]

So I bought a cheap ESET license from ebay, which the seller claimed that all license keys are authorized from ESET company.

The seller asked me to screenshot my computer name. With the following format  "DESKTOP-XXXXXX"

 

hi, i like to thank you for your trust and shop i need you to provide your pc name id screenshot so we can add you as a key user so wont face any problem waiting for your reply. ( the order will be cancelled automatically after 24 h if you didn't respond ) thank you for your understanding

 

 

I'm unsure if I should give him my computer name. Is there a risk when revealing your computer name to someone else?

[Fasauceome]

There's no reason to give them your computer name. This is most likely some kind of scam, although I can't think of the exact attack vector. I recommend not responding and reporting this individual.

 

Edit: and given the broken english ("thank you for your trust and shop" wtf) it seems pretty obvious tbh

Edited February 19, 2021 by Fasauceome

[Electronics Wizardy]

11 minutes ago, Randel1980 said:

So I bought a cheap ESET license from ebay,

Why would you do that, defender is basically just as good now. And get legit keys if your buying software.

 

12 minutes ago, Randel1980 said:

'm unsure if I should give him my computer name. Is there a risk when revealing your computer name to someone else?

Not really a risk as its not accessable outside of the network, and these gray market keys might be tied to hardware or a VL server is probalby why its needed. But really refund this order or just dont use the software.

[WkdPaul]

18 minutes ago, Fasauceome said:

There's no reason to give them your computer name. This is most likely some kind of scam, although I can't think of the exact attack vector. I recommend not responding and reporting this individual.

 

Edit: and given the broken english ("thank you for your trust and shop" wtf) it seems pretty obvious tbh

The ebay seller is probably reselling business keys that are linked to his enterprise management console, and so needs to identify the OP's PC to activate the appropriate product that he sold through the management console.

[WkdPaul]

2 minutes ago, Benji said:

Still sounds fishy and isn't allowed per most EULA's IIRC. The same goes for these cheap Windows licence key that are usually volume activation licences that are not made for private use. Business licences are also usually never made for private use.

oh I totally agree, this is a no-go, I would ask for a refund or just eat the loss and move on.

 

EDIT ; to answer the question in the title ; no, you can't get hacked if you reveal your PC name to someone else, but having an anti-virus that's potentially managed by someone else you don't know or trust is a huge problem, if that's what I think it is, then they 100% can get control of your PC using the endpoint management.

Edited February 19, 2021 by wkdpaul

[tkitch]

1 hour ago, Hakemon said:

The grammar is also bad, I don't buy from shops with bad grammar, you can only be burned by the same red flags so many times before you need to just trust your gut instinct.

 

But yes, this is likely a volume license, and is not legal for resale, get a refund ASAP.

Where else am I gonna get my crappy 3$ widgets made in china if I wait for a vendor with good english?

[Randel1980]

5 hours ago, wkdpaul said:

oh I totally agree, this is a no-go, I would ask for a refund or just eat the loss and move on.

 

EDIT ; to answer the question in the title ; no, you can't get hacked if you reveal your PC name to someone else, but having an anti-virus that's potentially managed by someone else you don't know or trust is a huge problem, if that's what I think it is, then they 100% can get control of your PC using the endpoint management.

I downloaded the client from official website, is this still the case? Can he control my pc even if use I a legit client?

 

 

[Arika]

12 hours ago, Randel1980 said:

I downloaded the client from official website, is this still the case? Can he control my pc even if use I a legit client?

 

 

potentially, depending on their current business plan/product with eset

even if they don't have a plan with RDP access, looking at the interactive demo on the ESET site, if they are using any of the business products, they would be able to install things on your PC without you knowing through the endpoint management, as @wkdpaul mentioned. Which would mean they COULD install something else to gain access to your PC.

 

Not worth the risk at all.

[Mark Kaine]

18 hours ago, Benji said:

Still sounds fishy and isn't allowed per most EULAs IIRC. The same goes for these cheap Windows licence keys that are usually volume activation licences that are not made for private use

 

 

"EULAS" are not legally binding and often even break laws, and therefore not enforceable at all... 

 

 

Quote

Europe's highest court ruled on Tuesday that the trading of "used" software licenses is legal and that the author of such software cannot oppose any resale.

The exclusive right of distribution of a copy of a computer program covered by such a licence is exhausted on its first sale, said the European Court of Justice (ECJ). This applies to downloaded software as well as that bought on CD or DVD. This ruling sets a precedent for trading of used software licenses throughout the European Union 

 

 

13 hours ago, Randel1980 said:

Can he control my pc even if use I a legit client?

has already been pointed out, but if this is a "business anti virus" then yes that seems very likely you'd give this random seller full control of your PC. 

 

Tldr: why would you buy anti virus software from unknown sources... just use defender / free malwarebytes (or pay for malwarebytes if you want real time protection, they definitely deserve it as good the program is) 

[EricX2]

Sounds like somebody using a cloud licensing model and selling to individuals. Knowing what level of access that security software has, this is horrible. They can likely do a complete wipe of your system, not to mention a full inventory of every website and application you use.

[LogicalDrm]

-> Moved to Programs, Apps and Websites

[Hon Leung]

The code after DESKTOP is very likely randomized to be used as an identifier in your local network (also for use in Bluetooth etc. pairing), reinstalling Windows gives you a new one (unless you are very lucky) 

So they cannot target you with just that identifier searching around the WWW, what they can do is narrow it down to find you using your other information: online time estimates, location shown on eBay, metadata of the image, etc., if they want and have the time to.

You should uninstall it given it may give some kind of access via the likely-volume license, but tbh in general a normal user has no reason to be targetted for a cyberattack so you can also take your chances. Or they could be monitoring your data until something sensitive/they need show up and they would take over.