Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

telephone scam"


  • Please log in to reply
9 replies to this topic

#1 saluqi

saluqi

  • Members
  • 570 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:05:18 PM

Posted 03 January 2015 - 06:53 PM

I just had a phone call from a "technical services department" telling me my computer was infected with "online infections" and asking me to open the "run" command (Windows key plus "r"), type "iexplore www.ammyy.com" and click "OK".  I strung them along for a while (they spoke with a quite obvious accent from India) but in the end of course did not run the program they asked for.
 

I have to presume this was a scam of some sort - the fellow was quite persuasive (he took over from the lady who first spoke with me as soon as I showed any skepticism).  From what he said, he was going to show me all the "bad files" on my computer.  It was rather reminiscent of the experience I had with Dell support a while back.

 

Is this a known scam?  Would there be any danger in trying to use Google to find out what "www.ammyy.com" is?

 

EDIT - Google revealed that this is apparently a common and well-known scam - using ammyy remote control software to install malware and/or gain access to data on the computer.  Since I did not download or run any software, and did not go to the "ammyy.com" site, I suppose I have nothing to worry about.

 

The scammers did make free mention of the Microsoft name but were quite careful not to say they were actually calling from Microsoft.  They were quite coy about saying who they were - I doubt if I would have found out anything useful by asking them more questions.  I did ask who they were and they just repeated "technical services department" which is of course meaningless.  I don't have caller ID on my landline phone so don't even have the phone number from which they were calling.  I have only minimal services on the landline,since I hardly ever use it except to receive prearranged overseas calls.


Edited by saluqi, 03 January 2015 - 07:10 PM.


BC AdBot (Login to Remove)

 


#2 _JamesTM

_JamesTM

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:California, USA
  • Local time:05:18 PM

Posted 03 January 2015 - 07:00 PM

Ammyy is a remote desktop program so that they can have access to your computer. NEVER under any circumstances let someone log into your computer without knowing what you are getting into. Especially from someone that you did not personally call to have work done... It was more than likely a scam.


Edited by _JamesTM, 03 January 2015 - 07:01 PM.


#3 Animal

Animal

    Bleepin' Animinion


  • Site Admin
  • 34,740 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Where You Least Expect Me To Be
  • Local time:05:18 PM

Posted 03 January 2015 - 07:01 PM

See these topics:

http://www.bleepingcomputer.com/forums/t/547977/turning-the-tables-on-windows-support-scammers-by-compromising-their-pcs/

http://www.bleepingcomputer.com/forums/t/403252/microsoft-support-scam-callers/

http://www.bleepingcomputer.com/forums/t/414771/another-phone-scam/

The Internet is so big, so powerful and pointless that for some people it is a complete substitute for life.
Andrew Brown (1938-1994)


A learning experience is one of those things that say, "You know that thing you just did? Don't do that." Douglas Adams (1952-2001)


"Imagination is more important than knowledge. Knowledge is limited. Imagination circles the world." Albert Einstein (1879-1955)


Follow BleepingComputer on: Facebook | Twitter | Google+

#4 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:01:18 AM

Posted 03 January 2015 - 07:03 PM

From what I know it's like TeamViewer - a remote desktop program.

And yes, it is a very well known scam in the community. (see their attempt on Malwarebytes malware analyst Jerome Segura here).

#5 saluqi

saluqi
  • Topic Starter

  • Members
  • 570 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:southern San Joaquin Valley, Calfornia
  • Local time:05:18 PM

Posted 03 January 2015 - 09:33 PM

I did look up ammyy and learned it is a remote desktop program.  I already supposed that was what it must be.  I didn't fall for it, just played dumb and kept those folks on'  the line for a while - must have been 20 minutes or so.  Made them "explain" everything to me in words of one syllable.

 

Some months ago I tried to get Dell support for difficulty upgrading to Win 8.1 on another computer (the laptop in my office).  They actually did install a remote desktop and downloaded a piece of scareware that found all kinds of things "wrong" with my computer.  Fortunately it was no worse than that because I did not actually "clean" my computer or let them do it.  At the time I posted about that experience, I think in the Windows 8 forum.  I kept the chat logs, which make rather amusing reading.  Those people mostly spoke nearly accent-free American English.  Most of the exchange was, however, via online text messages ("live chat") so who knows what those folks' accents might have been?  At any rate, I figured out pretty soon that they were talking nonsense, so broke the connection before any harm was done.  Disappointing that Dell sent me to such people.



#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,119 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:18 PM

Posted 03 January 2015 - 10:23 PM

Unsolicited phone calls (aka Tech Support Scamming) from "so-called Support Techs" advising your computer is infected with malware has become an increasing common and prolific scam tactic over the past several years. In the majority of these cases the caller lies by claiming to be an employee affiliated with Microsoft or Windows Support. However, there have been reports of callers claiming to be affiliated with major computer manufacturers such as Hewlett Packard, Lenovo and Dell or familiar security vendors like Symantec and McAfee. Typically, the scammers attempt to trick their victims into believing that their computer is infected, often by having them look at a Windows log that shows dozens of harmless or low-level error entries. The scammer instructs their victim to type "eventvwr" in the RUN box to open Windows Event Viewer and then scares them by pointing out all the warnings and error messages listed under the various Event Viewer categories. In other cases the caller pretends to provide free security checks or direct the download and use of a bogus registry cleaner which purports to find thousands of problems.

img_52e1a9d429e36.jpg
.The scammer then attempts to talk (scare) their victims into giving them remote access to the computer in order to fix it and/or remove malware. If the victim agrees, the support usually costs hundreds of dollars and often leaves the victim's computer unchanged or intentionally infected with malware/ransomware. More nefarious scammers will install a backdoor Trojan or Remote Access Trojan in order to steal passwords and other sensitive personal information which could then be used to access bank accounts or steal a person's identity. Not answering any questions and hanging up the telephone is the best way to deal with phone scammers.

About Tech Support Phone Scamming::
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,659 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:02:18 AM

Posted 04 January 2015 - 01:52 PM

Yes, his is a know scam that they have been doing for many years now.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2018
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#8 corneliaoslov

corneliaoslov

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 06 January 2015 - 10:59 AM

Thanks for the heads up! I did get a call like this from a 202 phone number before but I thought it was suspicious so I just hung up. Well, good thing I did. Turned out to be a scam after all. 



#9 corneliaoslov

corneliaoslov

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:08:18 AM

Posted 06 January 2015 - 11:05 AM

By the way, I found the caller's phone number in a thread of complaints at Callercenter.com and was reportedly used by phone scammers to perpetrate this fake tech support scam. So please be warned. 



#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,119 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:18 PM

Posted 06 January 2015 - 03:25 PM

The Latest Scam & Fraud Alerts::Common Phone Scams::
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users