Ammyy Scam

Discussion in 'malware problems & news' started by Meriadoc, Sep 1, 2010.

  1. nix

    nix Registered Member

    How widespread do you think the calls are throughout these three countries? I don't find much evidence that it is significant.
  2. Keyboard_Commando

    Keyboard_Commando Registered Member

    I don't honestly know the answer to your question. I've only got what I experienced as proof it is happening, plus the anecdotal experiences from this website, and a few other sites by the bit of searching I've done (mostly seeing if any customers from my internet/telephone line provider have had a similar experience to mine). It could well be a huge racket. I certainly don't doubt other people on this website have experienced these calls. Do some Googling and you can this is pretty common.

    And I say racket, because I believe the current trend of companies having their tech support hosted in India is the root of this. I placed a call to my phone line/internet providers tech support, in India, and a day or so later received a call from the lovely scammers - I still get these calls at least once every fortnight. I don't believe they got my info from telemarketing sources, I have opted out of any telemarking calls - I have in place a Telephone Preference Service for my line - I have NOT received any telemarketing calls for at least two years since signing up to this scheme. I guess it could have been just a random crawler picking out my #. But I believe someone at the tech support could well have tipped off someone else to scam my #, or it was them. It's just too much of a coincidence, for me, that this happened after seeking tech support. I'll never know. I have contacted my telephone line provider and told them this story and of course they deny there could be any fraud at hand going on with their support service in India. Too late, cos I'm already making plans to dump them.

    Don't be cynical! This is happening :D
  3. x942

    x942 Guest

    LOL I kept checking too. The did send me to which redirected me to logmein123. Their site is red. I have been in talk with the logmein people about this issue.

    I think you are forgetting this isn't just one group. I have had calls from numbers with in north America with perfectly English speaking people on the line. Now I have no evidence if they are connected or not, but I would assume not as being based in NA is pretty stupid and the real scammers probably know this.

    That said I have been posting my PBX's number out just to get them to call me :D I am building up a case against them hopefully.
  4. nix

    nix Registered Member

    Don't take it personally. I'm not questioning your veracity. Like any other poster here, me included, you have none. Veracity implies a basis for trust. We only have words. So when you give me several pieces of information, it's my job to figure out where those pieces fit within a larger narrative.

    I'm looking at an overall pattern that is curious. The Ammyy scam narrative features some interesting anomalies. One is the statistical one I already mentioned. Another is apparent if you read the Google SERPS on Ammyy scam carefully. There are three or four themes represented in the content that are interwoven and repeated across several forums and comments sections. These include the tech who plays along, the fragile grandma, and the person who should know better, but didn't. The vast percentage of this content is submitted by one-time posters.

    Don't get me wrong. I have no doubt that are people across the globe who would like to remotely access one's desktop for nefarious purposes. I don't question the phenomena. I am, however, curious about how the Ammyy scam story itself is being marketed.
  5. chuber

    chuber Registered Member

    Relative of mine just received the same call and ran the ammyy program.

    Question for others affected previously: What were the results of the scam, did you later get hit with any kind of identity theft?

  6. x942

    x942 Guest

    BAM! Nix I think you are on to something. Another one time poster. :p

    On a serious note I do see the pattern as well. I wonder what is really going on here. Is the pattern perceived? or is their some other connection? I mean why would AMMY Scam deliberately contact people it thought where posting on here? They should know we are more knowledgeable and are just wasting their time. If so how do they connect us to our numbers? (Not possible really).

    Some other things don't add up either:

    1) Why hang up on a mark? I played as if I knew nothing and just got hung up on. This is strange as I would have (should have) been the perfect mark.

    2) How can so many users on these forums (new and old) be receiving calls?
    Are they only targeting North America? Only the Western hemisphere?

    3) Getting remote access with Legit tools just to ask for money. Seems strange. Why not use malware and root yourself into the system to guarantee money? Making a keylogger is easy.

    I wonder if the Scam is just a scam in it's self - Different people all using the same idea/scheme but really no centralized force. Maybe this is Anonymous or A government conspiracy :O
  7. ed6058

    ed6058 Registered Member

    ammyy scam, got as far as giving an id number

    Just had a call from a indian sounding lady, told me she worked for microsoft and they had received notification that trojans were installed on my computer and they were stopping some of the programmes from working.

    I did run the 'start working with ammyy admin' continueing to the point where i gave her the id number that appeared on the screen. When she was reading the number back to me i suddenly felt uneasy about the whole thing so i hung up, she called back a couple of times but i just did'nt pick up.

    Googled 'who is ammyy' and come up with this site.

    By giving her that id number are they are able to access my computer or did i realise in time.
  8. markdweasel

    markdweasel Registered Member

    I just got a call today from these scammers. Played along and played dumb. I got them to give me their number to call. I called it and verified it was them.

    Anyway, the number is 1-888-986-7789
    Using google, i found them.... guess what, their homepage advertises exactly the scam they're trying to pull.

    Looks like they're based in Indiana, US. Someone should contact the FBI.

  9. JoelB

    JoelB Registered Member

    x942, any chance I get get your phone number from you? My parents get guys calling for this scam on a regular basis, and if we can trick them into calling your number instead, it'd be golden. I'm thinking something like "Oh hey, can you call me back on my other phone number in a few minutes?". I bet they'd fall for it.

    Also, awesome job on gathering the info you have so far. It really is a shame that someone like Anonymous hasn't picked up on them and lambasted them.
  10. JoelB

    JoelB Registered Member

    I think you are right there - it's a scam in and of itself. I'm guessing something like the "make a bazillion dollars posting google ads!" where they are really just paying people to spam links everywhere. I'm guessing the calls from North America are simply copycats - but I'm not sure how they'd be making money unless they request payments via paypal or something like that.
  11. rootsxrocks

    rootsxrocks Registered Member

    The number I received the call from was 999-910-0215 and I was told they were contracted by Microsoft because my computer was sending out thousands of malicious files.
    They clearly said they were contracted by Microsoft that was the first clue something was wrong.
    First I have not read this entire thread yet but I to think this should be dealt with, I knew it was a scam and started playing with them as well, what really concerns me is that I ask them "so If this is genuinely coming from my computer what is the IP and the guy quoted my IP address that I had just changed the day before by reconnecting my router forcing a rotation.

    furthermore, the ISP I am using is not related to the phone number in any way however they had enough information that it leads me to believe they have already harvested some of my information or were behind a recent event were I found my remote access turned on and Microsoft updates will not work. I have not been able to locate the Cause of this with any scans so I can not be sure that my PC is secure at this time. it looks like I have some serious work to do. to find out what were and how.
  12. JoelB

    JoelB Registered Member

    The remote access thing might be a coincidence. Then again, it might not.

    I'm guessing these guys are buying bulk information, then using it for their little scam. That, or someone big has been compromised, like an ISP, and they aren't letting on that they have been. Maybe this is where all Sony's information went... :p
  13. Meriadoc

    Meriadoc Registered Member

  14. J_L

    J_L Registered Member

    So they actually said something about it.
  15. Daveski17

    Daveski17 Registered Member

    I got a phone call like this as well which I mention here. I am wondering about the site itself though. It has a Canadian domain name & WOT & Webutation seem to give it a green rating. Is it a legitimate site that scammers misuse (by downloading their software) or is the site & company itself a scam?
  16. Meriadoc

    Meriadoc Registered Member

  17. Daveski17

    Daveski17 Registered Member

    OK thanks. I thought that would more than likely be true.
  18. Daveski17

    Daveski17 Registered Member

    I found this from the Guardian newspaper.

    One of the replies gives an address of the Indian 'company' in Kolkata (RSB Inforsolutions Pvt. Ltd) that is possibly responsible for some of these scams.
  19. rogue_socal

    rogue_socal Registered Member

    Just got off the phone here in the Los Angeles area. Fortunately I was smart enough to google AMMYY before actually following his directions.

    They essentially told me they were with Microsoft technical support and that my computer was sending out errors due to viruses. When I told him that this was a scam and that I was reading this page about how it was a scam, he had me go through the steps to open eventviewer and explained that the red errors were caused by the viruses. He claimed that the yellow warnings were from their company to warn me.

    When I still didn't believe him, he read off address info and phone number, but not everything was quite right. When I still didn't believe him he went to get a supervisor on the line. Wow. That's when I'd had enough and just hung up.

    Glad to have stumbled upon this forum.
  20. Daveski17

    Daveski17 Registered Member

    I'm glad you weren't scammed. I have discussed more about my experience here.

    It's lucky the likes of us are more alert to these kind of scams, but some people are quite vulnerable. Especially the elderly or people with very little knowledge of computers.
  21. wat0114

    wat0114 Guest

    Why not just ask them for a number to call them back at? I'll bet they don't give one out. BTW, I use call display to my benefit. If it's a number I don't recognize, it doesn't get answered. If the caller is legit and it's important, a message can be left on our answering machine.
  22. luciddream

    luciddream Registered Member

    Seems strange to me that a few members of this forum have been targeted by this scam. In the grand scheme of things this is such a small community. What are the odds that this scam which also seems small in scale happened to target a few members of it, and non-the-less a security forum?
  23. Daveski17

    Daveski17 Registered Member

    I could see their number, what's the betting if I phone back all I get is a dial tone? What about VoIP?
  24. Daveski17

    Daveski17 Registered Member

    My guess chance, what are the odds that more than three people on this thread are left-handed, or red-haired, or from the UK?
  25. x942

    x942 Guest

    Interesting. They still keep calling me, I have much more data now. I am going to compile an archive and post it ASAP. However my voice (and any faces) will be masked for anonymity.

    I have gathered about 50 numbers so far, 2.5 GB of voice and 17 GB of HD Video. I will post it in increments with in a week.

    For those who tried calling back and got nothing at all or a dial tone this is because they are spoofing Caller ID. This is very easy and about 20 of the calls I have gotten have been spoofed. All of them don't exist.