Ammyy Scam

Discussion in 'malware problems & news' started by Meriadoc, Sep 1, 2010.

  1. Noob
    Offline

    Noob Registered Member

    Wow lots of new members have registered due to these issues. :eek:
  2. x942
    Offline

    x942 Registered Member

    It's insane how many people get these calls. My honeypot alone gets 5-10 calls a day now. Not all the same group but same scam.
  3. x942
    Offline

    x942 Registered Member

    Called back new domains: *PROCEED WITH CAUTION IF VISITING*

    Maybe we can give them a bad WOT rating :p

    -www.pc-techies.com- Even have a phone number listed.

    The guy wasted 27 minuits with me today. I kept going in circles to mess with him. He said it was his company and at one point he had me google "ammyy" as I said it "wasn't working" on his site.

    I then proceeded to read the first 10 comments from this page before he hung up. lol
  4. Noob
    Offline

    Noob Registered Member

    Hahahaha lame.
    They will have a hard time if any of them calls me, no one at my house knows how to use a computer except me . . . :D
  5. SweX
    Offline

    SweX Registered Member

    @x942! Very funny :D :thumb:
  6. x942
    Offline

    x942 Registered Member

    Best defence out there! If they can't use it they can't break it :D

    :thumb: I think next time I will tell them smoke is coming out of computer or something :D
  7. Noob
    Offline

    Noob Registered Member

    Hahaha i wonder what they would do if you start acting like they broke your computer and start yelling at them. :D :D
  8. x942
    Offline

    x942 Registered Member

    Haha That would be funny! Maybe I'll do that instead! If I do i'll put it up on youtube LOL :D
  9. hub223
    Offline

    hub223 Registered Member

    Hello,

    I got this phone calling saying that there is problems with my computer, so I called them back, knowing that it was a scam, so I had some fun with them.

    What they want you to do, is download Ammyy so they can connect to youre computer and do, well, god knows what. So, like I said, I had some fun with them, and here is the video and call, I recorded it through skype :argh:

    http://www.youtube.com/watch?v=rcYmrGaXJl8
  10. JoeFredW
    Offline

    JoeFredW Registered Member

    Well done, the more time you waste the less they will make, the sooner they all go out of business. Every day they die a little more. :thumb:
    You should try and have a little more fun with them next time, add some comedy to it just to keep it fresh & alive :)
    Oh ! also, I think your volume was maxed out(recording volume?), or something....they are way too loud & you are not loud enough.
    Anyway, keep it up !

    Well dang it !
    They haven't called me in a while...been waitin :cool:
    I guess they know better now :doubt:
    Last edited: Apr 8, 2012
  11. hub223
    Offline

    hub223 Registered Member

    That was only the first time that ive done something like that.

    My mic that I was using was sitting a little bit away from me. The interference in the recording, well, I dont know what that was. It doesnt come up in my other recordings.

    I will try better next time!
  12. Galloise
    Offline

    Galloise Registered Member

    I was called this morning by someone claiming to be from Microsoft customer care. They told me I had a serious problem with my computer system and directed me to a menu which showed a lot of 'error' messages. They told me that I had an infection which had reached level 5 and would soon cause my system to crash if it wasn't fixed.

    Then they had me go to a webpage and asked me to click 'accept' in a pop up box. This would give them remote access to my system and allow them to fix it.

    I asked if I could call them back and my suspicions were confirmed when the person answered the phone with 'Yes' rather than a cheery 'Good Morning Windows Customer Care' and then couldn't remember the name of the organisation that they worked for when I asked.

    I hung up and called my husband who said he had actually heard of this scam. While I was talking to my husband I received a call back from the 'supervisor' who became quite pushy insisting that I should give them control of my computer before I spoke to him so that they could start the work 'immediately'.

    I think people these days are fairly aware when it comes to scam emails and stuff, but this is very convincing - I nearly fell for it>
  13. barrysusan
    Offline

    barrysusan Registered Member

    i recieved a call from these people and allowed them to remote my pc they then put a password on my pc which im unable to open now any ideas
  14. Dermot7
    Offline

    Dermot7 Registered Member

    https://isc.sans.edu/reportfakecall.html
  15. JoeFredW
    Offline

    JoeFredW Registered Member

    Uh, whu-oh ! :ouch:
  16. JW Clements
    Offline

    JW Clements Registered Member

    I got a call, same as others have had:
    him: "are you in front of the computer?"
    me: which one? Oh, this one...

    him: "Go to Computer, Event Viewer, look for yellow triangles that show that I have had something bad downloaded because the firewall doesn't work anymore and there are lots of files that need to be cleaned/deleted...."
    me: How do you know?
    him: "Microsoft told us, so that we can help you".

    (yeah, right.)

    So I went through slowly to waste his time (sounded East Indian or Pakistani) up until he wanted my to go to their website, then I asked him to give me a file name that I could search for myself.

    him: "Well that can't be done!!!!"
    me: "Well tell me anyway and I'll look for it and if I can't find it then I'll know that I can't find it. *click* Hello? hello?

    Total call time about 10 minutes. A fun break :)

    Oh yeah, the site was www x teamviewer x com, a sales site for 'security' software that's 'free' as in I give them my computer first for free and then money to fix what they broke.
  17. scotttech1
    Offline

    scotttech1 Registered Member

    They called me and thought they were going to get an easy call because I started off listening very intently and sounding worried, things changed pretty quick after that...I recorded the call, have a listen it get pretty good near the end

    (also if you have a sound clou account, please like or favorite the recording, it will help spread the word)

    http://soundcloud.com/scotttech1/ammyy-pretending-to-be
  18. JW Clements
    Offline

    JW Clements Registered Member

    Way to go Scott, I'll have to get a recorder hooked up myself...!
    J
  19. wyrmrider
    Offline

    wyrmrider Registered Member

    I go the call last night
    usual bs
    first wanted me to use another remote tool
    I told them it was blocked by the security system
    then the supervisor came on and wanted to use Ammyy
    I told them it would not work from user account
    (while googling the links)
    They said they were from Brooklyn
    that was no Brooklyn accent
    I wonder if the HOSTS folks are including their info
    perhaps place in restricted sites
    Tools like Spybot could post a message if the error page was accessed
    all those horrible errors and warnings
    Spyware for sure

    Poster above
    it does not matter if you are the only one who knows computers
    They will walk the others through it.
  20. eplose
    Offline

    eplose Registered Member

    this is just great! :thumb:
  21. JoeFredW
    Offline

    JoeFredW Registered Member

    They still callin ?......oh my ! check my link for the latest tortured souls in the calling industry !
    They won't even call me back now !
  22. emmjay
    Offline

    emmjay Registered Member

    Yes these guys are still calling.
    I have received about 6 calls and on 5of them I just hung up. On the 6th I thought I would be totally evil. Why not, these guys are raking in millions with this scam. The call went as follows ...

    Creep: Hello, I am calling to tell you that your PC is flooding the internet with errors. Your ISP has asked us to contact you and fix this problem.
    Me: Oh! , you are contracted to my ISP ?
    Creep: Yes
    Me: What is it that you do?
    Creep: Log on and I will take you through the steps
    Me: OK, I am now logged on
    Creep: Please click on the Start button
    Me: Where is the Start button
    Creep: Down in the left hand corner of the screen
    Me: I do not have one of those
    Creep: The big round blue thing is the start button
    Me: Oh no, this must be what is causing the problem. It is not there
    Creep: What is there?
    Me: Little square things with SDA SDB and stuff like that
    Creep: You have some serious problems here. We must run a program to fix it for you. Open your browser.
    Me: This is all so confusing. Which little picture is the browser? There are so many
    Creep: Do you use IE or FF
    Me: Well it is a new system which cosst lots of money so I am sure we have them all. None of the little pictures say IE or FF
    Creep: Click on the blue one with the big E in it
    Me: Don't have one of those
    Creep: Click on the one with the fox on it
    Me: Nope, no fox
    Creep: How do you go online? Just go online
    Me: I like this new Linux system. It has all kinds of great games. I use the games a lot. I like all the free stuff. We all like free stuff here. We use our smart phone for online stuff. It must be our smart phone that is causing all the network errors. Can you fix our phone?
    Creep: Click...

    Guess not!
  23. usermark
    Offline

    usermark Registered Member

    I have received several phone calls related to this now. First few times I would mess about playing sound clips down the phone to them but recently I setup a virtual machine for them.

    I let them connect to the virtual machine which was locked down pretty good, they didn't do much because they couldn't. Then I decided to run a simple netstat -n command to attempt to find the IP address he is connecting from.

    While I was looking up his IP address on WHOIS to find his possible location he became confused and started to ask me exactly what I was doing.

    I told him what I was doing and he panicked he then said millions of people use AMMYY and the chances of me finding him are small. He could be right but I explained how an IP address is fairly unique and narrows the field down, he put the phone down on me.

    Haven't heard back from them yet! Doubt it will stop them calling back though. :(

    Attached a screenshot of what the scammer was looking at when he questioned me, blanked out what I wrote in notepad for good reasons. :D

    Attached Files:

  24. Dermot7
    Offline

    Dermot7 Registered Member

    https://www.securelist.com/en/blog/..._the_fake_Microsoft_support_scammers#page_top
  25. x942
    Offline

    x942 Registered Member

    I've been getting more and more calls. I have collected over 235 phone numbers and 54 unique IP's. All of which have been forwarded to the FBI and RCMP. :D