Ammyy Scam

Yesterday afternoon (October 1, 2011) I got a call from a fellow with a heavy Indian accent, telling me he was from the Windows Centre, and that they’d noticed my computer was running slower and slower every day. But not to fear: within 10 minutes, if I followed his directions, we would be able to correct these issues.

Right off the bat it sounded like a scam. It was clear they had taken pains not to mention any sort of affiliation with Microsoft. I was interested how they would try to infiltrate my system and get money out of me, so I followed a little ways. (Added bonus: whatever time they spent with me, would be time they didn’t spend with someone who’d fall for their bamboozlement.)

The first thing he had me do was run eventvwr.exe. Innocent enough: this is the Windows Event Viewer. Some 13,000 events came up. He had me filter to see warnings, errors and critical errors, explaining that this was why my system was running so slowly. But not to worry: we’re going to get your system fixed up. (I suppose I should have gushed a little about how grateful I was that these guys were being so pro-active in providing customer support.)

He then asked me to bring up my browser and go to https://www.ammyy.com. At this point I switched to my MacBook Pro: It’s possible the web page itself might’ve had content which could compromise a Windows machine. Although, Firefox has a number of security features built-in, and I also run Windows Security Essentials on all my Windows machines. But, just in case, I figured OSX was safer. On top of which, even if the page succeeded in compromising my system, I have current backups of this machine through Time Machine.

Ammyy Software Development allows you to download Ammyy Admin, a remote desktop control application. I wasn’t about to hand over control of my machine to these chuckleheads. Additionally, the software might have had other, unadvertised, features: it could allow them, for example, to control my machine surreptitiously, in the background. Then the machine, and my Internet connection, could be used for all kinds of monkeyshines.

So this is where I, politely, told him I wasn’t really worried about my computer’s slowness. Right away he started asking what I was talking about, didn’t I want to speed up my computer, and why was I talking this way? He kept this up right until I hung up. And they haven’t called back. So, no harm, no foul, right? Except that they had asked for me by name when they called.

These con artists are targeting the less computer savvy. In particular, the elderly make easy targets. This security forum thread speculates these hustlers might have access to the AARP (Association of American Retired Persons) mailing list.

The CRTC (Canadian Radio-television and Telecommunications Commission) could be doing a lot more to protect Canadians from these fraudsters. Here are a few ideas to get them started:

  • Tracking numbers for complaints, so complainants don’t feel their complaints are just dumped in the circular file.
  • Publish case studies of complaints to show that shady operators are being shut down when people complain about them.
  • Award part of the fines levied against transgressors to the complainants.
  • Improve the sign-up process for the National Do Not Call list. Allow people to check they’re on the list.

But, if we’re being realistic, we know the CRTC doesn’t give a hoot (AKA rat’s ass) about the do not call list. For instance, you can’t even find “do not call” from their search engine.

4 thoughts on “Ammyy Scam

  1. Dear users of Ammyy Admin

    Unfortunately, there are some cases of malicious use of our software noticed. Please be attentive and never grant access to people you don’t know personally or whom you don’t trust.

    !!! If you receive a phone call claiming to be from ‘Microsoft’ or someone claiming to work on their behalf, telling you that you have a virus on your computer or some errors which they will help you to fix via Ammyy Admin, it is definitely a scam.

    Ammyy Admin itself absolutely safe software but due to its ease of use and free availability it may be used by scammers.

    If you became a victim of scammers please see the link which may help https://www.ammyy.com/en/admin_mu.html

    Kind regards
    Eugene
    Ammyy Inc. Team

  2. It’s just happened to me. I believed the caller and allowed access. I haven’t bought anything or downloaded anything, but now I am worried that they have just done something to my computer that will start to cause me problems. Incidentally, they are calling me back in 30 mins as I said I had to attend to my baby when the caller started the sell. Do I need to take my computer to a technician?
    Thanks

  3. @Eugene: Thanks for your comment. I must tell you I don’t think your company, *assuming* it is NOT associated with the outfit using your software to infiltrate peoples’ machines and work their nefarious purposes, is doing everything it can to stop this form happening.

    For instance, you could have large red WARNING!!! signs on the download page, next to the download links. I realize this wouldn’t be great for sales, but we’re talking about protecting innocent users here.

    But you’ve yet to prove to us that your company is *NOT* associated with the scammers. And posting without a last name or contact info doesn’t help your case.

  4. @Iris: Thanks for your comment, and sharing your experience with us. *Please* find a reputable service shop and ask them to remove the Ammyy app from your machine. I think this basically gives a key to your front door to unscrupulous strangers.

    An alternative would be to reimage your computer and start from scratch. But this would mean re-installing all your software. If you do go this route, remember to backup your content (photos, documents, and so forth), so you can restore them afterwards.

    Best of luck.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.