Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi all,
Vanilla are planning an update to the site on April 24th (next Wednesday). It is a major PHP8 update which is expected to boost performance across the site. The site will be down from 7pm and it is expected to take about an hour to complete. We appreciate your patience during the update.
Thanks all.

Beware of the Ammyy Scam

Options
  • 06-04-2011 3:00pm
    #1
    Colm_purchase
    Closed Accounts Posts: 184 ✭✭


    Hi All,

    Just to give you all a thumbs up on a scam which could potentially cause you major security issues.

    Today I took a call from an international code 0025 which I believe is Vietnam.

    The man told me he was a windows service provider and that there was virsuses on my computer that he wanted to fix for me.

    I copped straight away this was a scam but played dumb so that I could get as much information from him as possible.

    He asked me to log on to a website called ammyy.com (don't log on to it!)

    I told him I had done this and he asked what I see on my screen. At this point I told him I knew this was a scam and told him not to call this number again.

    The man became extremely abusive and told me he knew my name and where I live and a lot more that is best not mentioned:D

    If I had done what he asked God only knows what information he might have been able to access.

    I have reported this to the Consumer Association so hopefully it will be highlighted and investigated by them.

    Im sure some of you have experienced similar calls so it would be interesting to hear about your experience.

    Is the guy simply using a phone directory I wonder?





«1

Comments

  • Options
    #2
    jor el
    Closed Accounts Posts: 16,713 ✭✭✭✭jor el


    The NCA will not be able to investigate someone operating out of Vietnam, so don't expect any kind of result there. All you can do is let people know, and hope that everyone else isn't dumb enough to fall for this kind of scam.


  • Options
    #3
    knighted_1
    Closed Accounts Posts: 870 ✭✭✭knighted_1


    http://www.tgdaily.com/security-features/50170-warning-microsoft-windows-scam-alert


  • Options
    #4
    Colm_purchase
    Closed Accounts Posts: 184 ✭✭Colm_purchase


    jor el wrote: »
    The NCA will not be able to investigate someone operating out of Vietnam, so don't expect any kind of result there. All you can do is let people know, and hope that everyone else isn't dumb enough to fall for this kind of scam.

    Well hopefully it will be passed on by the NCA to someone that will investigate. I would be particularly concerned about elderly people taking calls of this nature or those that are reasonably new to using a PC.


  • Options
    #5
    RachaelVO
    Registered Users Posts: 3,108 ✭✭✭RachaelVO


    I took similar calls in my Dads not so long ago, I kept them on the phone for AGES!!!!!!! I told them from the off I knew it was a scam, and to be fair the second caller was a very nice Indian chap (the first guy just hung up after a few minutes cos he realised I wasn't biting). He was very polite, and I just kept asking him how he know the computer was sending messages and that those messages were attached to the phone number he called. I have to say I did quiet enjoy the conversation, however I knew what the call was, and I hope that I wasted some of his time!


  • Options
    #6
    tricky D
    Closed Accounts Posts: 9,700 ✭✭✭tricky D


    Note: Ammyy is a legitimate remote desktop tool used for support. Same for logmein. They are safe to use between trusted parties only.

    What these swines are using it for is not legit. It seems as if they are moving from logmein to ammyy as their preferred access tool.

    Here's the big thread with more info: Weird phone call! "online pc doctor" - Only thread on these scam calls please


  • Advertisement
  • Options
    #7
    Pure Sound
    Registered Users Posts: 451 ✭✭Pure Sound


    We got those calls a couple of times and I just simply told them that we did not have a computer

    I then got a "Sorry Sir" and they hung up :D


  • Options
    #8
    dudara
    Registered Users Posts: 33,519 ✭✭✭✭dudara


    Moved to Security

    dudara


  • Options
    #9
    JimmyCrackCorn
    Registered Users Posts: 1,691 ✭✭✭JimmyCrackCorn


    Must infect a VM later and have a nose at the malware.

    Something to do tonight with a beer.


  • Options
    #10
    Jane98
    Registered Users Posts: 570 ✭✭✭Jane98


    Hi,

    I got scammed with this today. At first I sort of believed it as I had been using my laptop just before the phone call and noticed it was going slowly and I knew already it had viruses. Anyway, the guy asked me to go to www.ammyy.com and download the program which I did, then he asked me to confirm the number but I got suspicious so I asked him what number he had so that I could confirm that but he got pretty defensive and I smelled a rat so I asked him to ring back later as I had something to do right then. I immediately googled ammyy and saw it was a scam so deleted the software I had downloaded. Am I ok cause i didn't give them the id no.?


  • Options
    #11
    Láidir
    Closed Accounts Posts: 39 Láidir


    They rang me five minutes ago, the number began with 00253 which is a place called Djibouti. I've never heard of it. Told them not to contact me again.


  • Advertisement
  • Options
    #12
    KoolKid
    Moderators, Home & Garden Moderators, Technology & Internet Moderators Posts: 24,789 Mod ✭✭✭✭KoolKid


    This is what you say to them :D
    https://www.youtube.com/watch?v=mkdoogjic4I


  • Options
    #13
    nodolan
    Registered Users Posts: 313 ✭✭nodolan


    27th June, Cork - friend of mine got the call this morning. Guy claimed to be from Microsoft on a UK number (0044) and he gave the same waffle, but my friend, who is usually quite savvy, got caught off-guard because the guy seemed to have info about her that she didn't think he should have like her maiden name. She said she had to think about it, called me and I told her that Microsoft never cold calls and that it was a scam.


  • Options
    #14
    Parakeets
    Registered Users Posts: 204 ✭✭Parakeets


    Got the service of YouronlinePCdoctor today having got initial call yesterday. Basically you either trust these guys or don't. There method of contact using remote access with ammyy Admin are pretty standard and basically will be done by Microsoft if they were to work on it. Anyway they returned the call the next day having got paid the previous day and I watched them clean up the PC as promised. In the end I am happy with the result, considering that PC protection is essential. I also got new software installed to perform scanning especially on social network sites which is a must.
    I agree that there is a leap of faith in using products from cold calls, but I think the exercise was useful.


  • Options
    #15
    tricky D
    Closed Accounts Posts: 9,700 ✭✭✭tricky D


    If they cold called you, you have been scammed, especially if they are asian. Nobody legit will ever call you to say they have noticed a virus or other malware on your PC. Bring your laptop to a local PC fixer and probably change your credit card. They will have installed all sorts of nasty stuff in the background to rob your logins and will likely send your CC details to be cloned and your account cleared out.


  • Options
    #16
    LoLth
    Moderators, Technology & Internet Moderators Posts: 10,339 Mod ✭✭✭✭LoLth


    did you call them initially or did they just call you out of the blue?

    If it is a company you trust and have spoken to previously, in a conversation initiated by you - ie: you went to them not the other way around - then fair enough, pc maintenance through remote connection makes sense. I used to do it myself as part of a helpdesk job for 3rd party companies.

    However, if they called you , out of the blue, and offer a tune up or an installation, I would be very careful if not straight out suspicious. How can you know for sure that what they say they are installing is actually what is being installed. It might look like Anti-virus and even act like anti-virus but it could have anything at all installed in the background that you, the customer, dont necessarily get to see, even if you see the installation take place.

    I'm also a little confused about the new software to scan social media sites. what software was installed? what does it scan? how does it detect potential threats? what information does it record and does it ever connect to an external server for updates? if so, does it just download or does it also have the ability to upload information.

    Trusting anyone other than yourself to install anything on your PC is a leap of faith. Trusting someone that I never met or dealt with previously or initiated the contact with is, in my opinion, more than just a leap and something I would never advise anyone to do without some serious research.

    If they cold-called you, I would advise you to be safe rather than sorry and take your PC in to a service centre for a check up. Until you get a clean bill of health for it, I'd keep it off the internet and definitely avoid visiting any site that requires you to enter a password or pin number, including online shopping sites or email and especially banking sites.

    A quick google search for the company name would have turned up some interesting articles about that company:

    http://www.justanswer.com/computer/4gii3-hi-i-company-name-youronlinepcdoctor-contact.html

    http://www.homehelptech.ie/blog/your-online-pc-doctor-scam/

    Hopefully the software they sold to you is no more maliscious than a quick way to make money but considering there are reports of them claiming that .inf files are viruses (they're usually not, they are windows system files and configuration files needed to run your software though they can sometimes be impersonated by viruses) I honestly think they are selling snake oil.

    bottom line: check your credit card (or whatever you used to pay them) and possibly get your bank to change it. Get your PC checked out by a physical person (there should be one somewhere near you - again google or the golden pages) and dont use your PC for anythign personal or sensitive until you have been told its clean and ok to do so.


  • Options
    #17
    LoLth
    Moderators, Technology & Internet Moderators Posts: 10,339 Mod ✭✭✭✭LoLth


    I just thought of something, is this parakeets we are reading a post from or is it yourPCdoctoronline having stolen your login details by "scanning" your social network sites....

    I also forgot, check your phonebill. if you called them back at any stage, there are reports of them using a satellite phone number which could run you €5 a minute seemingly (of which they get a cut) <-- not substantiated, just something I read.


  • Options
    #18
    Parakeets
    Registered Users Posts: 204 ✭✭Parakeets


    Thanks for all the info, and most points have been considered. Unfortunately every point has a "might" linked to it. I made contact to an Asian company, OnlinePCcare" through Dell last year and initially thought it was them checking on progress. The company was Your online PC Doctor (YOLPCD) and I did some Google research on them. Websites seemed OK but any Blog advice was to stay clear, generally from IT experts who would by nature advise to not allow anyone in to your PC. However the work has been done and I will take some time to see how it develops. The computer is running a bit slower but that may be due to the new antivirus running. The antivirus sw is called AVG and also seems legit. I've got registration details from them today. The company YOLPCD has done all it has promised and I don't work for them. I'd sooner get a new PC than take it to a local repair outfit. The cold call angle does have me a bit worried but the speculative "end of the world" scenario may be a bit overstated. I also went to the CC bank and asked to have the transaction cancelled and she said it couldn't be done. She Googled the company while on the phone and reckoned they looked ok.


  • Options
    #19
    tricky D
    Closed Accounts Posts: 9,700 ✭✭✭tricky D


    Parakeets wrote: »
    Thanks for all the info, and most points have been considered. Unfortunately every point has a "might" linked to it. I made contact to an Asian company, OnlinePCcare" through Dell last year and initially thought it was them checking on progress. The company was Your online PC Doctor (YOLPCD) and I did some Google research on them. Websites seemed OK but any Blog advice was to stay clear, generally from IT experts who would by nature advise to not allow anyone in to your PC. However the work has been done and I will take some time to see how it develops. The computer is running a bit slower but that may be due to the new antivirus running. The antivirus sw is called AVG and also seems legit. I've got registration details from them today. The company YOLPCD has done all it has promised and I don't work for them. I'd sooner get a new PC than take it to a local repair outfit. The cold call angle does have me a bit worried but the speculative "end of the world" scenario may be a bit overstated. I also went to the CC bank and asked to have the transaction cancelled and she said it couldn't be done. She Googled the company while on the phone and reckoned they looked ok.

    You have either definitely been scammed or as LoLth said you are an impostor posting on behalf of the scammers as many of your points and most of your reasoning make no sense.


  • Options
    #20
    Jumpy
    Registered Users Posts: 7,606 ✭✭✭Jumpy


    LoLth wrote: »
    I just thought of something, is this parakeets we are reading a post from or is it yourPCdoctoronline having stolen your login details by "scanning" your social network sites....

    I also forgot, check your phonebill. if you called them back at any stage, there are reports of them using a satellite phone number which could run you €5 a minute seemingly (of which they get a cut) <-- not substantiated, just something I read.

    No. Reading back through post history, the posting structure is the same. Not hacked.

    However he/she has been scammed, just isnt trusting enough to take the word of forum posters.


  • Options
    #21
    LoLth
    Moderators, Technology & Internet Moderators Posts: 10,339 Mod ✭✭✭✭LoLth


    in all honesty, my imposter remark was meant to be humorous and not entirely serious.

    @Parakeets:
    generally from IT experts who would by nature advise to not allow anyone in to your PC

    thats sort of like saying, I looked up methamphetamines and saw that they are real but the blog advice was to steer clear of them, but that was mainly doctors and pharmacists who would by nature advise anyone not to take addictive substances.

    There's a reason these people are IT experts.

    Also, you are taking the word of a bank telephonist/teller/customer service who googled the company and thinks they "looked ok" over users here who work in and study computers and computer security and the writers of those blogs who focus their attention, skills and abilities on security research and have no ulterior motive for sharing their opinions or advice.

    Its ultimately your call and if you're happy then thats good. However, you should be aware that while AVG antivirus is very well respected (and has a free version available) and while it is known that any AV software that scans while your pc is running (on access scans, web scans etc) is going to slow down your pc, it may not be the only thing doing so and exceptions can be added to the scanning criteria to allow certain types of programs and files. You have no way of knowing if this company installed anything else while they were at it. Once someone has remote access to your PC with the ability to install software , thats it. the PC is no longer secure unless you completely trust the other person. There are multiple ways of recovering passwords from a pc, of installing software that sits in the background listening for a future connection that does not require your permission to gain access to your files and information, keyloggers that run silently and record your typing and then send the logs to a 3rd party the next time there is an available internet connection etc (and it is simplicity itself for a script to be writted to strip out the information that would be valuable - user/password/address combinations of websites including online banking, forums, email etc). I'm not trying to use scare tactics but just because things dont go boom now, doesnt mean there wont be ramifications in the future. If they dont, I for one will be very happy for you.

    I honestly believe that you have at the least been scammed in the sense that you were most likely overharged for the work done and the service provided. I hope that the extent of the negative impact that you suffer but as someone who has nothing at all to gain by advising you and as someone who has studied IT Security and works daily with technology and desktops I have to advise you, for your own peace of mind, to bring your pc to someone professional who can check it out for you.

    no idea how much you paid (and I am not asking you to tell me or post here) but when I worked in a small computer repair workshop, a virus scan and an installation of AVG (full or free) usually got charged at half an hour's work - about €30 - and that was quite pricey at the time.


  • Advertisement
  • Options
    #22
    Parakeets
    Registered Users Posts: 204 ✭✭Parakeets


    Thank you LoLth for your detailed advice which is much appreciated and acknowledged. I got further correspondence with the original PC care company called OnlinePCcare which I thought I was dealing with in the first place. They were adamant that no one should access my PC other than themselves. I asked if they knew of YouronlinePCdoctor (YOLPCD)who said no at first but later said they existed. I forwarded all correspondence with YOLPCD and they contacted the parent company SWREG to try to get the subscription refunded giving details. I already tried to get the transaction cancelled with the credit card company without success.

    OnlinePCcare scanned my PC and gave it a clean bill of health. Unfortunately they required more software to be installed called Power Undelete costing another 250 Euro as part of the maintenance.

    Conclusion
    Do not allow your bank details transferred by phone.
    Do not be convinced or agree with scare tactics over the phone
    It appears to me that YOLPCD is a legitimate company but does not use legitimate tactics
    While I shouldn't have given bank details over phone YOLPCD was not entitled to ask for them either.
    Remote access to computers is a normal process but some means of verifying the bona fide of the company is required. Remote access will be the norm for solving PC problems.

    This situation is ongoing so I will update later. Thanks for the advice.


  • Options
    #23
    Jumpy
    Registered Users Posts: 7,606 ✭✭✭Jumpy


    Remote access is used within companies by members of their own support staff. It will not become the norm for the public.

    Power Undelete? Were you asking them to recover a deleted file? If not you have been sold a useless piece of software for normal use.

    Call your credit card company and tell them it was a scam. Escalate it if need be, but those guys are not legit.


  • Options
    #24
    LoLth
    Moderators, Technology & Internet Moderators Posts: 10,339 Mod ✭✭✭✭LoLth


    sorry to say this Parakeets but OnlinePCcare are exactly the same type of company as youronlinepcdoctor.

    a google search will show you a lot of results of people warning about this scam (they claim to be from Dell, or microsoft etc) - the same as youronlinePCdoctor.

    the Power undelete software is for recovering deleted files. It may have been necesary to recover something deleted but ther eis no way you should have been charged for a license for a commercial product, the company doing the work should have used their own licensed copy of the software - especially as it is something you are never likely to use again.

    To support my opinion that they are a scam company, I should point out that from the power undelete software's homepage here: http://www.power-undelete.com/ full license for this software costs 69 US dollars, there is no way you should have been charged 250 even with techie time taken into account.

    I'm afraid I suspect that these two companies are bouncing customers off one another to increase their profits.

    The only advice I can give you at this stage is to cut your losses. Do not deal with either of these companies again. Go and talk to a PC repair shop in your local area (I'm not from limerick so I am unfamiliar with companies there) and ask them for an approximate cost of regular maintenance on your PC - personally I'd ask them to recommend an anti-virus software and if they neglect to mention free options, then I'd be less likely to think that they have my best interest (and pocket) at heart. If there is a college near you, I'm sure some computer science student would be delighted with a little extra beer money for performing routine maintenance for you.

    Dell do in fact have an online helpdesk which you can find details of here:

    http://www1.euro.dell.com/content/topics/global.aspx/dps/pc_troubleshooting?c=ie&cid=IESDCPCTroub&cs=iedhs1&dgc=IR&l=en&s=dhs&~ck=mn

    However you have to ring them. they do not initiate contact with you. If necessary, and with your permission a verified dell technician may remote to your pc through a secure channel (their prices start at €29 and they have a no-fix no-fee policy - according to the website).


  • Options
    #25
    Parakeets
    Registered Users Posts: 204 ✭✭Parakeets


    Youronlinepcdoctor have offered me a refund for the work they have done and cover offered. They are the original cold call company that convinced me I needed cover. They offered me a refund but first to send another e-mail outlining the reasons for the refund and they will issue it then. Anyone familiar with this approach as any refund would surly be welcome, and the e-mail is ready to go?


  • Options
    #26
    Parakeets
    Registered Users Posts: 204 ✭✭Parakeets


    YouronlinePCdoctor paid the refund in full and immediately without quibble. However the anti-virus software AVG Ver: 10.0.1390 exp 08/07/2012 remains on my PC and is active. I previously had the free Microsoft Security Essentials as an anti-virus software and can have it re-installed again. The AVG has more features and am reluctant to delete it. Any experience on this?


  • Options
    #27
    Skrynesaver
    Registered Users Posts: 1,109 ✭✭✭Skrynesaver


    AVG is quite good, but a memory hog, try Avast instead.

    And seriously dude, get that machine scrubbed clean, back-up and threat scan your data, re-install your OS and software, return your data to the machine. A neighbour of mine got taken by these scammers and I found a backdoor and a keylogger on the box when I cleaned it.

    My wife was contacted by them recently and though I was in the room she just told them to sod off and stop disturbing people. I would have wasted hours of their time for the sport ;)


  • Options
    #28
    JEdgarHooverJr
    Closed Accounts Posts: 1 JEdgarHooverJr


    It is so funny, I had a conversation with them on the phone today. Somehow, they got my wifes cell phone number...her dumb ass gives them our home number. When the Indian guy told me he was from Windows and we had a problem with our computer...I played along and talked to him like he was Bill Gates. The best part is, a good friend of mine is an Indian from Guyana...he is a gangster & knows this scam...I gave my buddy the IP # and the phone #, of this guy that called me, he is "F'ed" LOL! I told him to call me tomorrow morning. I will post if that actually happens. Way too funny!


  • Options
    #29
    johnmcdnl
    Registered Users Posts: 3,739 ✭✭✭johnmcdnl


    JEdgarHooverJr wrote: »
    It is so funny, I had a conversation with them on the phone today. Somehow, they got my wifes cell phone number...her dumb ass gives them our home number. When the Indian guy told me he was from Windows and we had a problem with our computer...I played along and talked to him like he was Bill Gates. The best part is, a good friend of mine is an Indian from Guyana...he is a gangster & knows this scam...I gave my buddy the IP # and the phone #, of this guy that called me, he is "F'ed" LOL! I told him to call me tomorrow morning. I will post if that actually happens. Way too funny!

    how did you get the guy's IP if you were on the phone


  • Options
    #30
    obviousTroll
    Registered Users Posts: 60 ✭✭obviousTroll


    Just to let you know, I got two calls from seperate clients of mine today (I'm self employed in PC Repair). They both were contacted by "Apple". One of them got as far as downloading ammyy, which is legit, but he called be before the person got their login credentials.

    Seems like they are now "Apple" experts. :)


  • Advertisement
  • Options
    #31
    JohnK
    Registered Users Posts: 4,780 ✭✭✭JohnK


    I've had a few calls from them but today was the first time I actually spoke to a person, normally the line would just be quiet then after a few seconds I'd get an automated "goodbye". Didnt get to play around with them or anything though as I was a bit lacking in time however I did shout some abuse at them before hanging up and it was actually quite cathartic. Hopefully they'll ring back some other time and I'll get to see how long I can curse and swear at them before they cut me off :)


Advertisement