The Ammyy Scam

In the “Have you been spoofed?” article in this edition of the InsideLine, we write about the issue of Caller ID spoofing.  The article explains that fooling people into thinking that legitimate businesses are calling is an effective tool for a scammer. One such scam is known as the Ammyy scam, and it has reportedly swindled people out of millions of dollars around the world.  Here’s how it works:

The scammers call potential victims and claim to be support personnel from a company like Dell or Microsoft.  They explain that there is a new security issue that is affecting computers worldwide and that they are calling their customers as a courtesy.  The scammers will tell the victim that they can “walk them through” the process of cleaning and securing their computer.  They will ask the victim to download some software in order to fix the problem.  Many victims have been directed to the website for the software, hence the name, Ammyy Scam.

During the fake “help” session the scammer will ask their victim read to from their computer’s event log. It won’t matter what is read back to the scammer as they will say that it confirms that the victim’s computer is vulnerable, and that they must act immediately.  Once a victim has downloaded and installed some free software, such as the Ammyy.exe file, the scammer will now have remote access to the victim’s computer. (By the way, the Ammyy software is a legitimate piece of software used for remote access.)  Once the scammer can successfully connect to a victim’s computer, they will tell the victim that their computer is fixed and generally end the call.  However, some scammers will try to up-sell the unsuspecting victims with the latest in anti-virus software, which is supposed to protect their computer from future attacks.  All the victim needs to do is provide a credit card number and they can download more software.  Even if the victim does not bite on the purchase of the “updated” anti-virus software, the scammer knows that they now have a doorway into the victim’s computer and they can go about their goal, which is to steal valuable personal information.

To report an incident to the Internet Crime Complaint Center (IC3) go to: