The ammyy scam: the worst social engineering I’ve ever heard

Email Scam

For some stupid reason which I have no idea… I got 3 calls from a call centre while I was at home trying to work today.

It got to be a bit of joke by the second call because with the first call I got so peed off about what they were trying to tell me I just hung up after 30secs. When someone called again, claiming to be calling from Microsoft customer support, this time I playing along with this call just to waste there time and work out what they wanted me to do so i could warn other people not to follow the steps.

Caller: open Internet Explorer and type in ammyy.com.

Caller: click to download and install ammyy

Me: I can’t do that (lies of course)

Caller: Why not? click the link and choose install.

Anyway that went on and on for about 20mins, and so of course I hit Twitter with some funny bits I was hearing on the phone. By the time I finished… I was doing stuff like using the toilet and saying I was still in front of the windows XP machine (I would have thought the sound of me peeing would be a clear clue that I wasn’t really listening)

By the time it finished, Nic Ferrier suggested I should record them next time they call. So I did, but I didn’t catch the start of the conversation, so I started recording about 10-15mins in. Here’s the recording with a con-artist.

Recording-1 with a con-artist by cubicgarden

It is a scam (so popular its actually called the ammyy scam) as you can guess but weirdly it does actually catch people out… [1][2][3]

Hopefully the recording will help raise the profile of this scam and stop other people falling for this frankly terriable social engineering scam.

Author: Ianforrester

Senior firestarter at BBC R&D, emergent technology expert and serial social geek event organiser. Can be found at cubicgarden@mas.to, cubicgarden@twit.social and cubicgarden@blacktwitter.io