Monday, June 11, 2012

Beware of the 'Ammyy' Security Patch Phone Scam


There is a widespread scam on the rise in many English-speaking countries. It's been dubbed the "Ammyy Scam" by many due to a website that the scammers try to direct the victims to. The scam has been extremely successful and has duped many users into falling for it.
Here's the basics of the scam:
1. The victim usually receives a phone call from someone claiming to work as a security person for a large company such as Microsoft or Dell.
2. The caller claims that there is a new security vulnerability that they have detected that is very dangerous and affects "100% of the computers in the world" or something to that affect. They also state that they are alerting users as a courtesy and that they will offer to walk the victim through the installation of a tool that will prevent the problem from affecting their computer.
3. The scammer will then ask the victim to go to their computer and open up the event log viewer program and will ask them to read something back from it. No matter what the victim reads back to them, they will say that this information confirms that the new virus / vulnerability is present and that they must act immediately or the victim's data will be destroyed. They will also insist that no other virus scanner is able to detect the threat.
4. The caller will then direct the victim to a website which is often ammyy.com, but may have been changed to something else since the scam has gotten some media attention. They will ask the victim to install the Ammy.exe file (or something similar) and ask for a code that the software generates. This code will allow them to remotely access the victim's computer. The Ammyy tool itself may be a legitimate tool for providing remote access to a computer for support purposes, but in the hands of these guys it merely provides a backdoor into your system so they can take it over and install other malicious software and/or steal valuable personal data from your computer.
5. After they scammers have confirmed that they can connect to the victim's computer (and take control of it so they can install their malware) they will claim that the problem is fixed.
Some of the scammers may be even so bold as to sell victims a fake antivirus product (Scareware), that will further infect their computers. Yes, that's right, they ask the unsuspecting victim who just allowed them to infect their computer to shell out cash to further infect their computer. These people have no shame. Some victims opt to purchase the fake antivirus software out of fear, and now the scammers have their credit card information as well as access to their computers.
So what do you do if you have already fallen for this scam?
1. Immediately isolate your computer and disinfect it with anti-malware software installed from a trusted source.
Pull the Ethernet cable out of the computer's network port and shutdown the wireless connection. This will prevent further damage to your computer and ensure that the scammer can't reconnect to the PC. Additionally you should follow the steps in my I've Been Hacked, Now What? article.
2. Contact your credit card companies and report it.
Letting your credit card companies know what happened will allow them to issue a fraud alert for your account so they can be aware that fraudulent charges may be pending on your account(s)
Remember that the Ammyy tool itself is just a gateway for the bad guys to get into your system. They could have victims install any number of other legitimate remote administration tools that would still allow them to accomplish their goal.
The key to avoiding scams like these is to remember some basic scam fighting guidelines:
1. Microsoft and other major companies are likely not going to call you to help you fix a problem in this manner.
2. Caller IDs can be easily spoofed with Voice Over IP software. Many scammers use phony caller ID information to help build their credibility. Google their phone number and look for other reports of scam reports coming from the same number.
3. If you want to fight back, the best way is to report the scam to the Internet Crime Complaint Center (IC3).


Andy O'Donnell

Internet / Network Security Guide

Friday, June 1, 2012

What Computer Should I Buy?


A Questionnaire to Help Determine the Right Computer
This is the most common question that people have when they visit our website "What Computer Should I Buy?". In order to better answer this question, this questionnaire has been put together. Through questions about budget, computer applications and usage, it will try to determine the best computer to match your needs.
What to Expect
The questionnaire will range between 10 and 13 questions in length. Each question is presented as a single web page with either single or multiple answers. Single answer questions will automatically load the next question. Multiple choice questions will require the selection of all relevant answers followed by the "Next" button to move to the next question. Some questions may also contain some additional text between the question and answers to clarify what is being asked.
Once all of the questions are answered, a results page entitled "Your Chosen System" will be displayed. On this page will be two sections. The first section will name the category of computer that best suits your usage and budget. Following this will be a link to a selection of the best computers that match this category of computer. For most people, this is all they will need.
The second section will present a set of recommended specifications presented in a table. This will break down the specifications by category and recommended items to look for. Some of the entries in the table will have links to more detailed information or selections about the given specification.
All links presented on the results page are designed to open the relevant page in a new window so it is not necessary to constantly move back and forth between your results and additional information.
Disclaimer
While a lot of effort was put into this questionnaire, there will be some instances where the results may not be what you expect. In most cases, this will be due to the differences in the budget and the intended use of the computer. Many of the most advanced computing tasks such as gaming or desktop video will require more expensive equipment not found in the budget systems or even some of the more mainstream computers. Thus, a computer listed in the best selection for the category may not have all the features listed in the recommended specifications.
Requirements
In order to go through this questionnaire, you will need to be running a browser that has JavaScript turned on. If this function is turned off, the first question will be displayed, but you will be unable to answer the question or continue on to the other questions.