AMMYY Archives

Home » AMMYY

Got tech support scammed? Worry about your credit card, not your computer

Dave Farquhar scams, security November 12, 2014August 5, 2017AMMYY, classmate

A college classmate contacted me a week or two ago. A relative of hers got scammed, and she wanted to know what to do.

“Get the charges reversed on the credit card,” was my simple response.

“What about cleaning up the computer?” she asked.

That’s the easy part. Read more

Dave Farquhar

David Farquhar is a computer security professional, entrepreneur, and author. He has written professionally about computers since 1991, so he was writing about retro computers when they were still new. He has been working in IT professionally since 1994 and has specialized in vulnerability management since 2013. He holds Security+ and CISSP certifications. Today he blogs five times a week, mostly about retro computers and retro gaming covering the time period from 1975 to 2000.

dfarq.homeip.net

A security professional fights back against tech support scammers

Dave Farquhar scams September 14, 2014November 3, 2025AMMYY, cissp, command prompt, Computer Maintenance Department, India, isc, Windows Technical Support

I guess Matt Weeks is as sick as I am of tech support scammers, because he developed a way to fight back, in the form of a Metasploit module that exploits a software defect in the AMMYY remote access tool that these scammers sometimes use. Metasploit is a tool that penetration testers use to demonstrate–with permission–how hackable a computer network is. In this case, the would-be victim is penetration testing someone without permission. Run the module when the scammer connects to the would-be victim, and he or she gets a command prompt on the criminal’s PC. At that point, the would-be victim can break their computer, perhaps by deleting critical files, corrupting the Windows registry, or something else. Anything you can do from a command prompt would be possible at that point.

I’m anything but heartbroken that this threat exists, although I’m not going to do this myself. Let me explain. Read more

Dave Farquhar

dfarq.homeip.net

This “Computer Maintenance Department” sure doesn’t know much about computer maintenance

Dave Farquhar scams, security May 22, 2013June 7, 20141990s, AMMYY, antivirus, avast, business relationship, caller id, cissp, Computer Maintenance Department, computer security, FBI, Microsoft Security Essentials, Missouri, power button, troubleshooting

“Peggy” from “Computer Maintenance Department” (1-645-781-2458 on my caller ID) called again. Lots of people are aware of these phone calls. They call, make vague claims about receiving a report that your computer is running slow and giving you errors, and are very careful not to say who they are or who they work for. Usually I just do whatever I can to get them off the phone.

But after having lunch with some other computer security professionals last week, a couple of them talked me into finding out how these guys operate. So I fired up a PC that turned out to have a real, legitimate issue. After resolving that issue myself, I turned the caller loose on my semi-functional PC so I could see what these scammers actually do. He had me connect to Teamviewer.com and run their remote access software. I followed his instructions, watched him connect, then slyly unplugged my network cable.

When my network connection dropped, “Peggy” quickly transferred me to a “senior technician” who used the name “Roy.” Read more

Dave Farquhar

dfarq.homeip.net