Tech Cafe: Two For One Special


Two for the price of one today: today’s caffeine-enriched chat, and one we missed from a few weeks back about Parenting, that a few people have asked for.

Today, we had a more-rambling-than-usual conversation about what it takes to ‘get it out there’; publishing words, pictures and music online. Both Rod and I are bloggers from waaay back, but there are plenty of other new avenues to make yourself heard above the background noise of the internet. Please enjoy:

A few weeks ago, we also discussed ‘Parenting‘ (which we later followed up with ‘Family‘), and how technology has made it bother harder and easier to be a parent.

Special note: next week show is discussing ‘Rules for Technology’; and we’ve already started discussing what some good rules might be: feel free to join in!

Let’s Talk About Tech

Facebook logo
Image via Wikipedia

I enjoyed catching up with Rod in a cafe earlier this week to have a chat about technology and The Facebook. I suspect there were listening devices in this particular cafe, because it appears the entire conversation has been recorded and posted online. I knew I should have checked my privacy settings.

It seems I enjoy the prospect of JD‘s morning coffee more than my privacy, so there’ll be more conversations each Wednesday morning at Sonshine fm – I’m a sucker for a cuppa. You can join by SMS or Phone or Facebook or any of a number of other avenues we’ll be discussing in coming weeks.

The INF-Ammyy Scam – Recovering from a Gotcha

Mary writes (in relation to this article):

Sorry to trouble you like this BUT I fell for the ammyy scam! July 11 6PM. Unlike you, I am computer illiterate, so they accessed my computer remotely (I think they got my computer “ID number” or something). But did not give them credit card number, at least :-) To cut short long, inane story: Am I liable to be under CONSTANT SURVEILLANCE by ammyy?? Is my past e-mail correspondence also compromised? Most grateful for your advice! I have filed a complaint with ICC center (Internet Crime Complaints). Also contacted bank & credit card companies. So far (2 days) no mishaps! But what about the FUTURE? Many thanks! P.S. I listened to your audio clips — scammer sounded exactly like my caller…

Don’t feel too bad – the scam is designed to be confusing and scary for you. It’s good that they didn’t get direct access to your banking details. However, it is difficult to know how much access they still have to your computer, or what they intend to do with the access they have gained. Does anyone have any insights as to what actual damage has been done by these people in the past?

Let’s be sure the main access route is closed. Remove the Ammyy Admin software to ‘change the locks’ and make sure the access you originally provided (the ID Number) doesn’t work any more.

  1. Press the Windows key and type ‘Control Panel’ (enter), then click on ‘uninstall a program’
  2. You should see ‘Ammyy’ or ‘Ammyy Admin’ in the list somewhere: click on the name and then click ‘Uninstall/Change’
  3. Follow the instructions from there, and reboot your computer.

That should shut down the access they gained to your computer during your call. Unfortunately, it is possible that since gaining access to your computer they may have already installed other, invisible methods of gaining access. (That would be the first thing I would do, if I were not so nice)

It’s difficult to know if your email records have been accessed, and if your passwords have been compromised. It may be a good time to change your passwords, including the password you use to access your computer, just to be on the safe side. Even if someone doesn’t have access to your computer, it’s a good habit to get into every six months or so.

Spyware and Malware detection programs should help you figure out if other people still have access to your computer using invisible software. Microsoft’s built-in solution ‘Security Essentials‘ should already be installed, and will hopefully flag any untoward software and behaviour, but just in case, I would perform a full spyware scan of your computer to make sure:

  1. If Security Essentials is installed and running, you should see a green ‘House’ on the bottom right of your screen (you may need to click the ‘up’ arrow) – double click on it. (If not, install Security Essentials quickly via the link above!)
  2. Select the scan option ‘Full’ and click the ‘Scan Now’ button.
  3. Wait until it completes, and follow any instructions.

If the scan completes without an issue, you may be in the clear, but keep monitoring your computer (and accounts) for unusual behaviour.

I hope this helps! If you have any other advice for Mary (or corrections), please comment!

UPDATE: August 2 – It looks like the scammers are pretending to be from Telstra now:

UPDATE: September 8 – It also seems the latest Microsoft Security Essentials malware definitions are treating the AMMYY Admin software as hostile and removing it. Guess that points to the AMMYY organisation being part of the problem, not an innocent party. Suggest avoiding at all costs. Microsoft has a good article about what they do and don’t do over the phone, and some advice about what to do if you’ve been scammed.

Responding To New Tricks in the Notorious INF-Ammyy Phishing Scam

Event Viewer
Image via Wikipedia

Long story short – if you receive phone calls from people you don’t know, claiming to know your computer is broken and needs fixing, finish the call quickly. It’s a ‘phishing‘ scam.

Alternatively, if you have a few minutes spare, record yourself wasting their valuable time, as I did earlier today.

Having received a few phone calls from ‘the Windows Service Center’ recently, and after asking them politely not to call with their crazy story a few times before, I decided to see if I could be removed from their list by deliberately wasting their time. It took 20 minutes to find out their latest tricks, and have them hang up on me for a change.

These calls are full of technical nonsense-speak, and designed to allow the trickster to gain control of your computer for, at best, an excuse to bill you for unneeded service charges, and at worst, access to private information like banking details or enlisting your computer in a botnet.

In today’s call, I followed a few of their more harmless instructions. I was expecting this to be a version of the ‘Event Viewer Scam’ which is well-known online. This one is a little different – I’m calling it an ‘INF-Ammyy’ version because of the specific techniques they used. You can replay the full call below.

This version follows the usual structure of the scam:

  • The caller attempts to convince you that your computer is suffering some sort of malady
  • The caller walks you through unfamiliar parts of your computer system and observes that what you are seeing “with your own eyes” is indeed as terrible as they predicted, if not worse!
  • The caller asks you to run software on your system to allow a technician to connect and fix the files
  • In some cases, credit card is information is sought to allow a service charge to be billed

The new aspects of this scam:

  • The caller shows you around the contents of the ‘inf’ folder. Not as interesting as the event viewer, but there are still a lot of scary looking files in there – if you didn’t know that this is a standard Windows folder.
  • The caller attempts to connect you to the ‘’ remote access service. I don’t know if this site is connected to the scammer organisation; it’s probably not. (earlier versions of the scam used the ‘’ domain.)
  • The caller now offers some contact details so you can verify who they are. Feel free to check yourself:
  • Phone Number – (03) 9016 8698
  • Physical Address – 76 Albert Road, South Yarra

More comments about the call inline.

I’m not normally this mean to telemarketers, who are usually genuine people offering a genuine service. In this case, I’m angry with callers who use simple technical tricks to try to fool people into handing over the keys to their computers. I’m offended they tried, and worried they’re succeeding with other less-computer-savvy people. I don’t think it’s likely that these people believe they are offering a real service that actually helps, otherwise they would do some basic technical training which would expose their script as a simple sham.

Anyway – in Part One, the caller walks me through my file system and attempts to connect to my computer. (Warning – I do install software on their say-so, but only with the system on high alert; I don’t recommend taking this risk unless you know the full impact of what you are doing.) Favourite part – where the technician attempts to show me ‘INF – Internet Notorious Files’.

in Part Two, the caller tries to establish more credibility. And fails.

Have you received any of these calls before? Interested in your comments; especially if there are other versions out there.

UPDATE: Jun 13

Followup time – as has been pointed out by a few folk – the contact details I was supplied are bogus: the physical address doesn’t exist (the only Albert Road is in South Melbourne, with a BP Service Station where 76 should be) and the phone number is answered by a foreign-accented person with no knowledge of the service that was touted yesterday. I hope they call back so I can note those details correctly next time.

App Idea: Podcast Bookmarking

Here’s a smartphone app idea that is either a recommendation request, or a million dollar idea that you can steal and later repay me with a free copy of said app. Here’s the idea:

The app should be a standard podcast player BUT with the ability to bookmark some points in the podcast where it has useful information you’d like to zip directly to, later.

You should be able to shake the phone or hit a button at any time during playback to set a bookmark, and then review a list of bookmarks in the podcast that you can click and visit at any time in the future.

Good idea? Already bindun? Please let me know in the comments.