Someone claiming to be from Microsoft phones calls you at home and tells you that their logs are detecting an infection of your computer. To gain credibility, the phone scammer may give you easily discoverable information like your name, address, and phone number – things available to any random telemarketer or phone caller with a couple bucks to spend.
Once they have gained your attention, this bogus Microsoft ‘tech’ instructs you to open Event Viewer and tells you that any error reflected in that log is ‘evidence’ of a virus. The scammer directs you to ammyy.com and tells you to run the tool and give the ID it provides, after which you can now gain full remote access to your PC.
- Anyone can dial a number and say it’s someone else;
- The real Microsoft doesn’t call customers to report virus infections;
- Never run an unknown program or install a remote access tool for someone unless you are 100% sure of their identity and trustworthiness.
Ammyy.com advertises ammyy.exe as a remote access and file sharing tool. In malware terms, programs that do this without your permission are known as backdoors, password stealers, and data-stealing Trojans. While Ammyyy can serve a legitimate purpose when used between two *very* trustworthy parties, when Ammyyy is used by a scammer, it is nothing more than a thief’s tool.
Your best defense? Use the same trick you use with other unwanted people: hang up the phone.