Remote access scams
A remote access scam involves a scammer convincing the victim to hand over control of their computer or devices remotely by installing a malicious software or enabling the scammer to remotely log in to their device.
Scammers will typically contact their targets and claim to be an IT professional or a member of a fraud and security team who has identified a possible problem. They’ll then ask for access to the victim’s device to resolve the issue. Typically, this process will also involve the victim being asked to log into their bank account, make payments, or confirm security codes.
Once they have access to the device, scammers will regularly claim to have identified a problem which they can fix for a fee. The scam rarely ends here, however. Instead, scammers will use the opportunity to install software themselves that will enable further crimes.
This scam works on intimidating the user, often using technical words and phrases to confuse the victim and employing techniques to build urgency. The scams can be initiated via a cold call, mass-messaged emails to users or via pop-up ads suggesting you’ve got a virus and to call a 1800 number for help.
Three red flags
- Unsolicited contact: Remote access scams typically begin with an unsolicited call or SMS to notify you of a problem either with your device or your finances (for example, claiming there’s a problem processing a credit card payment).
- Caller becomes pushy or agitated: Although remote access scammers often sound professional at first, they can become annoyed or even angry if their instructions aren’t followed. If the person you’re dealing with becomes noticeably frustrated or forceful, they’re likely not a legitimate IT professional.3
- Making unusual requests: Scammers will often make unusual requests of their targets. These commonly include asking them to log into their bank accounts, make payments or disclose security codes.
Tips on how you can protect yourself from scams
- always keep your computer up to date with the latest software updates, antivirus software and a good firewall
- never disclose your personal information, financial account or online account details over the phone unless you made the call and got the number from a reliable source
- if a stranger asks for remote access to your computer, say no, even if they claim to be from a reputable business.
- never provide access to your device to someone contacting you out of the blue. Banks and financial services institutions will never ask for remote access to your devices.