Remote Access Scams Open The Door To Thieves

More than £50m was lost last year to scams where victims are tricked into handing over control of their computer, or smartphone, to criminals. 

New data from Action Fraud reveals that 20,144 people fell victim to scams where they were persuaded to give criminals remote access to their device. 

Victims reported losing a total of £57.7 million, which is an average loss of £2,868 per victim.

Remote access tool scams will often begin with a browser pop-up saying that your computer is infected with a virus, or with a call from someone claiming to be from your bank saying that they need to connect to your computer in order to cancel a fraudulent transaction on your account.

Criminals will try to persuade the victim to download and connect via a remote access tool, which allows the criminal to gain access to the victims computer or mobile phone. If the victim allows the criminal connection via the tool, they are able to steal money and access the victims banking information.

Detective Chief Inspector Craig Mullish, from the City of London Police, commented. "While remote access tools are safe when used legitimately, we want the public to be aware that they can be misused by criminals to perpetrate fraud. We often see criminals posing as legitimate businesses in order to trick people into handing over control of their computer or smartphone...  You should only install software or grant remote access to your computer if you’re asked by someone you know and trust, such as a friend or family member, and never as a result of an unsolicited call, browser pop-up or text message.”

In one case, a victim lost over £20,000 after they received a call from someone claiming to be from Sky stating that there was a problem with their Sky box.

The suspect persuaded the victim to download a remote access tool to their device which enabled the suspect to access the victim’s online banking and make a number of transfers to an account under the suspect’s control. Another victim lost over £1,000 after they received a call from someone claiming to be from Amazon stating that they were processing a payment for an Amazon Prime membership.

The victim told the suspect that they hadn’t subscribed to Amazon Prime but clicked on a link provided by the suspect to cancel the membership. The link downloaded a remote access tool to their device which enabled the suspect to access the victim’s online banking and empty their account.

The warning comes as Action Fraud launched a new national awareness campaign this week to increase awareness around the safe use of remote access tools and to remind the public to think twice before allowing somebody you don’t know access to your device.

How You Protect Yourself

  • Only install software or grant remote access to your computer if you’re asked by someone you know and trust, such as a friend or family member, and never as a result of an unsolicited call, browser pop up, or text message.
  • Remember, a bank or service provider will never contact you out of the blue requesting remote access to your device.
  • If you believe your laptop, PC, tablet or phone has been infected with a virus or some other type of malware, follow the NCSC’s guidance about recovering an infected device.
  • Protect your money by contacting your bank immediately on a different device from the one the scammer contacted you on.
  • Report it to Action Fraud on 0300 123 2040 or via police.uk. If you are in Scotland, please report to Police Scotland directly by calling 101.

Action Fraud also advises that the public follow the advice of the Take Five to Stop Fraud campaign to keep themselves safe from fraud.

  • Stop:Taking a moment to stop and think before parting with your money or information could keep you safe.
  • Challenge: Could it be fake? It’s okay to reject, refuse or ignore any requests. Only criminals will try to rush or panic you.
  • Protect:If you think you’ve been a victim of fraud, contact your bank immediately and report it to Action Fraud online at police.uk or by calling 0300 123 2040.

Action Fraud:        NCSC

You Might Also Read: 

Online Fraud Is A British Security Nightmare:

 

« Algorithms, Lies & Social Media
EU Officials Targeted with Pegasus Spyware »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT GRC Forum

IT GRC Forum

The IT GRC Forum is an online resource and networking platform for the Governance, Risk Management, and Compliance (GRC) community

A10 Networks

A10 Networks

A10 Networks is a leader in application networking, helping organizations of all sizes to accelerate, optimize and secure their applications.

Deep Identity

Deep Identity

Deep Identity is a boutique system integrator, with expertise in tailored identity governance & administration (IGA) and identity access management (IAM) solutions.

Secure Technology Alliance

Secure Technology Alliance

Secure Technology Alliance is a multi-industry association working to stimulate the adoption and widespread application of secure solutions.

LRQA

LRQA

LRQA is an award-winning global provider of cybersecurity services, bringing innovative thought leadership to the ever-evolving cybersecurity marketplace.

PrimeKey

PrimeKey

PrimeKey provides organisations with the ability to implement security solutions such as e-ID, e-Passports, authentication, digital signatures, unified digital identities and validation.

Cyber London (CyLon)

Cyber London (CyLon)

CyLon is a leading cyber security accelerator and seed investment programme. We help entrepreneurs from across the globe to build cyber security businesses, raise investment, and develop partnerships.

Cognni

Cognni

Cognni (formerly Shieldox) will make your InfoSec think like a human, right out of the box, so you can focus on the bigger picture, keeping the information flow safe.

Assac Networks

Assac Networks

Assac Networks ShieldIT is an app that completely protects any BYOD smartphone from both tapping and hacking.

Ten Eleven Ventures

Ten Eleven Ventures

Ten Eleven is a specialized venture capital firm exclusively dedicated to helping cybersecurity companies thrive.

CornerStone

CornerStone

CornerStone is an award winning, independent risk, cyber and security consulting firm providing a range of Risk Management, Security Design and Implementation Management Services.

Wadilona Cyber Securities

Wadilona Cyber Securities

Wadilona Cyber Securities' sole aim is to bring and secure Information and Communications Technology (ICT) to and work for humans in its simplest terms.

Q-Bird

Q-Bird

Q*Bird's mission is to provide equipment for the current, and future European quantum internet.

Quotient

Quotient

Quotient builds digital experiences that empower and inspire the American people by understanding their needs, simplifying complex technical solutions and adapting to how they work, live and learn.

Adsigo

Adsigo

Adsigo AG is your reliable and professional partner for all topics concerning PCI certification, compliance and information security.

SureStack

SureStack

SureStack is an AI-native cybersecurity platform that provides organizations with continuous validation, optimization, and real-time security of their cybersecurity stacks.