Remote Access Tool Scams

Remote Access Tool Scams

These types of scams involve criminals exploiting remote access software to connect to a victim’s computer over the internet.

Remote Access scams will often begin with a browser pop-up saying that your computer is infected with a virus, or maybe a call from someone claiming to be from your bank saying that they need to connect to your computer in order to cancel a fraudulent transaction on your account. Regardless of the narrative the fraudster’s use, their goal is to steal your money or access your financial information by tricking you into allowing them to remotely connect to your computer.

In 2021, Action Fraud received over 20,000 reports of people falling victim to Remote Access scams with losses totalling over £57m. To help protect yourself from falling victim to this type of fraud, always remember:

  • A tech company, telecommunications provider, bank or service provider will never contact you out of the blue requesting remote access to your device.
  • Only install software or grant remote access to your computer if you’re asked by someone you know and trust, such as a friend or family member, and never as a result of an unsolicited call, browser pop up, or text message.
  • Your bank will not ask you to reply to an e-mail with personal information, or details about your account. If you contact them, use a phone number/email address that you know to be true, rather than one sent to you in an email – it may be false.
  • It is okay to reject, refuse or ignore requested. Only criminals will try to rush or panic you.

If you think you may have been a victim of a remote access scam:

  • Protect your money by contacting your bank immediately on a different device from the one the scammer contacted you on.
  • If you believe your laptop, PC, tablet or phone has been infected with a virus or some other type of malware, follow the NCSC’s guidance on recovering an infected device.
  • Report it to Action Fraud on 0300 123 2040 or via actionfraud.police.uk. If you are in Scotland, please report to Police Scotland directly by calling 101.

Source: Remote Access Tool Scams

Remote Access Scams

Remote Access Scams

The Call that Could Wipe Out Your Life Savings

Four in 10 people have never heard of tech being misused by scammers to gain access to devices and hack into bank accounts.

Scammers posing as IT departments, telecoms providers and banks are tricking victims into relinquishing control of their devices to hack into their accounts and steal sensitive data.

One of the worst cases we came across resulted in a Which? member losing £80,000 after a ‘BT engineer’ phoned about service problems in the area. Her bank eventually agreed to refund the money but other victims of remote access fraud have been told their banks will not cover losses if they give access to their devices.

Impersonation fraud shot up by 84% in the first half of 2020, with almost 15,000 reports and £58m lost, according to UK Finance. At a more granular level, Action Fraud says that it has received14,893 ‘computer software service fraud’ reports between October 2019 and September 2020, with reported losses reaching around £16.5 million over that period.

Yet the use of remote access software is not very well known – our survey of the general public in September 2020 found that four in 10 people have never heard of it, even though we had explained how these tools are misused by scammers to gain access to devices.

What is remote access software?

Remote access software enables you to use one device to access another from any location by downloading a smartphone app or installing a program on your computer. A simple passcode will then connect the two devices.

Although many legitimate businesses use this technology, including the Which? Tech Support team, criminals also use it for nefarious purposes.

Typically, you get a phone call from someone claiming to be from a known company (commonly impersonated firms include Amazon, BT and Microsoft), in which they try to convince you to grant them access to your device, claiming they will fix a spurious problem.

Action Fraud recently reported that an Amazon Prime scam involving remote access software has cost victims over £400,000 in two months.

Other scammers are sneakier still, directing you to websites where clicking on the various brand names downloads the software, although they would still need you to enter a code to connect to your device.

Once they have access, they may put up a fake screen and work in the background to download other software or steal passwords and other personal data.

Based on reports to Which?, TeamViewer is the brand of remote access software reported as being misused by scammers most often, although others include AnyDesk, LogMeIn and GoToAssist.

Source: Remote access scams: the call that could wipe out your life savings

Half Year Fraud Update

Half Year Fraud Update

UK Finance – Half Year Fraud Update 2022

“Fraudsters also abuse remote access software applications to gain control of their victim’s
online banking facilities. The criminals will typically claim to be providing support from an IT service or
internet service provider and convince the customer to download and install remote access applications to their laptop or PC.

Losses from internet banking fell by 43 per cent to £61.2 million in the first six months of 2022, compared to the all time high reported in H1 2021 of £108 million. The number of cases also decreased by 50 per cent, to 21,487. Again, these significant decreases reflect that this type of fraud would have been at its most prevalent during lock-down when many people would have been working from home, spending longer online, and doing more internet shopping which provided criminals with greater opportunities to trick people into revealing their security information. These opportunities have therefore reduced as restrictions are eased and ways of living return to normal.

£7.7 million (13 per cent) of these losses across internet banking fraud were recovered after the incident”

UK Finance

Source: Half Year Fraud Update 2022

Remote Access for A Scammer

Remote Access for A Scammer

Using persuasion instead of viruses: How scammers talk people into granting remote access to their computers.

Paradoxical as it may sound, a polite request is one of the simplest ways to get access to your computer. Intruders will use all sorts of pretexts — from technical troubleshooting to (ironically) cybercrime investigation. Learn what tricks they may use and why they are never to be trusted.

Fake tech support

One day you receive a phone call from someone addressing you by name and introducing themselves as a tech support specialist of a large software company. It turns out, they say, your computer has serious problems which must be dealt with urgently. For that purpose, you are to install a special utility program and give the caller remote access to your system. What could go wrong?

Well, in the best-case scenario, such “support” will perform some facsimile of troubleshooting activity and then charge you a fortune, like some shrewd folks from India did a while ago. Once remote access was established, they would install a useless piece of software on the target computer and demand to be paid for their “troubleshooting” work.

The clients of the British provider BT were not as lucky: Criminals were stealing their financial data and trying to withdraw money from their accounts. Curiously, in many cases scammers were targeting users who had really been plagued by connection problems and had previously contacted their provider for help. Sometimes the “tech support” would, for better leverage, wield their victims’ names, addresses, phone numbers and other private info.

Often enough, scammers do not call you but urge you to call them. For example, they may claim you need to renew a subscription for some of your software and then call support to help you install an update. And that’s to say nothing of the fake websites you may come across by mistake while looking for a solution to a real problem.

It’s the police, open remote access

Some scammers go even further and impersonate police officers in need of help to hunt down cybercriminals. They will claim your computer was used to send scam messages, and request access to your computer and online banking — allegedly to trap scammers. If you question their actions, they will threaten you with the consequences of disrupting the investigation.

But if you yield to pressure and allow scammers into your computer and online banking, they will effectively purge your bank account. They will play their part to the last, too, telling you over and over that the money transfer is what they need to catch the criminals.

We are from the FTC (not)

Threats aren’t the only trick scammers use — some of them trap victims with promises of easy money. Last year, the US Federal Trade Commission was a popular guise, with fake employees promising to refund any money victims spent on … fake troubleshooting services provided by a certain Advanced Tech Support company. No prize for guessing what they had to do to get paid. That’s right — just grant them remote access to your computer.

Now, the stolen money refund program did exist, but real FTC employees never called anybody. And they never demanded access to users’ devices. All they did was send written instructions to users’ e-mail addresses on how to apply for compensation.

The Federal Trade Commission did not disclose what exactly the scammers were doing when they gained access to target computers. Its employees limited themselves to a general comment about what the scammers could potentially do: trick users into useless purchases, steal personal data, or install malware on the devices.

Source: Remote access — for a scammer

Fraudsters Steal £58m Via Remote Access Tools

Fraudsters Steal £58m Via Remote Access Tools

Fraudsters Steal £58m Via Remote Access Tools

Scammers who tricked victims into handing them control of their PCs managed to steal nearly £58m last year, according to official UK police figures.

Some 20,144 individuals fell victim to such “remote access tool” (RAT) scams in 2021, according to Action Fraud, the country’s national reporting centre for fraud and cybercrime.

Losing on average around £2800 per incident on average, the total losses amounted to £57.8m last year.

These attacks often start with victims being bombarded with pop-ups on their screens, claiming that there’s a problem with the computer. That might, in turn, request users call a ‘hotline’ number that’s actually run by fraudsters, who will persuade the victim to download a remote access tool.

This is akin to a classic “tech support” scam. However, other variations may include scammers cold-calling victims pretending to work for their bank and claiming they need to access the computer to cancel a fraudulent transaction.

In either scenario, access to the victim’s PC or mobile device may enable the scammers to access banking details or download information-stealing malware with the same end goal.

One victim lost over £20,000 after a scammer posing as a Sky employee persuaded them to download a RAT to fix a non-existent problem with their TV. This enabled them to access their bank account.

Another lost £1000 after a fraudster pretending to work for Amazon tricked them into downloading a RAT to help them process a payment for an Amazon Prime membership.

“While remote access tools are safe when used legitimately, we want the public to be aware that they can be misused by criminals to perpetrate fraud. We often see criminals posing as legitimate businesses in order to trick people into handing over control of their computer or smartphone,”

“You should only install software or grant remote access to your computer if you’re asked by someone you know and trust, such as a friend or family member, and never as a result of an unsolicited call, browser pop-up or text message.”

warned detective chief inspector Craig Mullish from the City of London Police.

Source: Fraudsters Steal £58m in 2021 Via Remote Access Tools

Computer Service Software Fraud

Computer Service Software Fraud

Computer Service Software Fraud

Victims of computer service software fraud typically receive a call from a well-known broadband provider, who claims there is an issue with their service which they are going to resolve.
The caller talks you through the supposed problem and asks you to log on to your computer or mobile and connect via a Remote Access Tool, which means they can then access your device. Some reports also state that fraudsters have been using browser pop up windows to make contact with victims.
You’re then either persuaded to log into their online banking to make a payment for the service you’ve supposedly received, or you’re told you need to log in so you can receive a refund from the broadband provider as a form of compensation. This enables the scammer to then transfer money from your account.

Source: Latest scams to watch out for in 2023