Remote access fraud

   read  

  Decrease Text Size Increase Text Size

Authentication fraud can occur when fraudsters take advantage of legitimate owners who conduct a digital financial activity, such as through a mobile phone app, mobile browser or PC internet browser, to:
  • Open a bank account or credit card through mobile or online banking.
  • Enroll a bank account or credit card with a third-party payment provider or proprietary merchant contactless mobile or digital wallet.
  • Enroll in a person-to-person (P2P) payment service or initiate a P2P funds transfer.
  • Initiate a payment transaction from a digital wallet.
In a remote access scam, the fraudster contacts the victim, often by phone, malicious web site, or a pop-up ad, and claims to be an employee of a legitimate company such as a computer software or security company, a cable/internet company, or a large online retailer, like Amazon. The fraudster asks the victim to initiate remote access or download an app to his/her computer, phone, or tablet in order to help resolve a fake technical or billing issue.

With control of the victim’s device, the fraudster can access files containing financial accounts, passwords, or personal data, or install viruses or malware that could also compromise sensitive information.  Many victims of online bank account takeovers report they had recently allowed someone to log into their computer, phone, or tablet through remote access. When a fraudster takes over someone’s online bank account, it can lead to the theft of the victim’s money through various means, including wire fraud, peer-to-peer (P2P) payment fraud, and ACH fraud

Once the phony tech support company or representative makes verbal contact with the victim, the subject tries to convince the victim to provide remote access to their device. Once the subject has control, additional criminal activity occurs. For example: The subject takes control of the victim’s device and/or bank account, and will not release control until the victim pays a ransom.
  • The subject accesses computer files containing financial accounts, passwords, or personal data (health records, social security numbers, etc.).
  • The subject intentionally installs viruses on the device.
  • The subject threatens to destroy the victim’s computer or continues to call in a harassing manner.

Once they’ve gained your trust, they may:

  • ask you to give them remote access to your computer and then make changes to your settings that could leave your computer vulnerable
  • try to enroll you in a worthless computer maintenance or warranty program
  • ask for credit card information so they can bill you for phony services — or services you could get elsewhere for free
  • trick you into installing malware that could steal sensitive data, like user names and passwords
  • direct you to websites and ask you to enter your credit card number and other personal information
If you get a call from someone who poses as tech support or a representative from a legitimate company, hang up and call the company yourself on a phone number you know to be genuine. A caller who creates a sense of urgency or uses high-pressure tactics is probably a scam artist.

Tips to avoid remote access fraud:

  • Do not give anyone access to your computer, phone, or tablet — nor to your personal or financial information — unless you initiated the contact and know that contact is legitimate.
  • Examine pop-ups and emails closely for signs that might indicate fraud, such as spelling and grammar mistakes.
  • Do not rely on caller ID alone to authenticate a caller. Criminals spoof caller ID numbers. They may appear to be calling from a legitimate company or a local number, when they’re not even in the same country as you.
  • If you think there may be a problem with your computer, phone, or tablet that you aren’t able to resolve on your own, consult with someone you trust or take the device to a business that offers in-person technical support.  Online search results might not be the best way to find technical support or get a company’s contact information. Scammers sometimes place online ads to convince you to call them. They pay to boost their ranking in search results so their websites and phone numbers appear above those of legitimate companies. If you want tech support, look for a company’s contact information on their software package or on your receipt.
  • Never provide your credit card or financial information to someone who calls and claims to be from tech support.
  • If a caller pressures you to buy a computer security product or says there is a subscription fee associated with the call, hang up. If you’re concerned about your computer, call your security software company directly and ask for help.
  • Never give your password on the phone. No legitimate organization calls you and asks for your password.
  • Put your phone number on the National Do Not Call Registry, and then report illegal sales calls.

If you've responded to a scam

If you think you might have downloaded malware from a scam site or allowed a cyber criminal to access your computer, don't panic. Instead:
  • Disconnect from the internet and restart your computer in "safe mode".
  • Get rid of malware. Update or download legitimate security software and scan your computer. Delete anything it identifies as a problem. 
  • Change any passwords that you gave out. If you use these passwords for other accounts, change those accounts, too.
  • If you paid for bogus services with a credit card, call your credit card provider and ask to reverse the charges. Check your statements for any other charges you didn't make, and ask to reverse those, too.
  • If you believe that someone may have accessed your personal or financial information, click here for more reporting and victim assistance resources.











eFraud Prevention™, LLC